[Resolvido!] Investigando lentidão

[ze adauto 0]

Olá Pessoal,

 

Já começo e sempre recomendo a ajuda que vcs prestam neste fórum. Novamente gostaría da ajuda de vcs, pois meu pc está lento.

Abaixo o log

 

Desde já agradeço

Adauto

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:09:Bilí, on 2/4/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe

C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Corel\Corel Graphics 12\Programs\CorUpd.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Hijack\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Arquivos de programas\PhotoposComTbr\PhotoposComTbrLib.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: Banco do Brasil S.A. - {FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB} - C:\ARQUIV~1\GBPLUG~1\gbiehdst.dll (file missing)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Arquivos de programas\PhotoposComTbr\PhotoposComTbrLib.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sGPUpdater] C:\Arquivos de programas\Search Guard PlusU\sgpUpdaters.exe

O4 - HKLM\..\Run: [FBSearch] C:\Arquivos de programas\Search Guard Plus\SearchGuardPlus.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Arquivos de programas\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t

O4 - HKCU\..\Run: [c:_arquivos de programas_c44] C:\Arquivos de programas\Corel\Corel Graphics 12\Programs\CorUpd.exe /Watch /r="Software\Corel\CorelDRAW\12.0"

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; FBSMTWB; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; http://bsalsa.com) ; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; http://bsalsa.com) ( Embedded Web Browser from: http://bsalsa.com/); .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://clickjogos.uol.com.br/Jogos-online/Esportes/3D-Penalty-Shootout/"

O4 - HKLM\..\Policies\Explorer\Run: [gbieh.b] "C:\Arquivos de programas\GbPluggin\gbppsv.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172356930812

O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: GbiehAbn - C:\ARQUIV~1\GBPLUG~1\gbiehdst.dll (file missing)

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

 

--

End of file - 8593 bytes

[DigRam 144]

Boa Tarde! ze adauto

 

<@> Baixe: < > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

 

 

<@> Segundo a imagem,mude a opção em "Output" para "Minimal Output".

<@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users".

<@> Marque as caixas:

 

<!> [] LOP check e [] Purity check

 

<@> Clique em: < > --> Aguarde!

<@> Poste:

 

<1> OTL.txt <--

<2> Extra.txt <--

 

Abraços!

[ze adauto 0]

Ok.

Procedi conforme solicitado.

Abaixo os novos logs.

 

 

 

 

OTL logfile created on: 4/4/2010 00:47:55 - Run 1

OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Amabile\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

511,00 Mb Total Physical Memory | 101,00 Mb Available Physical Memory | 20,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free

Paging file location(s): C:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 149,04 Gb Total Space | 129,59 Gb Free Space | 86,95% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: CASAAMABILE

Current User Name: Amabile

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\Amabile\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

PRC - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

PRC - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\hpzipm12.exe (HP)

PRC - C:\WINDOWS\system32\slserv.exe ( )

PRC - C:\Arquivos de programas\Corel\Corel Graphics 12\Programs\CorUpd.exe (Corel Corporation)

PRC - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\Amabile\Desktop\OTL.exe (OldTimer Tools)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (avast! Web Scanner) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (avast! Mail Scanner) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (avast! Antivirus) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (SeaPort) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\hpzipm12.exe (HP)

SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )

SRV - (MDM) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)

DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)

DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)

DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)

DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)

DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (RecAgent) -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys ( )

DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )

DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )

DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )

DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )

DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )

DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys ( )

DRV - (nvcap) nVidia WDM Video Capture (universal) -- C:\WINDOWS\system32\drivers\NVCAP.SYS (NVIDIA Corporation)

DRV - (NVXBAR) -- C:\WINDOWS\system32\drivers\NVXBAR.SYS (NVIDIA Corporation)

DRV - (viasraid) -- C:\WINDOWS\system32\drivers\viasraid.sys (VIA Technologies inc,.ltd)

DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)

DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-448539723-790525478-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKU\S-1-5-21-448539723-790525478-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

IE - HKU\S-1-5-21-448539723-790525478-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

O1 HOSTS File: ([2001/10/28 12:06:36 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (PhotoPos Toolbar) - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Arquivos de programas\PhotoposComTbr\PhotoposComTbrLib.dll ()

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O2 - BHO: (GbiehObj Class) - {FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB} - C:\ARQUIV~1\GBPLUG~1\gbiehdst.dll File not found

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (PhotoPos Toolbar) - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Arquivos de programas\PhotoposComTbr\PhotoposComTbrLib.dll ()

O3 - HKU\S-1-5-21-448539723-790525478-839522115-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O4 - HKLM..\Run: [avast5] C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

O4 - HKLM..\Run: [FBSearch] C:\Arquivos de programas\Search Guard Plus\SearchGuardPlus.exe ()

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NWEReboot] File not found

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)

O4 - HKLM..\Run: [sGPUpdater] C:\Arquivos de programas\Search Guard PlusU\sgpUpdaters.exe ()

O4 - HKU\S-1-5-21-448539723-790525478-839522115-1003..\Run: [c:_arquivos de programas_c44] C:\Arquivos de programas\Corel\Corel Graphics 12\Programs\CorUpd.exe (Corel Corporation)

O4 - HKU\S-1-5-21-448539723-790525478-839522115-1003..\Run: [DriverUpdaterPro] C:\Arquivos de programas\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe File not found

O4 - HKU\S-1-5-21-448539723-790525478-839522115-1003..\RunOnce: [shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -Mozilla\4.0 ( File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: gbieh.b = "C:\Arquivos de programas\GbPluggin\gbppsv.exe" File not found

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-448539723-790525478-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172356930812 (WUWebControl Class)

O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ GbiehAbn: DllName - C:\ARQUIV~1\GBPLUG~1\gbiehdst.dll - C:\ARQUIV~1\GBPLUG~1\gbiehdst.dll File not found

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Amabile\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Amabile\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2002/01/01 17:49:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{0be391d7-d2a5-11de-be83-0013d411f24c}\Shell\AutoRun\command - "" = E:\wubi.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/04/04 00:43:46 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Amabile\Desktop\OTL.exe

[2010/04/03 22:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data

[2010/04/02 18:00:02 | 000,000,000 | ---D | C] -- C:\Hijack

[2010/04/02 12:47:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alwil Software

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR

[2010/04/02 12:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI

[2010/04/02 12:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES

[2010/04/02 12:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR

[2010/04/02 12:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE

[2010/04/02 12:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK

[2010/04/02 12:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA

[2010/03/15 10:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SeaPort

[2010/03/11 15:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\WEBREG

[2010/03/11 15:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amabile\Dados de aplicativos\HP

[2010/03/11 15:39:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\HP Product Assistant

[2010/03/11 15:38:18 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\HP

[2010/03/11 15:36:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\HP

[2010/03/10 11:56:14 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe

[2010/01/31 14:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Google

[2010/01/31 14:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Google

[2009/09/22 21:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Adobe

[2009/09/22 21:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Google

[2009/09/02 23:25:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft

[2009/01/02 10:27:54 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Microsoft

[2008/12/27 18:20:26 | 001,851,544 | ---- | C] (Adobe Systems Incorporated) -- C:\Arquivos de programas\install_flash_player.exe

[2008/07/22 19:13:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dados de aplicativos\Microsoft

[2008/07/22 19:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft

[2004/05/03 09:10:58 | 000,013,920 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\RecAgent.sys

[2004/05/03 09:10:50 | 000,632,960 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys

[2004/05/03 09:06:08 | 000,095,768 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys

[2004/05/03 09:03:04 | 000,230,664 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys

[2004/05/03 08:59:14 | 001,302,680 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys

[2004/05/03 08:55:38 | 000,180,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys

[2004/05/03 08:44:54 | 000,013,288 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slwdmsup.sys

[2002/01/01 18:13:28 | 000,014,968 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/04/04 00:44:19 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Amabile\Desktop\OTL.exe

[2010/04/03 23:58:00 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/04/03 22:57:59 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6A64F8E4-F973-45D9-9F89-953AF24140FC}.job

[2010/04/03 22:56:35 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job

[2010/04/03 22:56:33 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/04/03 22:55:58 | 000,004,412 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2010/04/03 22:55:51 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/04/03 22:55:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/04/03 22:55:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/04/03 22:54:59 | 535,613,440 | -HS- | M] () -- C:\hiberfil.sys

[2010/04/03 19:55:33 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\Amabile\NTUSER.DAT

[2010/04/03 19:55:33 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\Amabile\ntuser.ini

[2010/04/02 23:06:14 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\Amabile\Desktop\CorelDRAW 12.lnk

[2010/04/02 20:16:03 | 000,011,848 | ---- | M] () -- C:\Documents and Settings\Amabile\Desktop\5513783.jpg

[2010/04/02 12:47:35 | 000,003,018 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010/04/02 12:47:35 | 000,001,772 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2010/03/26 18:55:02 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/03/26 17:20:55 | 000,009,385 | ---- | M] () -- C:\WINDOWS\casmate.ini

[2010/03/13 10:44:47 | 000,121,184 | ---- | M] () -- C:\Documents and Settings\Amabile\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT

[2010/03/11 18:59:32 | 000,425,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/03/11 15:41:00 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk

[2010/03/11 15:39:44 | 000,001,122 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Central de Soluções HP.lnk

[2010/03/11 15:34:42 | 000,014,896 | ---- | M] () -- C:\Documents and Settings\Amabile\Meus documentos\Pro Industria.cdr

[2010/03/11 13:37:42 | 000,133,848 | ---- | M] () -- C:\WINDOWS\hpgins24.dat

[2010/03/11 12:44:09 | 000,000,638 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/03/10 13:00:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010/03/09 18:37:41 | 000,045,056 | ---- | M] (Northern Codeworks) -- C:\WINDOWS\NCUNINST.EXE

[2010/03/09 15:30:20 | 000,171,022 | ---- | M] () -- C:\Documents and Settings\Amabile\Meus documentos\emaus.cdr

[2010/03/09 13:17:23 | 001,584,054 | ---- | M] () -- C:\Documents and Settings\Amabile\Meus documentos\cachos.cdr

[2010/03/09 11:15:34 | 000,019,417 | ---- | M] () -- C:\WINDOWS\Run32A60.mch

[2010/03/09 11:08:36 | 000,000,035 | ---- | M] () -- C:\WINDOWS\A6W.INI

[2010/03/09 08:24:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr

[2010/03/09 08:24:05 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe

[2010/03/09 08:12:54 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2010/03/09 08:12:33 | 000,162,640 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2010/03/09 08:09:08 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2010/03/09 08:08:41 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2010/03/09 08:08:38 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2010/03/09 08:08:30 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2010/03/09 08:08:15 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/04/02 20:16:23 | 000,011,848 | ---- | C] () -- C:\Documents and Settings\Amabile\Desktop\5513783.jpg

[2010/04/02 12:47:35 | 000,001,772 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2010/04/02 12:34:48 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\OGALogon.job

[2010/03/11 15:41:00 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk

[2010/03/11 15:39:44 | 000,001,122 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Central de Soluções HP.lnk

[2010/03/11 15:34:42 | 000,014,896 | ---- | C] () -- C:\Documents and Settings\Amabile\Meus documentos\Pro Industria.cdr

[2010/03/11 13:37:28 | 000,133,848 | ---- | C] () -- C:\WINDOWS\hpgins24.dat

[2010/03/11 13:37:28 | 000,000,308 | ---- | C] () -- C:\WINDOWS\hpgmdl24.dat

[2010/03/09 15:30:20 | 000,171,022 | ---- | C] () -- C:\Documents and Settings\Amabile\Meus documentos\emaus.cdr

[2010/03/09 13:17:21 | 001,584,054 | ---- | C] () -- C:\Documents and Settings\Amabile\Meus documentos\cachos.cdr

[2010/02/03 21:28:08 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\KGyGaAvL.sys

[2010/02/03 21:28:08 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\13C2C69A92.sys

[2010/01/26 10:34:23 | 000,000,020 | ---- | C] () -- C:\WINDOWS\waterfalls.ini

[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2008/12/27 19:09:54 | 000,893,957 | ---- | C] () -- C:\Arquivos de programas\Xp Validation.exe

[2008/12/27 19:09:17 | 000,797,505 | ---- | C] () -- C:\Arquivos de programas\XpValidation.zip

[2008/07/26 15:58:09 | 002,674,213 | ---- | C] () -- C:\Arquivos de programas\aida32ne_393(AIDA).exe

[2008/06/30 19:49:39 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2008/03/15 19:28:29 | 000,000,373 | ---- | C] () -- C:\WINDOWS\capture.ini

[2008/03/15 16:46:18 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI

[2008/03/08 11:51:53 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Amabile\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/03/07 21:14:02 | 000,009,385 | ---- | C] () -- C:\WINDOWS\casmate.ini

[2008/03/02 18:26:09 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\ezsid.dat

[2008/02/25 12:32:11 | 000,000,080 | ---- | C] () -- C:\Documents and Settings\Amabile\Configurações locais\Dados de aplicativos\FASTWiz.log

[2008/02/25 10:51:33 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Amabile\Configurações locais\Dados de aplicativos\fusioncache.dat

[2008/02/25 10:42:26 | 000,005,860 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\hpzinstall.log

[2004/05/03 09:21:44 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll

[2004/05/03 09:19:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

[2004/05/03 09:18:50 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll

[2002/01/01 19:04:39 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2002/01/01 18:13:28 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll

[2002/01/01 18:13:28 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll

[2002/01/01 18:06:50 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2002/01/01 18:06:50 | 000,004,099 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2002/01/01 17:53:43 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Amabile\ntuser.dat.LOG

[2002/01/01 17:53:43 | 000,000,210 | -HS- | C] () -- C:\Documents and Settings\Amabile\ntuser.ini

[2002/01/01 17:53:42 | 006,291,456 | -H-- | C] () -- C:\Documents and Settings\Amabile\NTUSER.DAT

 

========== LOP Check ==========

 

[2010/04/02 12:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alwil Software

[2008/07/22 19:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Avg7

[2009/01/27 20:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Bitstream Font Navigator

[2010/01/26 10:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\EmailNotifier

[2008/03/11 20:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\MSScanAppDataDir

[2009/12/14 09:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\SSScanAppDataDir

[2009/04/16 21:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\WildTangent

[2010/02/04 09:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Amabile\Dados de aplicativos\Bitstream

[2002/01/01 18:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Amabile\Dados de aplicativos\InterTrust

[2008/07/27 21:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Amabile\Dados de aplicativos\Pasta de Uploads Share-to-Web

[2010/01/26 11:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Amabile\Dados de aplicativos\Photopos

[2010/01/26 10:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Amabile\Dados de aplicativos\PhotoposComtb

[2010/04/03 22:56:35 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

[2010/04/03 22:57:59 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{6A64F8E4-F973-45D9-9F89-953AF24140FC}.job

 

========== Purity Check ==========

 

 

< End of report >

 

 

 

OTL Extras logfile created on: 4/4/2010 00:47:55 - Run 1

OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Amabile\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

511,00 Mb Total Physical Memory | 101,00 Mb Available Physical Memory | 20,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free

Paging file location(s): C:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 149,04 Gb Total Space | 129,59 Gb Free Space | 86,95% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: CASAAMABILE

Current User Name: Amabile

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqpse.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)

"C:\Arquivos de programas\HP\HP Software Update\HPWUCli.exe" = C:\Arquivos de programas\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\Corel\Graphics10\Register\NAVBrowser.exe" = C:\Arquivos de programas\Corel\Graphics10\Register\NAVBrowser.exe:*:Enabled:NAVBrowser -- (Naviant, Inc.)

"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

"C:\Arquivos de programas\Ares\Ares.exe" = C:\Arquivos de programas\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqpse.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)

"C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)

"C:\Arquivos de programas\HP\HP Software Update\HPWUCli.exe" = C:\Arquivos de programas\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0C405D1F-359E-41C5-A1A9-383A04BBD5E2}" = Windows Live Galeria de Fotos

"{0CBADDF4-2CF6-4CDB-B4F5-29B8FCA7FE07}" = Microsoft .NET Framework 1.1 Brazilian Portuguese Language Pack

"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call

"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{381C70F0-FC2C-4BEF-B16C-B88FA67A6B7B}" = Assistente de Conexão do Windows Live

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack

"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{58C69CE7-7CCB-42BB-8E94-A58EC729EE37}" = VBA (3821h.2)

"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6

"{624DEAA0-B27D-444B-8BFE-70622B318A4A}" = Windows Live Toolbar

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update

"{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail

"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003

"{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0015-0416-0000-0000000FF1CE}_PROR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}_PROR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}_PROR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}_PROR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}_PROR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}_PROR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_PROR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0416-0000-0000000FF1CE}" = Pacote de Compatibilidade para o sistema Office 2007

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}_PROR_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007

"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9555B4ED-09A3-4722-8E8C-57A49401D059}" = Windows Live Writer

"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc

"{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}" = Windows Live Sync

"{9E50DEC9-081B-441F-B647-98DBEA8B01DD}" = CorelDRAW 10

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser

"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E3B67F67-F1BA-4709-96CE-72E92A8BF5E3}" = hpg2410

"{E5B04674-1885-4B08-BAE7-ECDEC1F84677}" = HP Scanjet G2410 and 2400

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials

"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast® Display Driver

"Adobe Acrobat 5.0" = Adobe Acrobat 5.0

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"AIDA32_is1" = AIDA32 v3.93

"Animated Waterfalls_is1" = Animated Waterfalls

"Ares" = Ares 2.1.2

"avast5" = avast! Free Antivirus

"CorelDRAW 10" = CorelDRAW 10

"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02

"HijackThis" = HijackThis 2.0.2

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Photosmart Essential" = HP Photosmart Essential 3.5

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPOCR" = OCR Software by I.R.I.S. 13.0

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mimaki FineCut for CorelDRAW" = Mimaki FineCut for CorelDRAW

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NeroMultiInstaller!UninstallKey" = Nero Suite

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"PhotoposComTbr" = Photopos Toolbar (Remove Toolbar Only)

"PROR" = Versão de Avaliação do Microsoft Office Professional 2007

"Search Guard Plus" = Search Guard Plus (My Web Tattoo)

"Search Guard Plus Updater" = Search Guard Plus Updater (My Web Tattoo)

"SLAMRNTV" = NetoDragon 56K Voice Modem

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = Arquivo do WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 9/11/2009 11:38:23 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 9/11/2009 11:38:26 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 11/11/2009 08:33:06 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 11:55:02 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 14/11/2009 11:55:22 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 27/12/2009 08:46:41 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 27/12/2009 08:46:44 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 27/12/2009 08:46:55 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 27/12/2009 08:47:03 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

Error - 27/12/2009 08:47:11 | Computer Name = CASAAMABILE | Source = avast! | ID = 33554522

Description =

 

[ Application Events ]

Error - 4/3/2010 20:41:20 | Computer Name = CASAAMABILE | Source = Application Error | ID = 1000

Description = Aplicativo com falha iexplore.exe, versão 8.0.6001.18702, módulo com

falha unknown, versão 0.0.0.0, endereço com falha 0x0b0c0068.

 

Error - 8/3/2010 10:49:14 | Computer Name = CASAAMABILE | Source = Google Update | ID = 20

Description =

 

Error - 8/3/2010 11:49:14 | Computer Name = CASAAMABILE | Source = Google Update | ID = 20

Description =

 

Error - 9/3/2010 14:40:49 | Computer Name = CASAAMABILE | Source = Application Error | ID = 1000

Description = Aplicativo com falha trace.exe, versão 10.410.0.0, módulo com falha

msvcrt.dll, versão 7.0.2600.5512, endereço com falha 0x00026232.

 

Error - 10/3/2010 08:49:05 | Computer Name = CASAAMABILE | Source = Google Update | ID = 20

Description =

 

Error - 10/3/2010 17:49:05 | Computer Name = CASAAMABILE | Source = Google Update | ID = 20

Description =

 

Error - 10/3/2010 18:49:05 | Computer Name = CASAAMABILE | Source = Google Update | ID = 20

Description =

 

Error - 11/3/2010 11:48:12 | Computer Name = CASAAMABILE | Source = Application Error | ID = 1000

Description = Aplicativo com falha , versão 0.0.0.0, módulo com falha unknown, versão

0.0.0.0, endereço com falha 0x00000000.

 

Error - 12/3/2010 08:51:08 | Computer Name = CASAAMABILE | Source = Application Error | ID = 1004

Description = Aplicativo com falha hpdj01.exe, versão 0.0.0.0, módulo com falha

unknown, versão 0.0.0.0, endereço com falha 0x00000000.

 

Error - 15/3/2010 12:34:45 | Computer Name = CASAAMABILE | Source = Application Error | ID = 1000

Description = Aplicativo com falha iexplore.exe, versão 8.0.6001.18702, módulo com

falha unknown, versão 0.0.0.0, endereço com falha 0x12660068.

 

[ System Events ]

Error - 30/3/2010 13:04:07 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 31/3/2010 10:50:06 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 31/3/2010 18:04:21 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 1/4/2010 07:59:56 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 1/4/2010 11:51:58 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 1/4/2010 20:47:53 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 3/4/2010 08:01:36 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 3/4/2010 11:31:19 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 3/4/2010 18:45:57 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 3/4/2010 21:55:06 | Computer Name = CASAAMABILE | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0013D411F24C foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

 

< End of report >

[DigRam 144]

Bom Dia! ze adauto

 

<@> Desinstale:

 

<1.0> PhotoposComTbr <-- Remove Toolbar Only

 

<2.1> Search Guard Plus <-- My Web Tattoo

 

<2.2> Search Guard Plus Updater <-- My Web Tattoo

 

000000000000000000000

000000000000000000000

<@> Execute o OTL.exe.

<@> Copie estas informações que estão no Quote,para o campo clipboard da ferramenta. ( Custom Scans/Fixes )

 

:files

C:\Documents and Settings\Amabile\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

C:\Documents and Settings\All Users\Dados de aplicativos\Avg7

C:\WINDOWS\System32\zh-TW

C:\WINDOWS\System32\zh-HK

C:\WINDOWS\System32\tr-TR

C:\WINDOWS\System32\sv-SE

C:\WINDOWS\System32\nl-NL

C:\WINDOWS\System32\nb-NO

C:\WINDOWS\System32\ko-KR

C:\WINDOWS\System32\it-IT

C:\WINDOWS\System32\he-IL

C:\WINDOWS\System32\fr-FR

C:\WINDOWS\System32\fi-FI

C:\WINDOWS\System32\es-ES

C:\WINDOWS\System32\el-GR

C:\WINDOWS\System32\de-DE

C:\WINDOWS\System32\da-DK

C:\WINDOWS\System32\ar-SA

C:\WINDOWS\System32\SeaPort

:otl

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (GbiehObj Class) - {FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB} - C:\ARQUIV~1\GBPLUG~1\gbiehdst.dll File not found

O4 - HKLM..\Run: [NWEReboot] File not found

O4 - HKU\S-1-5-21-448539723-790525478-839522115-1003..\Run: [DriverUpdaterPro] C:\Arquivos de programas\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe File not found

O4 - HKU\S-1-5-21-448539723-790525478-839522115-1003..\RunOnce: [shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -Mozilla\4.0 ( File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: gbieh.b = "C:\Arquivos de programas\GbPluggin\gbppsv.exe" File not found

O33 - MountPoints2\{0be391d7-d2a5-11de-be83-0013d411f24c}\Shell\AutoRun\command - "" = E:\wubi.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:Commands

[purity]

[emptytemp]

[Reboot]

<@> Clique no botão Run Fix --> Aguarde a conclusão!

<@> Terminando,vá até a pasta: C:\_OTL\MovedFiles\*.log <-- Poste!

<@> Poste,também,HijackThis atualizado.

 

Abraços!

[ze adauto 0]

Segue abaixo os logs atualizados.

 

 

All processes killed

========== FILES ==========

C:\Documents and Settings\Amabile\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\Avg7 folder moved successfully.

C:\WINDOWS\System32\zh-TW folder moved successfully.

C:\WINDOWS\System32\zh-HK folder moved successfully.

C:\WINDOWS\System32\tr-TR folder moved successfully.

C:\WINDOWS\System32\sv-SE folder moved successfully.

C:\WINDOWS\System32\nl-NL folder moved successfully.

C:\WINDOWS\System32\nb-NO folder moved successfully.

C:\WINDOWS\System32\ko-KR folder moved successfully.

C:\WINDOWS\System32\it-IT folder moved successfully.

C:\WINDOWS\System32\he-IL folder moved successfully.

C:\WINDOWS\System32\fr-FR folder moved successfully.

C:\WINDOWS\System32\fi-FI folder moved successfully.

C:\WINDOWS\System32\es-ES folder moved successfully.

C:\WINDOWS\System32\el-GR folder moved successfully.

C:\WINDOWS\System32\de-DE folder moved successfully.

C:\WINDOWS\System32\da-DK folder moved successfully.

C:\WINDOWS\System32\ar-SA folder moved successfully.

C:\WINDOWS\System32\SeaPort folder moved successfully.

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully.

Registry value HKEY_USERS\S-1-5-21-448539723-790525478-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DriverUpdaterPro deleted successfully.

Registry value HKEY_USERS\S-1-5-21-448539723-790525478-839522115-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Shockwave Updater deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\gbieh.b deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0be391d7-d2a5-11de-be83-0013d411f24c}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0be391d7-d2a5-11de-be83-0013d411f24c}\ not found.

File E:\wubi.exe not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.

C:\WINDOWS\System32\SET3B.tmp deleted successfully.

C:\WINDOWS\System32\SET3D.tmp deleted successfully.

C:\WINDOWS\System32\SET49.tmp deleted successfully.

C:\WINDOWS\003028_.tmp deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Amabile

->Temp folder emptied: 905073989 bytes

->Temporary Internet Files folder emptied: 206300155 bytes

->Java cache emptied: 3800693 bytes

->Flash cache emptied: 132464 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 13165158 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33237 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 611277614 bytes

RecycleBin emptied: 24791200 bytes

 

Total Files Cleaned = 1.683,00 mb

 

 

OTL by OldTimer - Version 3.2.1.0 log created on 04042010_125515

 

Files\Folders moved on Reboot...

File\Folder C:\Documents and Settings\Amabile\Configurações locais\Temp\~DF5A6E.tmp not found!

File\Folder C:\Documents and Settings\Amabile\Configurações locais\Temp\~DF5A80.tmp not found!

File\Folder C:\Documents and Settings\Amabile\Configurações locais\Temp\~DF5AE3.tmp not found!

File\Folder C:\Documents and Settings\Amabile\Configurações locais\Temp\~DF5AF5.tmp not found!

File\Folder C:\Documents and Settings\Amabile\Configurações locais\Temp\~DF5B3F.tmp not found!

File\Folder C:\Documents and Settings\Amabile\Configurações locais\Temp\~DF5B51.tmp not found!

C:\Documents and Settings\Amabile\Configurações locais\Temporary Internet Files\Content.IE5\O983SS15\ads[3].htm moved successfully.

C:\Documents and Settings\Amabile\Configurações locais\Temporary Internet Files\Content.IE5\O983SS15\barra[1].htm moved successfully.

C:\Documents and Settings\Amabile\Configurações locais\Temporary Internet Files\Content.IE5\O983SS15\index[2].htm moved successfully.

C:\Documents and Settings\Amabile\Configurações locais\Temporary Internet Files\Content.IE5\9R6S5IXP\ads[3].htm moved successfully.

C:\Documents and Settings\Amabile\Configurações locais\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

C:\Documents and Settings\Amabile\Configurações locais\Temporary Internet Files\SuggestedSites.dat moved successfully.

File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:02:Bilí, on 4/4/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe

C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Corel\Corel Graphics 12\Programs\CorUpd.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Hijack\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [c:_arquivos de programas_c44] C:\Arquivos de programas\Corel\Corel Graphics 12\Programs\CorUpd.exe /Watch /r="Software\Corel\CorelDRAW\12.0"

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172356930812

O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: GbiehAbn - C:\ARQUIV~1\GBPLUG~1\gbiehdst.dll (file missing)

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

 

--

End of file - 7035 bytes

[DigRam 144]

Boa Tarde! ze adauto

 

<@> Abra o OTL.exe --> Clique em --> Aguarde!

<@> Na solicitação,clique OK --> Reinicie o computador!

0000000000000000000

<!> Seus logs estão limpos! :)

<!> Tudo Ok?

 

Abraços!

[ze adauto 0]

Muito obrigado pela ajuda!

Continue desenvolvendo esta maravilhosa atividade!

Até mais

Adauto

[DigRam 144]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.