mcfistu 0 Denunciar post Postado Junho 17, 2010 Ultimamente o PC tem ficado bastante lento a arrancar demora uns 15 minutos até acabar de iniciar os processos. Também demora a entrar nas aplicações. O meu antivirus não detecta nada. Gostava que me ajudassem a resolver este problema. Muito Obrigado. Mcfistu Deixo aqui o log do Hijack This Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:45:17, on 17-06-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Sygate\SPF\smc.exe C:\Programas\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\Programas\Synaptics\SynTP\SynTPLpr.exe C:\Programas\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\hkcmd.exe C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe C:\Programas\Java\jre6\bin\jusched.exe C:\Programas\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe C:\Programas\HP\HP Software Update\HPWuSchd2.exe C:\Programas\Windows Defender\MSASCui.exe C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programas\Spybot - Search & Destroy\TeaTimer.exe C:\Programas\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Programas\Software WIDCOMM\Bluetooth\BTTray.exe X:\Programas\eBoostr\eBoostrCP.exe C:\PROGRA~1\SOFTWA~1\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe X:\Programas\eBoostr\EBstrSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\msiexec.exe C:\Programas\HPQ\shared\hpqwmi.exe E:\Software\Hijack This\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programas\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programas\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Ver HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programas\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [synTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe" /Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [smcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHEI~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programas\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM') O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: eBoostr Control Panel.lnk = X:\Programas\eBoostr\eBoostrCP.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176752437921 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - X:\Programas\eBoostr\EBstrSvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programas\HPQ\shared\hpqwmi.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe O23 - Service: Serviço do Auto-Protect do Norton AntiVirus (navapsvc) - Unknown owner - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe -- End of file - 10444 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 20, 2010 Boa Noite! mcfistu <@> Baixe: < OTL > ( ...by OldTimer Tools ) <@> Salve-o no desktop! <@> Clique duplo em: < > <@> Ps: Sigamos,agora,com sua configuração! <!> 1 - Em "Saída",deixe marcado o botão "Resumida". <!> 2 - Marque as caixas: Verificar All Users e Incluir Verificação 64bit <-- Ps: Caso o SO seja 64 bit! <!> 3 - Processos: Usar SafeList <-- Marque! <!> 4 - Módulos: Usar SafeList <-- Marque! <!> 5 - Serviços: Usar SafeList <-- Marque! <!> 6 - Drivers: Usar SafeList <-- Marque! <!> 7 - Exame Padrão do Registro: Usar SafeList <-- Marque! <!> 8 - Exame Extra do Registro: Usar SafeList <-- Marque! <!> 9 - Verificação de Arquivos: <!> Data de Criação >> Escolha: 14 dias <!> Marque: Usar WhiteList para Nomes de Companhias <!> Marque: Ignorar Arquivos Microsoft <!> 10 - Arquivos Criados Desde: <!> Marque: Data de Criação <!> 11 - Arquivos Modificados Desde: <!> Marque: Data de Criação <!> Marque as caixas: [] Verificar Lop [] Verificar Purity <@> Ps: Sugiro que imprima estas orientações,para posterior leitura. netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%SYSTEMDRIVE%\*.exe%SYSTEMDRIVE%\eventlog.dll /s /md5%SYSTEMDRIVE%\scecli.dll /s /md5%SYSTEMDRIVE%\sfcfiles.dll /s /md5%SYSTEMDRIVE%\netlogon.dll /s /md5%SYSTEMDRIVE%\atapi.sys /s /md5CREATERESTOREPOINT <@> Ps: Copie e cole estas informações,que estão no Code,para o campo abaixo de: Exames Personalizados/Correções <@> Clique em: Verificar --> Aguarde! <@> Concluindo,poste: <!> <1> OTL.txt <-- <!> <2> Extras.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
mcfistu 0 Denunciar post Postado Junho 21, 2010 Envio o log OTL.txt OTL logfile created on: 21-06-2010 21:29:13 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\user\Ambiente de trabalho Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 502,00 Mb Total Physical Memory | 108,00 Mb Available Physical Memory | 21,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programas Drive C: | 50,11 Gb Total Space | 32,63 Gb Free Space | 65,11% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 1,92 Gb Total Space | 0,42 Gb Free Space | 21,90% Space Free | Partition Type: FAT Drive F: | 960,09 Mb Total Space | 282,26 Mb Free Space | 29,40% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 24,42 Gb Total Space | 13,76 Gb Free Space | 56,35% Space Free | Partition Type: NTFS Computer Name: SANDRA-SANTOS Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\user\Ambiente de trabalho\OTL.exe (OldTimer Tools) PRC - C:\Programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) PRC - C:\Programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) PRC - X:\Programas\eBoostr\eBoostrCP.exe (eBoostr.com) PRC - C:\Programas\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - X:\Programas\eBoostr\EBstrSvc.exe (eBoostr.com) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Programas\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation) PRC - C:\Programas\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation) PRC - C:\Programas\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programas\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Programas\HPQ\Quick Launch Buttons\eabservr.exe (Hewlett-Packard ) PRC - C:\Programas\Software WIDCOMM\Bluetooth\BTTray.exe (Broadcom Corporation.) PRC - C:\Programas\Software WIDCOMM\Bluetooth\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\Programas\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) PRC - C:\Programas\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.) PRC - C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\user\Ambiente de trabalho\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\Programas\Software WIDCOMM\Bluetooth\BTKeyInd.dll () MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.) MOD - C:\WINDOWS\system32\SSSensor.dll (Sygate Technologies, Inc.) ========== Win32 Services (SafeList) ========== SRV - (navapsvc) -- File not found SRV - (avast! Web Scanner) -- C:\Programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Antivirus) -- C:\Programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (EBOOSTRSVC) -- X:\Programas\eBoostr\EBstrSvc.exe (eBoostr.com) SRV - (usnjsvc) -- C:\Programas\MSN Messenger\usnsvc.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programas\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (btwdins) -- C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe (Broadcom Corporation.) SRV - (SmcService) -- C:\Programas\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.) ========== Driver Services (SafeList) ========== DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software) DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (eBoost) -- C:\WINDOWS\system32\drivers\eBoost.sys (eBoostr.com) DRV - (RT73) -- C:\WINDOWS\system32\drivers\Dr71WU.sys (Ralink Technology, Corp.) DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.) DRV - (adiusbaw) -- C:\WINDOWS\system32\drivers\adiusbaw.sys (Analog Devices Inc.) DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments) DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.) DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.) DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation ) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (w29n51) Driver de conexão de rede Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (wg6n) -- C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys (Sygate Technologies, Inc.) DRV - (wg5n) -- C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys (Sygate Technologies, Inc.) DRV - (wg4n) -- C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys (Sygate Technologies, Inc.) DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.) DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.) DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.) DRV - (rtl8139) Controlador NT de placa Fast Ethernet baseada na Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Company) DRV - (P0630VID) -- C:\WINDOWS\system32\drivers\P0630Vid.sys (Creative Technology Ltd.) DRV - (ADILOADER) General Purpose USB Driver (adildr.sys) -- C:\WINDOWS\system32\drivers\adildr.sys (Analog Deivces) DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Company) DRV - (Usblink) -- C:\WINDOWS\system32\drivers\ulink.sys () DRV - (PQNTDrv) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys (PowerQuest Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Programas\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-07-12 14:40:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Programas\Mozilla Firefox\components [2009-11-21 16:55:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Programas\Mozilla Firefox\plugins [2010-04-16 23:39:44 | 000,000,000 | ---D | M] [2009-06-17 22:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\mozilla\Extensions [2010-04-04 12:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\mozilla\Firefox\Profiles\u35nsmjz.default\extensions [2009-09-09 12:53:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\mozilla\Firefox\Profiles\u35nsmjz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-06-17 22:34:04 | 000,000,000 | ---D | M] -- C:\Programas\Mozilla Firefox\extensions [2009-09-25 12:54:06 | 000,001,525 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2009-09-25 12:54:06 | 000,001,529 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\priberam.xml [2009-09-25 12:54:06 | 000,002,071 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\sapo.xml [2009-09-25 12:54:06 | 000,000,942 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\wikipedia-ptpt.xml [2009-09-25 12:54:06 | 000,000,648 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\yahoo-br.xml O1 HOSTS File: ([2009-01-17 18:06:06 | 000,292,012 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 127.0.0.1 www.163ns.com O1 - Hosts: 10053 more lines... O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programas\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - Reg Error: Value error. File not found O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programas\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found. O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programas\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (Ver HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company) O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\ShellBrowser: (Ver HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company) O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\WebBrowser: (Ver HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company) O4 - HKLM..\Run: [Adobe ARM] C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [eabconfg.cpl] C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard ) O4 - HKLM..\Run: [iSUSPM Startup] C:\Programas\Ficheiros comuns\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [iSUSScheduler] C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [smcService] C:\Programas\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.) O4 - HKLM..\Run: [synTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Programas\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] X:\Programas\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] X:\Programas\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-21-861567501-1454471165-839522115-1004..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-861567501-1454471165-839522115-1004..\Run: [H/PC Connection Agent] C:\Programas\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-861567501-1454471165-839522115-1004..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-861567501-1454471165-839522115-1004..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\BTTray.lnk = C:\Programas\Software WIDCOMM\Bluetooth\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\eBoostr Control Panel.lnk = X:\Programas\eBoostr\eBoostrCP.exe (eBoostr.com) O4 - Startup: C:\Documents and Settings\Default User\Menu Iniciar\Programas\Arranque\AutoTBar.exe (Hewlett-Packard) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Programas\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm () O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programas\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programas\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176752437921 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} http://update.hpphoto.com/download/HPSWUpdate.ocx (CUpdateCtl Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programas\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programas\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programas\Ficheiros comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (Broadcom Corporation.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll () O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - File not found O24 - Desktop Components:0 (A minha home page actual) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Definições locais\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programas\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programas\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-11-04 12:33:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{18af04bc-67ed-11df-a26f-00c09fb05f61}\Shell\AutoRun\command - "" = F:\__DT\DT.exe -- File not found O33 - MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\Shell\AutoRun\command - "" = E:\LiberKey\LiberKey.exe -- File not found O33 - MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\Shell\Menu1\command - "" = E:\LiberKey\LiberKey.exe -- File not found O33 - MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2005-11-04 12:33:00 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: D-Link AirPlus G - hkey= - key= - C:\Programas\D-Link\AirPlus G\AirGCFG.exe (D-Link) MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programas\iTunes\iTunesHelper.exe (Apple Computer, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: WinDefend - C:\Programas\Windows Defender\MsMpEng.exe (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: WinDefend - C:\Programas\Windows Defender\MsMpEng.exe (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {0D70FCFE-2102-4951-A56E-22DD07DFA5B6} - .NET Framework ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Atribuição de dados HTML dinâmicos para Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Autoridade avançada ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes DirectAnimation Java ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Pastas Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Programador de tarefas ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler) Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation) Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corp.) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.LEAD - LCODCCMP.DLL File not found Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation) Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation) Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation) Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 14 Days ========== [2010-06-21 21:24:03 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Ambiente de trabalho\OTL.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 14 Days ========== [2010-06-21 19:48:04 | 000,000,770 | ---- | M] () -- C:\WINDOWS\win.ini [2010-06-21 19:46:49 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010-06-21 19:45:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-21 19:44:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-06-21 19:43:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-06-21 19:43:14 | 526,897,152 | -HS- | M] () -- C:\hiberfil.sys [2010-06-21 16:43:37 | 009,699,328 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT [2010-06-21 16:43:37 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini [2010-06-21 15:38:25 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\user\Ambiente de trabalho\Microsoft Word.lnk [2010-06-21 15:14:33 | 000,002,481 | ---- | M] () -- C:\Documents and Settings\user\Ambiente de trabalho\Microsoft Excel.lnk [2010-06-21 11:27:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Ambiente de trabalho\OTL.exe [2010-06-17 22:43:09 | 000,000,483 | ---- | M] () -- C:\Documents and Settings\user\Ambiente de trabalho\Atalho para HiJackThis.lnk [2010-06-17 22:09:49 | 000,406,543 | ---- | M] () -- C:\WINDOWS\hpoins14.dat [2010-06-17 22:05:36 | 000,151,464 | ---- | M] () -- C:\WINDOWS\hpoins14.dat.temp [2010-06-10 14:15:27 | 000,162,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-09 01:12:01 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-06-09 00:58:25 | 001,061,474 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-09 00:58:25 | 000,492,078 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat [2010-06-09 00:58:25 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-06-09 00:58:25 | 000,085,510 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat [2010-06-09 00:58:25 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-06-08 00:08:15 | 000,116,224 | ---- | M] () -- C:\Documents and Settings\user\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-06-17 22:43:09 | 000,000,483 | ---- | C] () -- C:\Documents and Settings\user\Ambiente de trabalho\Atalho para HiJackThis.lnk [2007-09-28 17:07:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2007-09-28 17:05:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest [2007-09-28 17:05:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest [2007-09-28 17:05:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2007-09-22 10:36:44 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2007-09-22 10:36:44 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2006-07-14 21:10:48 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI5_SETUP.ini [2006-07-12 21:55:25 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2006-07-12 21:55:01 | 000,001,039 | ---- | C] () -- C:\WINDOWS\adiras.ini [2006-07-12 21:55:01 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2006-07-12 21:54:50 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2006-07-12 21:54:49 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2006-06-03 19:02:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [2006-04-22 15:05:50 | 000,040,060 | ---- | C] () -- C:\WINDOWS\System32\drivers\ulink.sys [2006-04-22 11:37:39 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2006-01-14 21:35:22 | 000,000,040 | ---- | C] () -- C:\WINDOWS\gsview32.ini [2006-01-14 20:42:47 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll [2005-11-29 21:51:36 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2005-11-20 10:43:04 | 000,000,413 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005-11-15 18:59:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005-11-04 13:04:19 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005-11-04 13:01:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005-11-04 13:01:28 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005-11-04 13:01:28 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005-11-04 13:01:28 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005-11-04 13:01:28 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005-11-04 13:01:28 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2005-02-12 09:33:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004-11-29 20:44:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2004-10-15 19:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll [2004-07-03 22:08:04 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2004-07-03 21:59:06 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2004-01-13 19:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2002-05-15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2001-11-23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2001-11-14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [2001-10-29 14:51:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll ========== LOP Check ========== [2010-02-07 23:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010-06-21 21:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eboostr [2006-01-03 18:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp [2007-08-17 09:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith [2007-09-22 11:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2007-09-22 10:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trojan Remover [2006-01-03 18:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15 [2008-12-17 01:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} [2005-11-20 17:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InterVideo [2005-12-01 10:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Leadertech [2008-12-21 11:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nikon [2007-12-20 18:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Orphée Développement [2008-01-02 12:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Pixela [2007-09-22 10:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Simply Super Software [2008-01-17 15:27:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sports Interactive [2008-10-11 09:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Thinstall [2008-06-09 20:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Vso [2006-11-26 13:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\VSO_HWE [2006-02-28 21:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Windows Desktop Search [2006-02-28 11:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\XnView [2010-06-21 19:46:49 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\eventlog.dll /s /md5 > [2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=9120FBFF941AA5C4F11079004C6C806D -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 17:09:08 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A1A19F168D212FF43B995875EED38A61 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 17:09:08 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A1A19F168D212FF43B995875EED38A61 -- C:\WINDOWS\system32\eventlog.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %SYSTEMDRIVE%\scecli.dll /s /md5 > [2004-08-04 13:00:00 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=0FFEDF47D37A47E507AB4663924484E5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008-04-14 17:09:25 | 000,185,344 | ---- | M] (Microsoft Corporation) MD5=7A0D47C36AC0FBC7D1AE41DF2C9A6EF4 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008-04-14 17:09:25 | 000,185,344 | ---- | M] (Microsoft Corporation) MD5=7A0D47C36AC0FBC7D1AE41DF2C9A6EF4 -- C:\WINDOWS\system32\scecli.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %SYSTEMDRIVE%\sfcfiles.dll /s /md5 > [2004-08-04 13:00:00 | 001,548,800 | ---- | M] (Microsoft Corporation) MD5=34C8913C356BC56613EE39A76810B666 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll [2008-04-14 17:09:26 | 001,572,352 | ---- | M] (Microsoft Corporation) MD5=4DC57C2978F95EBB8433EFE78CADAAF2 -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll [2008-04-14 17:09:26 | 001,572,352 | ---- | M] (Microsoft Corporation) MD5=4DC57C2978F95EBB8433EFE78CADAAF2 -- C:\WINDOWS\system32\sfcfiles.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %SYSTEMDRIVE%\netlogon.dll /s /md5 > [2004-08-04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=8497920F143EE0089585BAF461E8FBA4 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2008-04-14 17:09:18 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=240859B5CD90F47A7E5FB83FFCD4D8E0 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008-04-14 17:09:18 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=240859B5CD90F47A7E5FB83FFCD4D8E0 -- C:\WINDOWS\system32\netlogon.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %SYSTEMDRIVE%\atapi.sys /s /md5 > [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 < End of report > Envio o log extras.txt OTL Extras logfile created on: 21-06-2010 21:29:13 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\user\Ambiente de trabalho Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 502,00 Mb Total Physical Memory | 108,00 Mb Available Physical Memory | 21,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programas Drive C: | 50,11 Gb Total Space | 32,63 Gb Free Space | 65,11% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 1,92 Gb Total Space | 0,42 Gb Free Space | 21,90% Space Free | Partition Type: FAT Drive F: | 960,09 Mb Total Space | 282,26 Mb Free Space | 29,40% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 24,42 Gb Total Space | 13,76 Gb Free Space | 56,35% Space Free | Partition Type: NTFS Computer Name: SANDRA-SANTOS Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Programas\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Programas\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programas\MSN Messenger\msncall.exe" = C:\Programas\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found "C:\Programas\Microsoft ActiveSync\rapimgr.exe" = C:\Programas\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation) "C:\Programas\Microsoft ActiveSync\wcescomm.exe" = C:\Programas\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation) "C:\Programas\Microsoft ActiveSync\WCESMgr.exe" = C:\Programas\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation) "C:\Programas\MSN Messenger\livecall.exe" = C:\Programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programas\iTunes\iTunes.exe" = C:\Programas\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.) "C:\Programas\EA GAMES\The Battle for Middle-earth \game.dat" = C:\Programas\EA GAMES\The Battle for Middle-earth \game.dat:*:Enabled:The Battle for Middle-earth -- File not found "C:\Programas\MSN Messenger\msncall.exe" = C:\Programas\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found "C:\Programas\Microsoft ActiveSync\rapimgr.exe" = C:\Programas\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation) "C:\Programas\Microsoft ActiveSync\wcescomm.exe" = C:\Programas\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation) "C:\Programas\Microsoft ActiveSync\WCESMgr.exe" = C:\Programas\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation) "C:\Programas\MSN Messenger\livecall.exe" = C:\Programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation) "X:\Jogos\Sports Interactive\Football Manager 2008\fm.exe" = X:\Jogos\Sports Interactive\Football Manager 2008\fm.exe:*:Enabled:Football Manager 2008 -- (Sports Interactive) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{06ECCCF4-9295-468E-851C-9529A7C181E8}" = HP User Guides 0001 "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module "{0D70FCFE-2102-4951-A56E-22DD07DFA5B6}" = Microsoft .NET Framework 1.1 Portuguese Language Pack "{0E484A60-A429-49A8-982C-D6475F1E80A9}" = HPIZplus450 "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare "{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus "{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 13 "{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1 "{28CFF19D-B92C-4109-A427-F75505E81688}" = cp_dwSharkTaleAlbums1 "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg "{2A8E3688-9FBA-42DE-AE6F-EAF0851A4090}" = Dossier Digital - Spotlight 1 7.º "{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus G "{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{31B6A07C-22C2-4E8C-B891-308211C14067}" = OXD Software Movie Organizer v2.7.0 BETA2 "{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0 "{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11 "{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}" = HP Image Zone Plus 4.8.5 "{350C9816-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FCD82D-1CED-436d-B33C-874EEC666D68}" = cp_dwSharkTaleCards1 "{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour "{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology "{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant "{44E5B47F-870E-4E38-A458-8A5FC4DCFECF}" = ImageMixer for HDD Camcorder "{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport "{55508A44-8225-47AB-9666-1F57A5B5CE2E}" = CP_PLSBusinessFlyers "{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone "{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects "{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1 "{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland "{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.1.0.18 "{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1 "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = TIxx21 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90280816-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional com FrontPage "{90510409-6D54-11D4-BEE3-00C04F990354}" = Microsoft Visio Professional 2002 [English] "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync "{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects "{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config "{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3 "{A900E37C-AAE3-44FB-8EE7-7E61F7087CE7}" = SnagIt 8 "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module "{AC76BA86-7AD7-1046-7B44-A93000000001}" = Adobe Reader 9.3.2 - Português "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min "{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter "{BE20E2F5-1903-4AAE-B1AF-2046E586C925}" = iTunes "{BE9880CD-73A9-4EFD-83E5-4BB38D48E2BD}" = Impressão HP Smart Web "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help "{C4A978A3-CAE4-4856-89D5-696498A7B8F7}" = HPODiscovery "{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd "{C93369CB-B4E9-E095-9289-E6B5AE942070}" = Nero 7 Demo "{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery "{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B2 "{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm "{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{EE2DEE0A-7D66-45C8-BB17-EA0DDD7795F4}" = Windows Live Messenger "{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100 "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall "{F652D238-5F29-42D5-BAF3-0115EF977EC2}" = Windows Live Sign-in Assistant "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0 "{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates "{FC888095-A35E-4993-A9E0-366BF6F0CCE0}" = ArcSoft PhotoImpression 5 "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status "{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ant Movie Catalog_is1" = Ant Movie Catalog "avast5" = avast! Free Antivirus "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter "BSPlayer1" = BSPlayer "CCleaner" = CCleaner "CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3080103C" = Soft Data Fax Modem with SmartCP "Conexant PCI Audio" = Conexant AC-Link Audio "Creative PD0630" = Creative WebCam Live! Driver (1.00.06.0414) "Creative WebCam Center" = Creative WebCam Center "Creative WebCam Live! User's Guide English" = Creative WebCam Live! User's Guide (English) "DVD Audio Extractor_is1" = DVD Audio Extractor 3.3.3 "DVD Shrink_is1" = DVD Shrink 3.2 "DVDFab Platinum_is1" = DVDFab Platinum 2.70 "eBoostr 1" = eBoostr 2 "Football Manager 2008" = Football Manager 2008 "Google Earth Pro Patch_is1" = Google Earth Pro version 3.0.XXXX (beta) Patch Files "Handy Recovery 1.0" = Handy Recovery 1.0 "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photo & Imaging" = HP Image Zone 4.8.5 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0 "HPExtendedCapabilities" = HP Customer Participation Program 9.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 "InstallShield_{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = Texas Instruments PCIxx21/x515 drivers. "InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}" = iTunes "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15) "Nikon FotoShare" = Nikon FotoShare "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Photo Viewer" = Photo Viewer 2.3 "Picasa2" = Picasa 2 "QuickTime" = QuickTime "ScrapBook 5.1.9" = ScrapBook 5.1.9 "ShockwaveFlash" = Macromedia Flash Player 8 "software SAPO" = software SAPO "SynTPDeinstKey" = Synaptics Pointing Device Driver "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Windows Media Player 10 "Windows Mobile Device Handbook" = Recursos Windows Mobile "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dr. DivX 2.0 OSS" = Dr. DivX 2.0 OSS ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 17-11-2007 6:25:34 | Computer Name = SANDRA-SANTOS | Source = avast! | ID = 33554522 Description = Error - 17-11-2007 6:25:34 | Computer Name = SANDRA-SANTOS | Source = avast! | ID = 33554522 Description = Error - 17-11-2007 6:25:34 | Computer Name = SANDRA-SANTOS | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 17-06-2010 18:52:43 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080 Description = Ocorreu uma falha na actualização automática do número de sequência da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com o erro: Esta operação foi devolvida porque o tempo limite expirou. Error - 17-06-2010 18:52:44 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131083 Description = Ocorreu uma falha na extracção da lista de raiz de terceiros do cab de actualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com o erro: Um certificado necessário não está no seu período de validade ao ser verificado contra o relógio do sistema actual ou a assinatura de data/hora no ficheiro assinado. Error - 17-06-2010 18:52:44 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080 Description = Ocorreu uma falha na actualização automática do número de sequência da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com o erro: O servidor especificado não pode efectuar a operação pedida. Error - 17-06-2010 18:52:50 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131083 Description = Ocorreu uma falha na extracção da lista de raiz de terceiros do cab de actualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com o erro: Um certificado necessário não está no seu período de validade ao ser verificado contra o relógio do sistema actual ou a assinatura de data/hora no ficheiro assinado. Error - 17-06-2010 18:52:50 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080 Description = Ocorreu uma falha na actualização automática do número de sequência da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com o erro: O servidor especificado não pode efectuar a operação pedida. Error - 17-06-2010 18:52:50 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131083 Description = Ocorreu uma falha na extracção da lista de raiz de terceiros do cab de actualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com o erro: Um certificado necessário não está no seu período de validade ao ser verificado contra o relógio do sistema actual ou a assinatura de data/hora no ficheiro assinado. Error - 17-06-2010 18:52:50 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080 Description = Ocorreu uma falha na actualização automática do número de sequência da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com o erro: O servidor especificado não pode efectuar a operação pedida. Error - 17-06-2010 18:52:51 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080 Description = Ocorreu uma falha na actualização automática do número de sequência da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com o erro: Esta operação foi devolvida porque o tempo limite expirou. Error - 17-06-2010 18:52:51 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131083 Description = Ocorreu uma falha na extracção da lista de raiz de terceiros do cab de actualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com o erro: Um certificado necessário não está no seu período de validade ao ser verificado contra o relógio do sistema actual ou a assinatura de data/hora no ficheiro assinado. Error - 17-06-2010 18:52:51 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080 Description = Ocorreu uma falha na actualização automática do número de sequência da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com o erro: O servidor especificado não pode efectuar a operação pedida. [ System Events ] Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151 Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso. Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151 Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso. Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151 Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso. Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151 Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso. Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151 Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso. Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151 Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso. Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151 Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso. Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151 Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso. Error - 21-06-2010 14:45:17 | Computer Name = SANDRA-SANTOS | Source = Service Control Manager | ID = 7000 Description = O serviço General Purpose USB Driver (adildr.sys) falhou o arranque devido ao seguinte erro: %%1058 Error - 21-06-2010 14:45:17 | Computer Name = SANDRA-SANTOS | Source = Service Control Manager | ID = 7000 Description = O serviço Serviço do Auto-Protect do Norton AntiVirus falhou o arranque devido ao seguinte erro: %%2 < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 21, 2010 Boa Noite! mcfistu <@> Execute o OTL.exe. <@> Copie estas informações que estão na Quote,para o campo abaixo de: Exames Personalizados/Correções :filesC:\Documents and Settings\user\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini :otl O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - Reg Error: Value error. File not found O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found. O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13) O33 - MountPoints2\{18af04bc-67ed-11df-a26f-00c09fb05f61}\Shell\AutoRun\command - "" = F:\__DT\DT.exe -- File not found O33 - MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\Shell\AutoRun\command - "" = E:\LiberKey\LiberKey.exe -- File not found O33 - MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\Shell\Menu1\command - "" = E:\LiberKey\LiberKey.exe -- File not found O33 - MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\Shell - "" = AutoRun O33 - MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 :commands [purity] [emptyflash] [emptytemp] [Reboot] <@> Clique no botão Consertar --> Aguarde a conclusão! --> Executar! <@> Poste o relatório,que também estará na pasta: C:\_OTL\MovedFiles\*.log <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
mcfistu 0 Denunciar post Postado Junho 22, 2010 Boa noite Deixo aqui o logo pedido All processes killed ========== FILES ========== C:\Documents and Settings\user\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully. ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ not found. Registry value HKEY_USERS\S-1-5-21-861567501-1454471165-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18af04bc-67ed-11df-a26f-00c09fb05f61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18af04bc-67ed-11df-a26f-00c09fb05f61}\ not found. File F:\__DT\DT.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\ not found. File F:\LaunchU3.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\ not found. File E:\LiberKey\LiberKey.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\ not found. File E:\LiberKey\LiberKey.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\ not found. File E:\AutoRun.exe not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully. C:\WINDOWS\002779_.tmp deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. C:\WINDOWS\SET4.tmp deleted successfully. C:\WINDOWS\SET8.tmp deleted successfully. C:\WINDOWS\System32\CONFIG.TMP deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User User: LocalService User: NetworkService ->Flash cache emptied: 348 bytes User: user ->Flash cache emptied: 1229 bytes Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 10090296 bytes User: NetworkService ->Temp folder emptied: 1134036 bytes ->Temporary Internet Files folder emptied: 1110660 bytes ->Flash cache emptied: 0 bytes User: user ->Temp folder emptied: 43064419 bytes ->Temporary Internet Files folder emptied: 27034461 bytes ->Java cache emptied: 10680318 bytes ->FireFox cache emptied: 52996065 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4524333 bytes RecycleBin emptied: 766361 bytes Total Files Cleaned = 144,00 mb OTL by OldTimer - Version 3.2.6.1 log created on 06222010_210017 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found! Registry entries deleted on Reboot... Abraço Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 22, 2010 Boa Noite! mcfistu <@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 ) <@> Salve-a em Arquivos de programas! <@> Desabilite seu antivírus! <@> Para Windows Vista,tenha atributos de administrador,ao executar a ferramenta. <@> Instale e execute a ferramenta,com um duplo-clique em: < > <@> Nas opções da língua,escolha "PT-BR" --> Enter. <@> Escolha a opção 2: 2. Suppression des fichiers infectieux --> Aperte Enter. <@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... ) <@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok. <@> O computador irá reiniciar. <-- Aguarde! <@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta. <@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante! <@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter. <@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado. Abrços! Compartilhar este post Link para o post Compartilhar em outros sites
mcfistu 0 Denunciar post Postado Junho 23, 2010 Envio o log do usbfix ############################## | UsbFix 7.013 | [supressão] Usuário: user (Administrador) # SANDRA-SANTOS [ ] Atualizado em 21/06/10 por El Desaparecido / C_XX Começou em 21:48:25 | 23/06/2010 Site: http://pagesperso-orange.fr/NosTools/index.html Contato: FindyKill.Contact@gmail.com CPU: Intel® Pentium® M processor 1.60GHz Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall: Habilitado Antivirus: avast! Antivirus 5.0.83886625 [(!) Disabled | Updated] Firewall: Sygate Personal Firewall 4.6 [Enabled] RAM -> 502 Mb C:\ (%systemdrive%) -> Disco fixo # 50 Gb (32 Mb livre - 65%) [] # NTFS D:\ -> CD-ROM E:\ -> Disco removível # 2 Gb (431 Mb livre - 22%) [DOCS] # FAT F:\ -> Disco removível # 960 Mb (281 Mb livre - 29%) [uSBDISK] # FAT32 X:\ -> Disco fixo # 24 Gb (14 Mb livre - 56%) [sandra] # NTFS ################## | Ficheiros # pastas infeciosos | Supprimido ! C:\WINDOWS\system32\autorun.inf Supprimido ! C:\msvcr71.dll ################## | Registro | ################## | Mountpoints2 | ################## | Listing | [01/11/2007 - 11:51:26 | D ] C:\0eb31be77a145d5093f9814ce858f5 [04/11/2005 - 12:56:55 | A | 21620] C:\adobelog.txt [21/12/2009 - 20:33:16 | RSD ] C:\assembly [18/03/2003 - 20:05:50 | A | 89088] C:\atl71.dll [04/11/2005 - 12:33:40 | A | 0] C:\AUTOEXEC.BAT [15/11/2006 - 16:23:45 | D ] C:\bcbb0f5ed55766ded9f4432091 [13/09/2008 - 12:12:01 | RASH | 211] C:\boot.ini [04/08/2004 - 13:00:00 | RASH | 4952] C:\bootfont.bin [04/11/2005 - 13:24:05 | A | 90] C:\chpst.log [23/06/2010 - 19:04:25 | HD ] C:\Config.Msi [04/11/2005 - 12:33:40 | A | 0] C:\CONFIG.SYS [14/07/2006 - 21:08:12 | A | 227] C:\CtDrvIns.log [14/07/2006 - 21:08:43 | A | 3029] C:\CtDrvStp.log [27/08/2009 - 15:03:10 | D ] C:\d3254af65f5191f39ded16d2 [20/11/2005 - 10:52:16 | D ] C:\DateHack [04/11/2005 - 13:00:50 | A | 3223630] C:\DNSP1.LOG [01/03/2007 - 23:39:33 | D ] C:\Documents and Settings [26/12/2007 - 11:42:04 | D ] C:\Downloads [31/01/2007 - 21:01:03 | D ] C:\DVD [21/10/2007 - 11:23:40 | A | 8260] C:\dvdfabexpress_burn.log [21/10/2007 - 11:23:37 | D ] C:\DVDFabPlatinum_Temp [23/06/2010 - 19:04:58 | ASH | 526897152] C:\hiberfil.sys [04/11/2005 - 13:36:46 | D ] C:\hp [04/11/2005 - 13:04:20 | A | 171] C:\HSC.log [04/11/2005 - 12:33:40 | RASH | 0] C:\IO.SYS [17/01/2006 - 22:37:23 | D ] C:\LANG40 [18/03/2003 - 22:20:00 | A | 1060864] C:\mfc71.dll [18/03/2003 - 22:12:12 | A | 1047552] C:\mfc71u.dll [04/11/2005 - 13:16:02 | A | 196] C:\mscuxp.log [04/11/2005 - 12:33:40 | RASH | 0] C:\MSDOS.SYS [04/08/2004 - 13:00:00 | RASH | 47564] C:\NTDETECT.COM [27/09/2008 - 11:42:36 | RASH | 251120] C:\ntldr [23/06/2010 - 19:04:25 | ASH | 792723456] C:\pagefile.sys [23/06/2010 - 21:47:11 | D ] C:\Program Files [12/04/2010 - 22:47:57 | RD ] C:\Programas [23/06/2010 - 21:53:04 | SHD ] C:\RECYCLER [12/07/2006 - 21:55:26 | A | 194] C:\Setup.log [29/07/2007 - 20:23:16 | AH | 268] C:\sqmdata00.sqm [30/07/2007 - 21:04:19 | AH | 268] C:\sqmdata01.sqm [01/08/2007 - 13:30:51 | AH | 268] C:\sqmdata02.sqm [02/08/2007 - 20:12:44 | AH | 268] C:\sqmdata03.sqm [03/08/2007 - 13:56:06 | AH | 268] C:\sqmdata04.sqm [03/08/2007 - 20:54:38 | AH | 268] C:\sqmdata05.sqm [05/08/2007 - 11:51:04 | AH | 268] C:\sqmdata06.sqm [06/08/2007 - 20:58:53 | AH | 268] C:\sqmdata07.sqm [07/08/2007 - 20:48:45 | AH | 268] C:\sqmdata08.sqm [08/08/2007 - 21:11:53 | AH | 268] C:\sqmdata09.sqm [11/08/2007 - 12:10:02 | AH | 268] C:\sqmdata10.sqm [12/08/2007 - 12:07:51 | AH | 268] C:\sqmdata11.sqm [12/08/2007 - 16:55:50 | AH | 268] C:\sqmdata12.sqm [15/08/2007 - 19:37:10 | AH | 268] C:\sqmdata13.sqm [16/08/2007 - 18:38:40 | AH | 268] C:\sqmdata14.sqm [17/08/2007 - 09:22:22 | AH | 268] C:\sqmdata15.sqm [17/08/2007 - 09:29:09 | AH | 268] C:\sqmdata16.sqm [28/07/2007 - 12:28:27 | AH | 268] C:\sqmdata17.sqm [28/07/2007 - 21:19:05 | AH | 268] C:\sqmdata18.sqm [29/07/2007 - 12:55:57 | AH | 268] C:\sqmdata19.sqm [29/07/2007 - 20:23:16 | AH | 244] C:\sqmnoopt00.sqm [30/07/2007 - 21:04:18 | AH | 244] C:\sqmnoopt01.sqm [01/08/2007 - 13:30:51 | AH | 244] C:\sqmnoopt02.sqm [02/08/2007 - 20:12:44 | AH | 244] C:\sqmnoopt03.sqm [03/08/2007 - 13:56:06 | AH | 244] C:\sqmnoopt04.sqm [03/08/2007 - 20:54:38 | AH | 244] C:\sqmnoopt05.sqm [05/08/2007 - 11:51:04 | AH | 244] C:\sqmnoopt06.sqm [06/08/2007 - 20:58:53 | AH | 244] C:\sqmnoopt07.sqm [07/08/2007 - 20:48:45 | AH | 244] C:\sqmnoopt08.sqm [08/08/2007 - 21:11:53 | AH | 244] C:\sqmnoopt09.sqm [11/08/2007 - 12:10:02 | AH | 244] C:\sqmnoopt10.sqm [12/08/2007 - 12:07:51 | AH | 244] C:\sqmnoopt11.sqm [12/08/2007 - 16:55:50 | AH | 244] C:\sqmnoopt12.sqm [15/08/2007 - 19:37:10 | AH | 244] C:\sqmnoopt13.sqm [16/08/2007 - 18:38:40 | AH | 244] C:\sqmnoopt14.sqm [17/08/2007 - 09:22:22 | AH | 244] C:\sqmnoopt15.sqm [17/08/2007 - 09:29:09 | AH | 244] C:\sqmnoopt16.sqm [28/07/2007 - 12:28:27 | AH | 244] C:\sqmnoopt17.sqm [28/07/2007 - 21:19:05 | AH | 244] C:\sqmnoopt18.sqm [29/07/2007 - 12:55:57 | AH | 244] C:\sqmnoopt19.sqm [16/12/2007 - 19:58:32 | A | 1257] C:\sti.log [04/11/2005 - 13:20:54 | A | 20928] C:\sunjava.log [04/11/2005 - 13:12:15 | D ] C:\SWSetup [04/11/2005 - 12:52:26 | A | 198] C:\syntp.log [20/11/2005 - 10:33:47 | SHD ] C:\System Volume Information [04/11/2005 - 12:56:33 | D ] C:\SYSTEM.SAV [04/11/2005 - 12:45:12 | A | 32] C:\ticrdbus.log [24/01/2006 - 12:40:57 | A | 95232] C:\trabalho de tradução.doc [23/06/2010 - 21:53:04 | D ] C:\UsbFix [23/06/2010 - 21:53:05 | A | 1068] C:\UsbFix.txt [22/06/2010 - 21:00:54 | D ] C:\WINDOWS [17/11/2007 - 11:30:40 | AH | 21424] C:\_NavCClt.Log [22/06/2010 - 21:00:17 | D ] C:\_OTL [20/11/2005 - 13:24:42 | A | 1159] C:\_Sid.txt [23/06/2010 - 21:43:32 | ASH | 1610612736] E:\eboostr.dat [10/01/2009 - 11:14:34 | D ] F:\Software [18/06/2010 - 17:27:12 | D ] F:\Portable PCBooster 5.1 [21/06/2010 - 11:30:24 | A | 296] F:\WMPInfo.xml [04/06/2007 - 14:26:14 | RD ] F:\Documents [18/08/2009 - 15:33:45 | D ] X:\Album Fotos [27/09/2008 - 19:25:57 | D ] X:\DIVX [12/07/2009 - 11:58:00 | D ] X:\Documentos [12/07/2009 - 13:37:55 | D ] X:\Documentos Chris [27/09/2008 - 19:26:05 | D ] X:\DVD [17/04/2010 - 16:41:01 | D ] X:\Escolas [13/09/2008 - 20:10:19 | D ] X:\Jogos [26/03/2007 - 00:13:09 | D ] X:\ofertas de escola [04/04/2010 - 09:38:33 | D ] X:\Programas [23/06/2010 - 21:53:04 | SHD ] X:\RECYCLER [18/10/2009 - 10:56:12 | D ] X:\sandra [07/12/2006 - 13:41:15 | SHD ] X:\System Volume Information [17/01/2008 - 15:12:08 | D ] X:\temp ################## | Vaccin | C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) E:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) F:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) X:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) ################## | Upload | Favor enviar o arquivo: C:\UsbFix_Upload_Me_SANDRA-SANTOS.zip http://chiquitine.changelog.fr/Sample/Upload.php Obrigado pela sua contribuição. ################## | E.O.F | Envio o log do Hijack this Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:55:56, on 23-06-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Sygate\SPF\smc.exe C:\Programas\Alwil Software\Avast5\AvastSvc.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\Programas\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\spoolsv.exe C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\msiexec.exe C:\HI ijack This\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programas\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programas\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Ver HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programas\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [synTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe" /Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [smcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHEI~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programas\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM') O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: eBoostr Control Panel.lnk = X:\Programas\eBoostr\eBoostrCP.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176752437921 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_13) - O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.5.0) - O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - X:\Programas\eBoostr\EBstrSvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programas\HPQ\shared\hpqwmi.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe O23 - Service: Serviço do Auto-Protect do Norton AntiVirus (navapsvc) - Unknown owner - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe -- End of file - 9637 bytes Abraços Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 23, 2010 Boa Noite! mcfistu <@> Baixe: < JavaRa > <@> Tire-o do zip! <@> Dê um duplo-clique no JavaRa.exe --> Clique em Search For Updates. <@> Selecione a opção Update Using jucheck.exe --> Clique no botão Search. <@> Se estiver atualizado,receberá um aviso confirmando a última versão. <@> Caso contrário,aguarde a nova versão do Java ser baixada e instalada. <@> Clique no botão "Remove Older Versions" --> Aguarde! 000000000000000000000 ooooooooooooooooooooo <@> Baixe: < PureRa15Binary.zip > ( ...by Paul McLain & Fred de Vries ) <!> Link - 2 < > <@> Salve-o no desktop! <-- Tire-o do zip! <@> Execute: PureRa.exe --> Clique em Clean. <@> Marque a opção: "Check All" < > <@> Clique no botão Clean Selected --> Aguarde! <@> Terminando ( Finished ),clique em Exit. <@> Poste o relatório: PureRa.txt <-- <@> Poste,também,HijackThis atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
mcfistu 0 Denunciar post Postado Julho 1, 2010 Deixo o log do pureRa.exe RaProducts' PureRa v1.5 Log created at 21:36 on 01/07/2010 (user) C:\Config.MSI emptied. C:\WINDOWS\system32\FNTCACHE.DAT <- Successfully deleted. Recycle bin emptied. C:\Programas\Spybot - Search & Destroy\Updates\advcheck165.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\clsid.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\includes.dialer.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\includes.hijackers.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\includes.keyloggers.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\includes.malware.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\includes.spybots.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\includes.trojans.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\includes.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\supplemental.zip <- Successfully deleted. C:\Programas\Spybot - Search & Destroy\Updates\teatimer166.zip <- Successfully deleted. C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs emptied. C:\WINDOWS\SoftwareDistribution\DataStore\Logs emptied. C:\WINDOWS\SoftwareDistribution\Download emptied. C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default emptied. C:\WINDOWS\SoftwareDistribution\WuRedir emptied. C:\WINDOWS\SoftwareDistribution\ReportingEvents.log <- O processo não pode aceder ao ficheiro porque este está a ser utilizado por outro processo. C:\DOCUME~1\user\DEFINI~1\Temp emptied. C:\WINDOWS\TEMP emptied. C:\WINDOWS\$MSI31Uninstall_KB893803v2$ <- Successfully deleted. C:\WINDOWS\$NtServicePackUninstall$ <- Successfully deleted. C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ <- Successfully deleted. C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB873333$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB873339$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB884575$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB885250$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB885464$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB885835$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB885836$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB885855$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB885884$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB886185$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB887472$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB887742$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB888113$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB888239$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB888302$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB890046$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB890047$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB890175$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB890859$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB891781$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB893066$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB893756$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB894391$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB894476$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB896358$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB896422$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB896423$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB896424$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB896428$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB898461$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB899587$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB899591$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB900485$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB900725$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB901017$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB901214$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB902400$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB904706$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB904942$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB905414$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB905749$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB905915$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB907371-V2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB908519$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB908531$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB909394$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB910437$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911280$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911562$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911564$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911565$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911567$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB911927$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB912812$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB912919$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB913446$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB913580$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB914388$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB914389$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB914440$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB915865$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB916281$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB916595$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917159$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917344$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917422$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917734_WMP10$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB917953$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB918118$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB918439$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB918899$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB919007$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920213$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920214$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920670$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920683$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920685$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB920872$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB921398$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB921503$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB921883$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB922582$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB922616$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB922760$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB922819$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923191$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923414$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923561$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923689$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923694$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB923980$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB924191$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB924270$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB924496$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB924667$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB925398_WMP64$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB925454$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB925486$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB925902$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB926255$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB926436$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB927779$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB927802$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB927891$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB928090$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB928255$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB928843$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB929123$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB929338$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB929969$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB930178$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB930916$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB931261$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB931784$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB931836$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB932168$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB932168_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB932823-v3$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB933360$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB933729$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB935839$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB935840$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB936021$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB936357$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB936782_WMP10$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB938464$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB938464-v2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB938464_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB938828$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB938829$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941202$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941568$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941569$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941644$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB941693$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB942763$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB943055$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB943460$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB943485$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB944653$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB945553$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB946026$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB946648$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB946648_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB948590$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB948881$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950749$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950760$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950762$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950762_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950974$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB950974_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951066$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951066_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951072-v2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376-v2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376-v2_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951376_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951698$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951698_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951748$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951748_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB951978$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952004$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952069_WM9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952287$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952287_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952954$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB952954_0$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB953839$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954155_WM9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954211$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954459$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB954600$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB955069$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB955759$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB955839$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956391$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956572$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956744$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956802$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956803$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956841$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB956844$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB957095$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB957097$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB958644$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB958687$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB958690$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB958869$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB959426$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB960225$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB960715$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB960803$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB960859$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961118$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961371$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961373$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB961501$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB967715$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB968389$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB968537$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB968816_WM9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB969059$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB969898$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB969947$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB970238$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB970430$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB970653-v3$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971468$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971486$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971557$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971633$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971657$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB971737$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB972270$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973346$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973354$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973507$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973525$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973540_WM9$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973687$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973815$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973869$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB973904$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB974112$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB974318$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB974392$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB974571$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975025$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975467$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975560$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975561$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB975713$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB976098-v2$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB977165$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB977816$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB977914$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978037$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978251$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978262$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978338$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978542$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978601$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB978706$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB979306$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB979309$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB979683$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB980232$ <- Successfully deleted. C:\WINDOWS\$NtUninstallKB981793$ <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\mofcomp.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemcore.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemcore.lo_ <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemess.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemess.lo_ <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemprox.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wbemprox.lo_ <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\WinMgmt.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wmiadap.log <- Successfully deleted. C:\WINDOWS\system32\wbem\Logs\wmiprov.log <- Successfully deleted. C:\sqmdata00.sqm <- Successfully deleted. C:\sqmdata01.sqm <- Successfully deleted. C:\sqmdata02.sqm <- Successfully deleted. C:\sqmdata03.sqm <- Successfully deleted. C:\sqmdata04.sqm <- Successfully deleted. C:\sqmdata05.sqm <- Successfully deleted. C:\sqmdata06.sqm <- Successfully deleted. C:\sqmdata07.sqm <- Successfully deleted. C:\sqmdata08.sqm <- Successfully deleted. C:\sqmdata09.sqm <- Successfully deleted. C:\sqmdata10.sqm <- Successfully deleted. C:\sqmdata11.sqm <- Successfully deleted. C:\sqmdata12.sqm <- Successfully deleted. C:\sqmdata13.sqm <- Successfully deleted. C:\sqmdata14.sqm <- Successfully deleted. C:\sqmdata15.sqm <- Successfully deleted. C:\sqmdata16.sqm <- Successfully deleted. C:\sqmdata17.sqm <- Successfully deleted. C:\sqmdata18.sqm <- Successfully deleted. C:\sqmdata19.sqm <- Successfully deleted. C:\sqmnoopt00.sqm <- Successfully deleted. C:\sqmnoopt01.sqm <- Successfully deleted. C:\sqmnoopt02.sqm <- Successfully deleted. C:\sqmnoopt03.sqm <- Successfully deleted. C:\sqmnoopt04.sqm <- Successfully deleted. C:\sqmnoopt05.sqm <- Successfully deleted. C:\sqmnoopt06.sqm <- Successfully deleted. C:\sqmnoopt07.sqm <- Successfully deleted. C:\sqmnoopt08.sqm <- Successfully deleted. C:\sqmnoopt09.sqm <- Successfully deleted. C:\sqmnoopt10.sqm <- Successfully deleted. C:\sqmnoopt11.sqm <- Successfully deleted. C:\sqmnoopt12.sqm <- Successfully deleted. C:\sqmnoopt13.sqm <- Successfully deleted. C:\sqmnoopt14.sqm <- Successfully deleted. C:\sqmnoopt15.sqm <- Successfully deleted. C:\sqmnoopt16.sqm <- Successfully deleted. C:\sqmnoopt17.sqm <- Successfully deleted. C:\sqmnoopt18.sqm <- Successfully deleted. C:\sqmnoopt19.sqm <- Successfully deleted. C:\Documents and Settings\All Users\Documentos\As minhas imagens\Exemplos de imagens\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Definições locais\Application Data\IconCache.db <- Successfully deleted. C:\Documents and Settings\user\Definições locais\Application Data\Google\Picasa2\db2\thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\As minhas imagens\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\As minhas imagens\Sample Images\Flower\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\As minhas imagens\Sample Images\Nature\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\As minhas imagens\Sample Images\Travel\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2008-05 (Mai)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2008-12 (Dez)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2009-02 (Fev)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2009-03 (Mar)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2009-04 (Abr)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-01 (Jan)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-03 (Mar)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-04 (Abr)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-05 (Mai)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-06 (Jun)\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\Pasta de trocas do Bluetooth\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\PrintScreen Files\Thumbs.db <- Successfully deleted. C:\Documents and Settings\user\Os meus documentos\SnagIt Catalog\Thumbs.db <- Successfully deleted. C:\DVD\Thumbs.db <- Successfully deleted. C:\Programas\Ant Movie Catalog\Toolbars\Thumbs.db <- Successfully deleted. C:\Programas\Hp\Digital Imaging\Skins\oov1\tj\Thumbs.db <- Successfully deleted. C:\Programas\InterVideo\WinDVD\Skins\WinDVD 5\Language Subpanel\Thumbs.db <- Successfully deleted. C:\Programas\software SAPO\Thumbs.db <- Successfully deleted. C:\Programas\software SAPO\plugins\AddrBookUIPlugin\Thumbs.db <- Successfully deleted. C:\Programas\software SAPO\plugins\CallUIPlugin\Thumbs.db <- Successfully deleted. C:\Programas\software SAPO\plugins\SMSUIPlugin\Thumbs.db <- Successfully deleted. C:\Programas\software SAPO\plugins\StatusBarMgrPlugin\Thumbs.db <- Successfully deleted. C:\Programas\software SAPO\plugins\XFramePlugin\Thumbs.db <- Successfully deleted. C:\WINDOWS\Thumbs.db <- Successfully deleted. Total space cleaned: 1083063985 bytes -=E.O.F=- Deixo o log do HiJack This Actualizado Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:42:44, on 01-07-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Sygate\SPF\smc.exe C:\Programas\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\Programas\Synaptics\SynTP\SynTPLpr.exe C:\Programas\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\hkcmd.exe C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe C:\Programas\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe C:\Programas\HP\HP Software Update\HPWuSchd2.exe C:\Programas\Windows Defender\MSASCui.exe C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programas\Spybot - Search & Destroy\TeaTimer.exe C:\Programas\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Programas\Software WIDCOMM\Bluetooth\BTTray.exe X:\Programas\eBoostr\eBoostrCP.exe C:\WINDOWS\system32\spoolsv.exe C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe X:\Programas\eBoostr\EBstrSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programas\HPQ\shared\hpqwmi.exe C:\PROGRA~1\SOFTWA~1\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\taskmgr.exe C:\Programas\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe E:\Software\Hijack This\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programas\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programas\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Ver HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programas\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [synTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe" /Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [smcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHEI~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programas\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM') O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: eBoostr Control Panel.lnk = X:\Programas\eBoostr\eBoostrCP.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176752437921 O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.5.0) - O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - X:\Programas\eBoostr\EBstrSvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programas\HPQ\shared\hpqwmi.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe O23 - Service: Serviço do Auto-Protect do Norton AntiVirus (navapsvc) - Unknown owner - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe -- End of file - 10291 bytes Um abraço Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Agosto 2, 2010 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
