Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

mcfistu

[Arquivado] PC Lento

Recommended Posts

Ultimamente o PC tem ficado bastante lento a arrancar demora uns 15 minutos até acabar de iniciar os processos. Também demora a entrar nas aplicações.

 

O meu antivirus não detecta nada.

 

Gostava que me ajudassem a resolver este problema.

Muito Obrigado.

Mcfistu

 

Deixo aqui o log do Hijack This

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:45:17, on 17-06-2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Programas\Sygate\SPF\smc.exe

C:\Programas\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\Synaptics\SynTP\SynTPLpr.exe

C:\Programas\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe

C:\Programas\Java\jre6\bin\jusched.exe

C:\Programas\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Programas\HP\HP Software Update\HPWuSchd2.exe

C:\Programas\Windows Defender\MSASCui.exe

C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe

C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe

C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Programas\Microsoft ActiveSync\wcescomm.exe

C:\PROGRA~1\MICROS~3\rapimgr.exe

C:\Programas\Software WIDCOMM\Bluetooth\BTTray.exe

X:\Programas\eBoostr\eBoostrCP.exe

C:\PROGRA~1\SOFTWA~1\BLUETO~1\BTSTAC~1.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

X:\Programas\eBoostr\EBstrSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\msiexec.exe

C:\Programas\HPQ\shared\hpqwmi.exe

E:\Software\Hijack This\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programas\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programas\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Ver HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programas\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [synTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe" /Start

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [smcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHEI~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programas\Microsoft ActiveSync\wcescomm.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: eBoostr Control Panel.lnk = X:\Programas\eBoostr\eBoostrCP.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176752437921

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - X:\Programas\eBoostr\EBstrSvc.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programas\HPQ\shared\hpqwmi.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe

O23 - Service: Serviço do Auto-Protect do Norton AntiVirus (navapsvc) - Unknown owner - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe

 

--

End of file - 10444 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! mcfistu

 

<@> Baixe: < OTL > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

<@> Clique duplo em: < otlDesktopIcon.png >

<@> Ps: Sigamos,agora,com sua configuração!

 

<!> 1 - Em "Saída",deixe marcado o botão "Resumida".

<!> 2 - Marque as caixas: Verificar All Users e Incluir Verificação 64bit <-- Ps: Caso o SO seja 64 bit!

<!> 3 - Processos: Usar SafeList <-- Marque!

<!> 4 - Módulos: Usar SafeList <-- Marque!

<!> 5 - Serviços: Usar SafeList <-- Marque!

<!> 6 - Drivers: Usar SafeList <-- Marque!

<!> 7 - Exame Padrão do Registro: Usar SafeList <-- Marque!

<!> 8 - Exame Extra do Registro: Usar SafeList <-- Marque!

<!> 9 - Verificação de Arquivos:

 

<!> Data de Criação >> Escolha: 14 dias

 

<!> Marque: Usar WhiteList para Nomes de Companhias

<!> Marque: Ignorar Arquivos Microsoft

 

<!> 10 - Arquivos Criados Desde:

 

<!> Marque: Data de Criação

 

<!> 11 - Arquivos Modificados Desde:

 

<!> Marque: Data de Criação

<!> Marque as caixas:

 

[] Verificar Lop

[] Verificar Purity

 

<@> Ps: Sugiro que imprima estas orientações,para posterior leitura.

 

netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%SYSTEMDRIVE%\*.exe%SYSTEMDRIVE%\eventlog.dll /s /md5%SYSTEMDRIVE%\scecli.dll /s /md5%SYSTEMDRIVE%\sfcfiles.dll /s /md5%SYSTEMDRIVE%\netlogon.dll /s /md5%SYSTEMDRIVE%\atapi.sys /s /md5CREATERESTOREPOINT

<@> Ps: Copie e cole estas informações,que estão no Code,para o campo abaixo de: Exames Personalizados/Correções

<@> Clique em: Verificar --> Aguarde!

<@> Concluindo,poste:

 

<!> <1> OTL.txt <--

<!> <2> Extras.txt <--

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Envio o log OTL.txt

 

OTL logfile created on: 21-06-2010 21:29:13 - Run 1

OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\user\Ambiente de trabalho

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy

 

502,00 Mb Total Physical Memory | 108,00 Mb Available Physical Memory | 21,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free

Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programas

Drive C: | 50,11 Gb Total Space | 32,63 Gb Free Space | 65,11% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 1,92 Gb Total Space | 0,42 Gb Free Space | 21,90% Space Free | Partition Type: FAT

Drive F: | 960,09 Mb Total Space | 282,26 Mb Free Space | 29,40% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive X: | 24,42 Gb Total Space | 13,76 Gb Free Space | 56,35% Space Free | Partition Type: NTFS

 

Computer Name: SANDRA-SANTOS

Current User Name: user

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\user\Ambiente de trabalho\OTL.exe (OldTimer Tools)

PRC - C:\Programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

PRC - C:\Programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

PRC - X:\Programas\eBoostr\eBoostrCP.exe (eBoostr.com)

PRC - C:\Programas\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

PRC - X:\Programas\eBoostr\EBstrSvc.exe (eBoostr.com)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Programas\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)

PRC - C:\Programas\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)

PRC - C:\Programas\Windows Defender\MSASCui.exe (Microsoft Corporation)

PRC - C:\Programas\Windows Defender\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)

PRC - C:\Programas\HPQ\Quick Launch Buttons\eabservr.exe (Hewlett-Packard )

PRC - C:\Programas\Software WIDCOMM\Bluetooth\BTTray.exe (Broadcom Corporation.)

PRC - C:\Programas\Software WIDCOMM\Bluetooth\BTStackServer.exe (Broadcom Corporation.)

PRC - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe (Broadcom Corporation.)

PRC - C:\Programas\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

PRC - C:\Programas\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

PRC - C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\user\Ambiente de trabalho\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\Programas\Software WIDCOMM\Bluetooth\BTKeyInd.dll ()

MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)

MOD - C:\WINDOWS\system32\SSSensor.dll (Sygate Technologies, Inc.)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (navapsvc) -- File not found

SRV - (avast! Web Scanner) -- C:\Programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (avast! Mail Scanner) -- C:\Programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (avast! Antivirus) -- C:\Programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (EBOOSTRSVC) -- X:\Programas\eBoostr\EBstrSvc.exe (eBoostr.com)

SRV - (usnjsvc) -- C:\Programas\MSN Messenger\usnsvc.exe (Microsoft Corporation)

SRV - (WinDefend) -- C:\Programas\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SRV - (btwdins) -- C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe (Broadcom Corporation.)

SRV - (SmcService) -- C:\Programas\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)

DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)

DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)

DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)

DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)

DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (eBoost) -- C:\WINDOWS\system32\drivers\eBoost.sys (eBoostr.com)

DRV - (RT73) -- C:\WINDOWS\system32\drivers\Dr71WU.sys (Ralink Technology, Corp.)

DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.)

DRV - (adiusbaw) -- C:\WINDOWS\system32\drivers\adiusbaw.sys (Analog Devices Inc.)

DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)

DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.)

DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.)

DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)

DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )

DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)

DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)

DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)

DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)

DRV - (w29n51) Driver de conexão de rede Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)

DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)

DRV - (wg6n) -- C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys (Sygate Technologies, Inc.)

DRV - (wg5n) -- C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys (Sygate Technologies, Inc.)

DRV - (wg4n) -- C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys (Sygate Technologies, Inc.)

DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.)

DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.)

DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.)

DRV - (rtl8139) Controlador NT de placa Fast Ethernet baseada na Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)

DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Company)

DRV - (P0630VID) -- C:\WINDOWS\system32\drivers\P0630Vid.sys (Creative Technology Ltd.)

DRV - (ADILOADER) General Purpose USB Driver (adildr.sys) -- C:\WINDOWS\system32\drivers\adildr.sys (Analog Deivces)

DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Company)

DRV - (Usblink) -- C:\WINDOWS\system32\drivers\ulink.sys ()

DRV - (PQNTDrv) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys (PowerQuest Corporation)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-861567501-1454471165-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "about:blank"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

 

FF - HKLM\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Programas\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-07-12 14:40:15 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Programas\Mozilla Firefox\components [2009-11-21 16:55:51 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Programas\Mozilla Firefox\plugins [2010-04-16 23:39:44 | 000,000,000 | ---D | M]

 

[2009-06-17 22:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\mozilla\Extensions

[2010-04-04 12:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\mozilla\Firefox\Profiles\u35nsmjz.default\extensions

[2009-09-09 12:53:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\mozilla\Firefox\Profiles\u35nsmjz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009-06-17 22:34:04 | 000,000,000 | ---D | M] -- C:\Programas\Mozilla Firefox\extensions

[2009-09-25 12:54:06 | 000,001,525 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\amazon-en-GB.xml

[2009-09-25 12:54:06 | 000,001,529 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\priberam.xml

[2009-09-25 12:54:06 | 000,002,071 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\sapo.xml

[2009-09-25 12:54:06 | 000,000,942 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\wikipedia-ptpt.xml

[2009-09-25 12:54:06 | 000,000,648 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\yahoo-br.xml

 

O1 HOSTS File: ([2009-01-17 18:06:06 | 000,292,012 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 123topsearch.com

O1 - Hosts: 127.0.0.1 www.123topsearch.com

O1 - Hosts: 127.0.0.1 132.com

O1 - Hosts: 127.0.0.1 www.132.com

O1 - Hosts: 127.0.0.1 136136.net

O1 - Hosts: 127.0.0.1 www.136136.net

O1 - Hosts: 127.0.0.1 163ns.com

O1 - Hosts: 127.0.0.1 www.163ns.com

O1 - Hosts: 10053 more lines...

O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programas\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - Reg Error: Value error. File not found

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programas\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)

O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.

O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programas\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)

O3 - HKLM\..\Toolbar: (Ver HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)

O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\ShellBrowser: (Ver HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)

O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\WebBrowser: (Ver HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\Hp\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)

O4 - HKLM..\Run: [Adobe ARM] C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast5] C:\Programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

O4 - HKLM..\Run: [eabconfg.cpl] C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )

O4 - HKLM..\Run: [iSUSPM Startup] C:\Programas\Ficheiros comuns\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [iSUSScheduler] C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [smcService] C:\Programas\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

O4 - HKLM..\Run: [synTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Programas\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] X:\Programas\Picasa2\PicasaMediaDetector.exe (Google Inc.)

O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] X:\Programas\Picasa2\PicasaMediaDetector.exe (Google Inc.)

O4 - HKU\S-1-5-21-861567501-1454471165-839522115-1004..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe (Nero AG)

O4 - HKU\S-1-5-21-861567501-1454471165-839522115-1004..\Run: [H/PC Connection Agent] C:\Programas\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-861567501-1454471165-839522115-1004..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKU\S-1-5-21-861567501-1454471165-839522115-1004..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\BTTray.lnk = C:\Programas\Software WIDCOMM\Bluetooth\BTTray.exe (Broadcom Corporation.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\eBoostr Control Panel.lnk = X:\Programas\eBoostr\eBoostrCP.exe (eBoostr.com)

O4 - Startup: C:\Documents and Settings\Default User\Menu Iniciar\Programas\Arranque\AutoTBar.exe (Hewlett-Packard)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Programas\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm ()

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programas\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programas\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176752437921 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} http://update.hpphoto.com/download/HPSWUpdate.ocx (CUpdateCtl Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programas\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programas\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programas\Ficheiros comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (Broadcom Corporation.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()

O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - File not found

O24 - Desktop Components:0 (A minha home page actual) - About:Home

O24 - Desktop WallPaper:

O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Definições locais\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programas\Windows Defender\MpShHook.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programas\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005-11-04 12:33:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{18af04bc-67ed-11df-a26f-00c09fb05f61}\Shell\AutoRun\command - "" = F:\__DT\DT.exe -- File not found

O33 - MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\Shell\AutoRun\command - "" = E:\LiberKey\LiberKey.exe -- File not found

O33 - MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\Shell\Menu1\command - "" = E:\LiberKey\LiberKey.exe -- File not found

O33 - MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2005-11-04 12:33:00 | 000,000,000 | ---D | M]

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

 

MsConfig - StartUpReg: D-Link AirPlus G - hkey= - key= - C:\Programas\D-Link\AirPlus G\AirGCFG.exe (D-Link)

MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programas\iTunes\iTunesHelper.exe (Apple Computer, Inc.)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: WinDefend - C:\Programas\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: WinDefend - C:\Programas\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {0D70FCFE-2102-4951-A56E-22DD07DFA5B6} - .NET Framework

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Atribuição de dados HTML dinâmicos para Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Autoridade avançada

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes DirectAnimation Java

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Pastas Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Programador de tarefas

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)

Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)

Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corp.)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)

Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)

Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)

Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (16902109354000384)

 

========== Files/Folders - Created Within 14 Days ==========

 

[2010-06-21 21:24:03 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Ambiente de trabalho\OTL.exe

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 14 Days ==========

 

[2010-06-21 19:48:04 | 000,000,770 | ---- | M] () -- C:\WINDOWS\win.ini

[2010-06-21 19:46:49 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2010-06-21 19:45:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010-06-21 19:44:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-06-21 19:43:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-06-21 19:43:14 | 526,897,152 | -HS- | M] () -- C:\hiberfil.sys

[2010-06-21 16:43:37 | 009,699,328 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT

[2010-06-21 16:43:37 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini

[2010-06-21 15:38:25 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\user\Ambiente de trabalho\Microsoft Word.lnk

[2010-06-21 15:14:33 | 000,002,481 | ---- | M] () -- C:\Documents and Settings\user\Ambiente de trabalho\Microsoft Excel.lnk

[2010-06-21 11:27:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Ambiente de trabalho\OTL.exe

[2010-06-17 22:43:09 | 000,000,483 | ---- | M] () -- C:\Documents and Settings\user\Ambiente de trabalho\Atalho para HiJackThis.lnk

[2010-06-17 22:09:49 | 000,406,543 | ---- | M] () -- C:\WINDOWS\hpoins14.dat

[2010-06-17 22:05:36 | 000,151,464 | ---- | M] () -- C:\WINDOWS\hpoins14.dat.temp

[2010-06-10 14:15:27 | 000,162,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010-06-09 01:12:01 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010-06-09 00:58:25 | 001,061,474 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010-06-09 00:58:25 | 000,492,078 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat

[2010-06-09 00:58:25 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010-06-09 00:58:25 | 000,085,510 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat

[2010-06-09 00:58:25 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010-06-08 00:08:15 | 000,116,224 | ---- | M] () -- C:\Documents and Settings\user\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010-06-17 22:43:09 | 000,000,483 | ---- | C] () -- C:\Documents and Settings\user\Ambiente de trabalho\Atalho para HiJackThis.lnk

[2007-09-28 17:07:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2007-09-28 17:05:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest

[2007-09-28 17:05:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest

[2007-09-28 17:05:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2007-09-22 10:36:44 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll

[2007-09-22 10:36:44 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll

[2006-07-14 21:10:48 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI5_SETUP.ini

[2006-07-12 21:55:25 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini

[2006-07-12 21:55:01 | 000,001,039 | ---- | C] () -- C:\WINDOWS\adiras.ini

[2006-07-12 21:55:01 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini

[2006-07-12 21:54:50 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll

[2006-07-12 21:54:49 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll

[2006-06-03 19:02:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

[2006-04-22 15:05:50 | 000,040,060 | ---- | C] () -- C:\WINDOWS\System32\drivers\ulink.sys

[2006-04-22 11:37:39 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll

[2006-01-14 21:35:22 | 000,000,040 | ---- | C] () -- C:\WINDOWS\gsview32.ini

[2006-01-14 20:42:47 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll

[2005-11-29 21:51:36 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2005-11-20 10:43:04 | 000,000,413 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005-11-15 18:59:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005-11-04 13:04:19 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2005-11-04 13:01:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2005-11-04 13:01:28 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2005-11-04 13:01:28 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2005-11-04 13:01:28 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2005-11-04 13:01:28 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2005-11-04 13:01:28 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2005-02-12 09:33:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2004-11-29 20:44:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll

[2004-10-15 19:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll

[2004-07-03 22:08:04 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2004-07-03 21:59:06 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2004-01-13 19:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll

[2002-05-15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

[2001-11-23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest

[2001-11-14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[2001-10-29 14:51:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll

 

========== LOP Check ==========

 

[2010-02-07 23:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2010-06-21 21:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eboostr

[2006-01-03 18:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp

[2007-08-17 09:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith

[2007-09-22 11:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2007-09-22 10:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trojan Remover

[2006-01-03 18:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15

[2008-12-17 01:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}

[2005-11-20 17:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InterVideo

[2005-12-01 10:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Leadertech

[2008-12-21 11:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nikon

[2007-12-20 18:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Orphée Développement

[2008-01-02 12:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Pixela

[2007-09-22 10:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Simply Super Software

[2008-01-17 15:27:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sports Interactive

[2008-10-11 09:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Thinstall

[2008-06-09 20:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Vso

[2006-11-26 13:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\VSO_HWE

[2006-02-28 21:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Windows Desktop Search

[2006-02-28 11:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\XnView

[2010-06-21 19:46:49 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.exe >

 

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

[2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=9120FBFF941AA5C4F11079004C6C806D -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2008-04-14 17:09:08 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A1A19F168D212FF43B995875EED38A61 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008-04-14 17:09:08 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A1A19F168D212FF43B995875EED38A61 -- C:\WINDOWS\system32\eventlog.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %SYSTEMDRIVE%\scecli.dll /s /md5 >

[2004-08-04 13:00:00 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=0FFEDF47D37A47E507AB4663924484E5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

[2008-04-14 17:09:25 | 000,185,344 | ---- | M] (Microsoft Corporation) MD5=7A0D47C36AC0FBC7D1AE41DF2C9A6EF4 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008-04-14 17:09:25 | 000,185,344 | ---- | M] (Microsoft Corporation) MD5=7A0D47C36AC0FBC7D1AE41DF2C9A6EF4 -- C:\WINDOWS\system32\scecli.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %SYSTEMDRIVE%\sfcfiles.dll /s /md5 >

[2004-08-04 13:00:00 | 001,548,800 | ---- | M] (Microsoft Corporation) MD5=34C8913C356BC56613EE39A76810B666 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll

[2008-04-14 17:09:26 | 001,572,352 | ---- | M] (Microsoft Corporation) MD5=4DC57C2978F95EBB8433EFE78CADAAF2 -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll

[2008-04-14 17:09:26 | 001,572,352 | ---- | M] (Microsoft Corporation) MD5=4DC57C2978F95EBB8433EFE78CADAAF2 -- C:\WINDOWS\system32\sfcfiles.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >

[2004-08-04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=8497920F143EE0089585BAF461E8FBA4 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

[2008-04-14 17:09:18 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=240859B5CD90F47A7E5FB83FFCD4D8E0 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008-04-14 17:09:18 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=240859B5CD90F47A7E5FB83FFCD4D8E0 -- C:\WINDOWS\system32\netlogon.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %SYSTEMDRIVE%\atapi.sys /s /md5 >

[2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

< End of report >

 

 

Envio o log extras.txt

 

OTL Extras logfile created on: 21-06-2010 21:29:13 - Run 1

OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\user\Ambiente de trabalho

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy

 

502,00 Mb Total Physical Memory | 108,00 Mb Available Physical Memory | 21,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free

Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programas

Drive C: | 50,11 Gb Total Space | 32,63 Gb Free Space | 65,11% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 1,92 Gb Total Space | 0,42 Gb Free Space | 21,90% Space Free | Partition Type: FAT

Drive F: | 960,09 Mb Total Space | 282,26 Mb Free Space | 29,40% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive X: | 24,42 Gb Total Space | 13,76 Gb Free Space | 56,35% Space Free | Partition Type: NTFS

 

Computer Name: SANDRA-SANTOS

Current User Name: user

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Minimal

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_USERS\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

.url [@ = InternetShortcut] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Programas\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Programas\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Programas\MSN Messenger\msncall.exe" = C:\Programas\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found

"C:\Programas\Microsoft ActiveSync\rapimgr.exe" = C:\Programas\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"C:\Programas\Microsoft ActiveSync\wcescomm.exe" = C:\Programas\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"C:\Programas\Microsoft ActiveSync\WCESMgr.exe" = C:\Programas\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

"C:\Programas\MSN Messenger\livecall.exe" = C:\Programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Programas\iTunes\iTunes.exe" = C:\Programas\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)

"C:\Programas\EA GAMES\The Battle for Middle-earth \game.dat" = C:\Programas\EA GAMES\The Battle for Middle-earth \game.dat:*:Enabled:The Battle for Middle-earth -- File not found

"C:\Programas\MSN Messenger\msncall.exe" = C:\Programas\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found

"C:\Programas\Microsoft ActiveSync\rapimgr.exe" = C:\Programas\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"C:\Programas\Microsoft ActiveSync\wcescomm.exe" = C:\Programas\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"C:\Programas\Microsoft ActiveSync\WCESMgr.exe" = C:\Programas\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

"C:\Programas\MSN Messenger\livecall.exe" = C:\Programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)

"X:\Jogos\Sports Interactive\Football Manager 2008\fm.exe" = X:\Jogos\Sports Interactive\Football Manager 2008\fm.exe:*:Enabled:Football Manager 2008 -- (Sports Interactive)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{06ECCCF4-9295-468E-851C-9529A7C181E8}" = HP User Guides 0001

"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module

"{0D70FCFE-2102-4951-A56E-22DD07DFA5B6}" = Microsoft .NET Framework 1.1 Portuguese Language Pack

"{0E484A60-A429-49A8-982C-D6475F1E80A9}" = HPIZplus450

"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp

"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch

"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter

"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare

"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus

"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery

"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 13

"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1

"{28CFF19D-B92C-4109-A427-F75505E81688}" = cp_dwSharkTaleAlbums1

"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg

"{2A8E3688-9FBA-42DE-AE6F-EAF0851A4090}" = Dossier Digital - Spotlight 1 7.º

"{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus G

"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload

"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{31B6A07C-22C2-4E8C-B891-308211C14067}" = OXD Software Movie Organizer v2.7.0 BETA2

"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0

"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11

"{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}" = HP Image Zone Plus 4.8.5

"{350C9816-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{36FCD82D-1CED-436d-B33C-874EEC666D68}" = cp_dwSharkTaleCards1

"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour

"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy

"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics

"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology

"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant

"{44E5B47F-870E-4E38-A458-8A5FC4DCFECF}" = ImageMixer for HDD Camcorder

"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply

"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840

"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport

"{55508A44-8225-47AB-9666-1F57A5B5CE2E}" = CP_PLSBusinessFlyers

"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone

"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects

"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update

"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1

"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland

"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.1.0.18

"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01

"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01

"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1

"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder

"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = TIxx21

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90280816-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional com FrontPage

"{90510409-6D54-11D4-BEE3-00C04F990354}" = Microsoft Visio Professional 2002 [English]

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD

"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver

"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync

"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects

"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen

"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config

"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3

"{A900E37C-AAE3-44FB-8EE7-7E61F7087CE7}" = SnagIt 8

"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module

"{AC76BA86-7AD7-1046-7B44-A93000000001}" = Adobe Reader 9.3.2 - Português

"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant

"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min

"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter

"{BE20E2F5-1903-4AAE-B1AF-2046E586C925}" = iTunes

"{BE9880CD-73A9-4EFD-83E5-4BB38D48E2BD}" = Impressão HP Smart Web

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help

"{C4A978A3-CAE4-4856-89D5-696498A7B8F7}" = HPODiscovery

"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd

"{C93369CB-B4E9-E095-9289-E6B5AE942070}" = Nero 7 Demo

"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery

"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B2

"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader

"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center

"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm

"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext

"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox

"{EE2DEE0A-7D66-45C8-BB17-EA0DDD7795F4}" = Windows Live Messenger

"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100

"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer

"{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall

"{F652D238-5F29-42D5-BAF3-0115EF977EC2}" = Windows Live Sign-in Assistant

"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE

"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0

"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates

"{FC888095-A35E-4993-A9E0-366BF6F0CCE0}" = ArcSoft PhotoImpression 5

"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status

"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Ant Movie Catalog_is1" = Ant Movie Catalog

"avast5" = avast! Free Antivirus

"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter

"BSPlayer1" = BSPlayer

"CCleaner" = CCleaner

"CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3080103C" = Soft Data Fax Modem with SmartCP

"Conexant PCI Audio" = Conexant AC-Link Audio

"Creative PD0630" = Creative WebCam Live! Driver (1.00.06.0414)

"Creative WebCam Center" = Creative WebCam Center

"Creative WebCam Live! User's Guide English" = Creative WebCam Live! User's Guide (English)

"DVD Audio Extractor_is1" = DVD Audio Extractor 3.3.3

"DVD Shrink_is1" = DVD Shrink 3.2

"DVDFab Platinum_is1" = DVDFab Platinum 2.70

"eBoostr 1" = eBoostr 2

"Football Manager 2008" = Football Manager 2008

"Google Earth Pro Patch_is1" = Google Earth Pro version 3.0.XXXX (beta) Patch Files

"Handy Recovery 1.0" = Handy Recovery 1.0

"HijackThis" = HijackThis 2.0.2

"HP Imaging Device Functions" = HP Imaging Device Functions 9.0

"HP Photo & Imaging" = HP Image Zone 4.8.5

"HP Photosmart Essential" = HP Photosmart Essential 2.01

"HP Smart Web Printing" = HP Smart Web Printing

"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0

"HPExtendedCapabilities" = HP Customer Participation Program 9.0

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0

"InstallShield_{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = Texas Instruments PCIxx21/x515 drivers.

"InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}" = iTunes

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15)

"Nikon FotoShare" = Nikon FotoShare

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Photo Viewer" = Photo Viewer 2.3

"Picasa2" = Picasa 2

"QuickTime" = QuickTime

"ScrapBook 5.1.9" = ScrapBook 5.1.9

"ShockwaveFlash" = Macromedia Flash Player 8

"software SAPO" = software SAPO

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows Media Player" = Windows Media Player 10

"Windows Mobile Device Handbook" = Recursos Windows Mobile

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinRAR archiver" = WinRAR archiver

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-861567501-1454471165-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dr. DivX 2.0 OSS" = Dr. DivX 2.0 OSS

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 17-11-2007 6:25:34 | Computer Name = SANDRA-SANTOS | Source = avast! | ID = 33554522

Description =

 

Error - 17-11-2007 6:25:34 | Computer Name = SANDRA-SANTOS | Source = avast! | ID = 33554522

Description =

 

Error - 17-11-2007 6:25:34 | Computer Name = SANDRA-SANTOS | Source = avast! | ID = 33554522

Description =

 

[ Application Events ]

Error - 17-06-2010 18:52:43 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080

Description = Ocorreu uma falha na actualização automática do número de sequência

da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com o erro: Esta operação foi devolvida porque o tempo limite expirou.

 

Error - 17-06-2010 18:52:44 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131083

Description = Ocorreu uma falha na extracção da lista de raiz de terceiros do cab

de actualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

com o erro: Um certificado necessário não está no seu período de validade ao ser

verificado contra o relógio do sistema actual ou a assinatura de data/hora no ficheiro

assinado.

 

Error - 17-06-2010 18:52:44 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080

Description = Ocorreu uma falha na actualização automática do número de sequência

da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com o erro: O servidor especificado não pode efectuar a operação pedida.

 

Error - 17-06-2010 18:52:50 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131083

Description = Ocorreu uma falha na extracção da lista de raiz de terceiros do cab

de actualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

com o erro: Um certificado necessário não está no seu período de validade ao ser

verificado contra o relógio do sistema actual ou a assinatura de data/hora no ficheiro

assinado.

 

Error - 17-06-2010 18:52:50 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080

Description = Ocorreu uma falha na actualização automática do número de sequência

da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com o erro: O servidor especificado não pode efectuar a operação pedida.

 

Error - 17-06-2010 18:52:50 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131083

Description = Ocorreu uma falha na extracção da lista de raiz de terceiros do cab

de actualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

com o erro: Um certificado necessário não está no seu período de validade ao ser

verificado contra o relógio do sistema actual ou a assinatura de data/hora no ficheiro

assinado.

 

Error - 17-06-2010 18:52:50 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080

Description = Ocorreu uma falha na actualização automática do número de sequência

da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com o erro: O servidor especificado não pode efectuar a operação pedida.

 

Error - 17-06-2010 18:52:51 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080

Description = Ocorreu uma falha na actualização automática do número de sequência

da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com o erro: Esta operação foi devolvida porque o tempo limite expirou.

 

Error - 17-06-2010 18:52:51 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131083

Description = Ocorreu uma falha na extracção da lista de raiz de terceiros do cab

de actualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

com o erro: Um certificado necessário não está no seu período de validade ao ser

verificado contra o relógio do sistema actual ou a assinatura de data/hora no ficheiro

assinado.

 

Error - 17-06-2010 18:52:51 | Computer Name = SANDRA-SANTOS | Source = crypt32 | ID = 131080

Description = Ocorreu uma falha na actualização automática do número de sequência

da lista de raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com o erro: O servidor especificado não pode efectuar a operação pedida.

 

[ System Events ]

Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151

Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

 

Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151

Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

 

Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151

Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

 

Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151

Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

 

Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151

Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

 

Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151

Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

 

Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151

Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

 

Error - 21-06-2010 14:43:32 | Computer Name = SANDRA-SANTOS | Source = Disk | ID = 262151

Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

 

Error - 21-06-2010 14:45:17 | Computer Name = SANDRA-SANTOS | Source = Service Control Manager | ID = 7000

Description = O serviço General Purpose USB Driver (adildr.sys) falhou o arranque

devido ao seguinte erro: %%1058

 

Error - 21-06-2010 14:45:17 | Computer Name = SANDRA-SANTOS | Source = Service Control Manager | ID = 7000

Description = O serviço Serviço do Auto-Protect do Norton AntiVirus falhou o arranque

devido ao seguinte erro: %%2

 

 

< End of report >

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! mcfistu

 

<@> Execute o OTL.exe.

<@> Copie estas informações que estão na Quote,para o campo abaixo de: Exames Personalizados/Correções

 

:files

C:\Documents and Settings\user\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:otl

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - Reg Error: Value error. File not found

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.

O3 - HKU\S-1-5-21-861567501-1454471165-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)

O33 - MountPoints2\{18af04bc-67ed-11df-a26f-00c09fb05f61}\Shell\AutoRun\command - "" = F:\__DT\DT.exe -- File not found

O33 - MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\Shell\AutoRun\command - "" = E:\LiberKey\LiberKey.exe -- File not found

O33 - MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\Shell\Menu1\command - "" = E:\LiberKey\LiberKey.exe -- File not found

O33 - MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\Shell - "" = AutoRun

O33 - MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

:commands

[purity]

[emptyflash]

[emptytemp]

[Reboot]

<@> Clique no botão Consertar --> Aguarde a conclusão! --> Executar!

<@> Poste o relatório,que também estará na pasta: C:\_OTL\MovedFiles\*.log <--

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite

 

Deixo aqui o logo pedido

 

All processes killed

========== FILES ==========

C:\Documents and Settings\user\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ not found.

Registry value HKEY_USERS\S-1-5-21-861567501-1454471165-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18af04bc-67ed-11df-a26f-00c09fb05f61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18af04bc-67ed-11df-a26f-00c09fb05f61}\ not found.

File F:\__DT\DT.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d2b926e-ee68-11de-a1ba-00c09fb05f61}\ not found.

File F:\LaunchU3.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7f683e-17e7-11de-a0c4-00c09fb05f61}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7f6841-17e7-11de-a0c4-00c09fb05f61}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\ not found.

File E:\LiberKey\LiberKey.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4cf68848-0c0a-11de-a0af-00c09fb05f61}\ not found.

File E:\LiberKey\LiberKey.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c51d6df-17e8-11de-a0c5-00c09fb05f61}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c51d6e0-17e8-11de-a0c5-00c09fb05f61}\ not found.

File E:\AutoRun.exe not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.

C:\WINDOWS\002779_.tmp deleted successfully.

C:\WINDOWS\SET3.tmp deleted successfully.

C:\WINDOWS\SET4.tmp deleted successfully.

C:\WINDOWS\SET8.tmp deleted successfully.

C:\WINDOWS\System32\CONFIG.TMP deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 deleted successfully.

========== COMMANDS ==========

 

[EMPTYFLASH]

 

User: All Users

 

User: Default User

 

User: LocalService

 

User: NetworkService

->Flash cache emptied: 348 bytes

 

User: user

->Flash cache emptied: 1229 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 10090296 bytes

 

User: NetworkService

->Temp folder emptied: 1134036 bytes

->Temporary Internet Files folder emptied: 1110660 bytes

->Flash cache emptied: 0 bytes

 

User: user

->Temp folder emptied: 43064419 bytes

->Temporary Internet Files folder emptied: 27034461 bytes

->Java cache emptied: 10680318 bytes

->FireFox cache emptied: 52996065 bytes

->Flash cache emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 4524333 bytes

RecycleBin emptied: 766361 bytes

 

Total Files Cleaned = 144,00 mb

 

 

OTL by OldTimer - Version 3.2.6.1 log created on 06222010_210017

 

Files\Folders moved on Reboot...

File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

 

Registry entries deleted on Reboot...

 

 

Abraço

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! mcfistu

 

<@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 )

<@> Salve-a em Arquivos de programas!

<@> Desabilite seu antivírus!

<@> Para Windows Vista,tenha atributos de administrador,ao executar a ferramenta.

<@> Instale e execute a ferramenta,com um duplo-clique em: < r2t69y.jpg >

<@> Nas opções da língua,escolha "PT-BR" --> Enter.

<@> Escolha a opção 2: 2. Suppression des fichiers infectieux --> Aperte Enter.

 

wrmljk.jpg

 

<@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... )

<@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok.

 

6f8nwo.jpg

 

<@> O computador irá reiniciar. <-- Aguarde!

<@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta.

<@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante!

<@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter.

<@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado.

 

Abrços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Envio o log do usbfix

 

############################## | UsbFix 7.013 | [supressão]

 

Usuário: user (Administrador) # SANDRA-SANTOS [ ]

Atualizado em 21/06/10 por El Desaparecido / C_XX

Começou em 21:48:25 | 23/06/2010

Site: http://pagesperso-orange.fr/NosTools/index.html

Contato: FindyKill.Contact@gmail.com

 

CPU: Intel® Pentium® M processor 1.60GHz

Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3

Internet Explorer 8.0.6001.18702

 

Windows Firewall: Habilitado

Antivirus: avast! Antivirus 5.0.83886625 [(!) Disabled | Updated]

Firewall: Sygate Personal Firewall 4.6 [Enabled]

RAM -> 502 Mb

C:\ (%systemdrive%) -> Disco fixo # 50 Gb (32 Mb livre - 65%) [] # NTFS

D:\ -> CD-ROM

E:\ -> Disco removível # 2 Gb (431 Mb livre - 22%) [DOCS] # FAT

F:\ -> Disco removível # 960 Mb (281 Mb livre - 29%) [uSBDISK] # FAT32

X:\ -> Disco fixo # 24 Gb (14 Mb livre - 56%) [sandra] # NTFS

 

################## | Ficheiros # pastas infeciosos |

 

Supprimido ! C:\WINDOWS\system32\autorun.inf

Supprimido ! C:\msvcr71.dll

 

################## | Registro |

 

 

################## | Mountpoints2 |

 

 

################## | Listing |

 

[01/11/2007 - 11:51:26 | D ] C:\0eb31be77a145d5093f9814ce858f5

[04/11/2005 - 12:56:55 | A | 21620] C:\adobelog.txt

[21/12/2009 - 20:33:16 | RSD ] C:\assembly

[18/03/2003 - 20:05:50 | A | 89088] C:\atl71.dll

[04/11/2005 - 12:33:40 | A | 0] C:\AUTOEXEC.BAT

[15/11/2006 - 16:23:45 | D ] C:\bcbb0f5ed55766ded9f4432091

[13/09/2008 - 12:12:01 | RASH | 211] C:\boot.ini

[04/08/2004 - 13:00:00 | RASH | 4952] C:\bootfont.bin

[04/11/2005 - 13:24:05 | A | 90] C:\chpst.log

[23/06/2010 - 19:04:25 | HD ] C:\Config.Msi

[04/11/2005 - 12:33:40 | A | 0] C:\CONFIG.SYS

[14/07/2006 - 21:08:12 | A | 227] C:\CtDrvIns.log

[14/07/2006 - 21:08:43 | A | 3029] C:\CtDrvStp.log

[27/08/2009 - 15:03:10 | D ] C:\d3254af65f5191f39ded16d2

[20/11/2005 - 10:52:16 | D ] C:\DateHack

[04/11/2005 - 13:00:50 | A | 3223630] C:\DNSP1.LOG

[01/03/2007 - 23:39:33 | D ] C:\Documents and Settings

[26/12/2007 - 11:42:04 | D ] C:\Downloads

[31/01/2007 - 21:01:03 | D ] C:\DVD

[21/10/2007 - 11:23:40 | A | 8260] C:\dvdfabexpress_burn.log

[21/10/2007 - 11:23:37 | D ] C:\DVDFabPlatinum_Temp

[23/06/2010 - 19:04:58 | ASH | 526897152] C:\hiberfil.sys

[04/11/2005 - 13:36:46 | D ] C:\hp

[04/11/2005 - 13:04:20 | A | 171] C:\HSC.log

[04/11/2005 - 12:33:40 | RASH | 0] C:\IO.SYS

[17/01/2006 - 22:37:23 | D ] C:\LANG40

[18/03/2003 - 22:20:00 | A | 1060864] C:\mfc71.dll

[18/03/2003 - 22:12:12 | A | 1047552] C:\mfc71u.dll

[04/11/2005 - 13:16:02 | A | 196] C:\mscuxp.log

[04/11/2005 - 12:33:40 | RASH | 0] C:\MSDOS.SYS

[04/08/2004 - 13:00:00 | RASH | 47564] C:\NTDETECT.COM

[27/09/2008 - 11:42:36 | RASH | 251120] C:\ntldr

[23/06/2010 - 19:04:25 | ASH | 792723456] C:\pagefile.sys

[23/06/2010 - 21:47:11 | D ] C:\Program Files

[12/04/2010 - 22:47:57 | RD ] C:\Programas

[23/06/2010 - 21:53:04 | SHD ] C:\RECYCLER

[12/07/2006 - 21:55:26 | A | 194] C:\Setup.log

[29/07/2007 - 20:23:16 | AH | 268] C:\sqmdata00.sqm

[30/07/2007 - 21:04:19 | AH | 268] C:\sqmdata01.sqm

[01/08/2007 - 13:30:51 | AH | 268] C:\sqmdata02.sqm

[02/08/2007 - 20:12:44 | AH | 268] C:\sqmdata03.sqm

[03/08/2007 - 13:56:06 | AH | 268] C:\sqmdata04.sqm

[03/08/2007 - 20:54:38 | AH | 268] C:\sqmdata05.sqm

[05/08/2007 - 11:51:04 | AH | 268] C:\sqmdata06.sqm

[06/08/2007 - 20:58:53 | AH | 268] C:\sqmdata07.sqm

[07/08/2007 - 20:48:45 | AH | 268] C:\sqmdata08.sqm

[08/08/2007 - 21:11:53 | AH | 268] C:\sqmdata09.sqm

[11/08/2007 - 12:10:02 | AH | 268] C:\sqmdata10.sqm

[12/08/2007 - 12:07:51 | AH | 268] C:\sqmdata11.sqm

[12/08/2007 - 16:55:50 | AH | 268] C:\sqmdata12.sqm

[15/08/2007 - 19:37:10 | AH | 268] C:\sqmdata13.sqm

[16/08/2007 - 18:38:40 | AH | 268] C:\sqmdata14.sqm

[17/08/2007 - 09:22:22 | AH | 268] C:\sqmdata15.sqm

[17/08/2007 - 09:29:09 | AH | 268] C:\sqmdata16.sqm

[28/07/2007 - 12:28:27 | AH | 268] C:\sqmdata17.sqm

[28/07/2007 - 21:19:05 | AH | 268] C:\sqmdata18.sqm

[29/07/2007 - 12:55:57 | AH | 268] C:\sqmdata19.sqm

[29/07/2007 - 20:23:16 | AH | 244] C:\sqmnoopt00.sqm

[30/07/2007 - 21:04:18 | AH | 244] C:\sqmnoopt01.sqm

[01/08/2007 - 13:30:51 | AH | 244] C:\sqmnoopt02.sqm

[02/08/2007 - 20:12:44 | AH | 244] C:\sqmnoopt03.sqm

[03/08/2007 - 13:56:06 | AH | 244] C:\sqmnoopt04.sqm

[03/08/2007 - 20:54:38 | AH | 244] C:\sqmnoopt05.sqm

[05/08/2007 - 11:51:04 | AH | 244] C:\sqmnoopt06.sqm

[06/08/2007 - 20:58:53 | AH | 244] C:\sqmnoopt07.sqm

[07/08/2007 - 20:48:45 | AH | 244] C:\sqmnoopt08.sqm

[08/08/2007 - 21:11:53 | AH | 244] C:\sqmnoopt09.sqm

[11/08/2007 - 12:10:02 | AH | 244] C:\sqmnoopt10.sqm

[12/08/2007 - 12:07:51 | AH | 244] C:\sqmnoopt11.sqm

[12/08/2007 - 16:55:50 | AH | 244] C:\sqmnoopt12.sqm

[15/08/2007 - 19:37:10 | AH | 244] C:\sqmnoopt13.sqm

[16/08/2007 - 18:38:40 | AH | 244] C:\sqmnoopt14.sqm

[17/08/2007 - 09:22:22 | AH | 244] C:\sqmnoopt15.sqm

[17/08/2007 - 09:29:09 | AH | 244] C:\sqmnoopt16.sqm

[28/07/2007 - 12:28:27 | AH | 244] C:\sqmnoopt17.sqm

[28/07/2007 - 21:19:05 | AH | 244] C:\sqmnoopt18.sqm

[29/07/2007 - 12:55:57 | AH | 244] C:\sqmnoopt19.sqm

[16/12/2007 - 19:58:32 | A | 1257] C:\sti.log

[04/11/2005 - 13:20:54 | A | 20928] C:\sunjava.log

[04/11/2005 - 13:12:15 | D ] C:\SWSetup

[04/11/2005 - 12:52:26 | A | 198] C:\syntp.log

[20/11/2005 - 10:33:47 | SHD ] C:\System Volume Information

[04/11/2005 - 12:56:33 | D ] C:\SYSTEM.SAV

[04/11/2005 - 12:45:12 | A | 32] C:\ticrdbus.log

[24/01/2006 - 12:40:57 | A | 95232] C:\trabalho de tradução.doc

[23/06/2010 - 21:53:04 | D ] C:\UsbFix

[23/06/2010 - 21:53:05 | A | 1068] C:\UsbFix.txt

[22/06/2010 - 21:00:54 | D ] C:\WINDOWS

[17/11/2007 - 11:30:40 | AH | 21424] C:\_NavCClt.Log

[22/06/2010 - 21:00:17 | D ] C:\_OTL

[20/11/2005 - 13:24:42 | A | 1159] C:\_Sid.txt

[23/06/2010 - 21:43:32 | ASH | 1610612736] E:\eboostr.dat

[10/01/2009 - 11:14:34 | D ] F:\Software

[18/06/2010 - 17:27:12 | D ] F:\Portable PCBooster 5.1

[21/06/2010 - 11:30:24 | A | 296] F:\WMPInfo.xml

[04/06/2007 - 14:26:14 | RD ] F:\Documents

[18/08/2009 - 15:33:45 | D ] X:\Album Fotos

[27/09/2008 - 19:25:57 | D ] X:\DIVX

[12/07/2009 - 11:58:00 | D ] X:\Documentos

[12/07/2009 - 13:37:55 | D ] X:\Documentos Chris

[27/09/2008 - 19:26:05 | D ] X:\DVD

[17/04/2010 - 16:41:01 | D ] X:\Escolas

[13/09/2008 - 20:10:19 | D ] X:\Jogos

[26/03/2007 - 00:13:09 | D ] X:\ofertas de escola

[04/04/2010 - 09:38:33 | D ] X:\Programas

[23/06/2010 - 21:53:04 | SHD ] X:\RECYCLER

[18/10/2009 - 10:56:12 | D ] X:\sandra

[07/12/2006 - 13:41:15 | SHD ] X:\System Volume Information

[17/01/2008 - 15:12:08 | D ] X:\temp

 

################## | Vaccin |

 

C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

E:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

F:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

X:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

 

################## | Upload |

 

Favor enviar o arquivo: C:\UsbFix_Upload_Me_SANDRA-SANTOS.zip

http://chiquitine.changelog.fr/Sample/Upload.php

Obrigado pela sua contribuição.

 

################## | E.O.F |

 

 

Envio o log do Hijack this

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:55:56, on 23-06-2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programas\Sygate\SPF\smc.exe

C:\Programas\Alwil Software\Avast5\AvastSvc.exe

C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\explorer.exe

C:\Programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\msiexec.exe

C:\HI ijack This\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programas\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programas\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Ver HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programas\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [synTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe" /Start

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [smcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHEI~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programas\Microsoft ActiveSync\wcescomm.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: eBoostr Control Panel.lnk = X:\Programas\eBoostr\eBoostrCP.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176752437921

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_13) -

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.5.0) -

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) -

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - X:\Programas\eBoostr\EBstrSvc.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programas\HPQ\shared\hpqwmi.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe

O23 - Service: Serviço do Auto-Protect do Norton AntiVirus (navapsvc) - Unknown owner - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe

 

--

End of file - 9637 bytes

 

Abraços

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! mcfistu

 

<@> Baixe: < JavaRa >

<@> Tire-o do zip!

<@> Dê um duplo-clique no JavaRa.exe --> Clique em Search For Updates.

<@> Selecione a opção Update Using jucheck.exe --> Clique no botão Search.

<@> Se estiver atualizado,receberá um aviso confirmando a última versão.

<@> Caso contrário,aguarde a nova versão do Java ser baixada e instalada.

<@> Clique no botão "Remove Older Versions" --> Aguarde!

000000000000000000000

ooooooooooooooooooooo

<@> Baixe: < PureRa15Binary.zip > ( ...by Paul McLain & Fred de Vries )

 

<!> Link - 2 < purera.png >

 

<@> Salve-o no desktop! <-- Tire-o do zip!

<@> Execute: PureRa.exe --> Clique em Clean.

<@> Marque a opção: "Check All"

 

< 31234.jpg >

 

<@> Clique no botão Clean Selected --> Aguarde!

<@> Terminando ( Finished ),clique em Exit.

<@> Poste o relatório: PureRa.txt <--

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Deixo o log do pureRa.exe

 

RaProducts' PureRa v1.5

Log created at 21:36 on 01/07/2010 (user)

 

C:\Config.MSI emptied.

C:\WINDOWS\system32\FNTCACHE.DAT <- Successfully deleted.

Recycle bin emptied.

C:\Programas\Spybot - Search & Destroy\Updates\advcheck165.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\clsid.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\includes.dialer.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\includes.hijackers.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\includes.keyloggers.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\includes.malware.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\includes.spybots.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\includes.trojans.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\includes.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\supplemental.zip <- Successfully deleted.

C:\Programas\Spybot - Search & Destroy\Updates\teatimer166.zip <- Successfully deleted.

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs emptied.

C:\WINDOWS\SoftwareDistribution\DataStore\Logs emptied.

C:\WINDOWS\SoftwareDistribution\Download emptied.

C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default emptied.

C:\WINDOWS\SoftwareDistribution\WuRedir emptied.

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log <- O processo não pode aceder ao ficheiro porque este está a ser utilizado por outro processo.

C:\DOCUME~1\user\DEFINI~1\Temp emptied.

C:\WINDOWS\TEMP emptied.

C:\WINDOWS\$MSI31Uninstall_KB893803v2$ <- Successfully deleted.

C:\WINDOWS\$NtServicePackUninstall$ <- Successfully deleted.

C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ <- Successfully deleted.

C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB873333$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB873339$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB884575$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB885250$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB885464$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB885835$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB885836$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB885855$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB885884$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB886185$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB887472$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB887742$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB888113$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB888239$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB888302$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB890046$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB890047$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB890175$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB890859$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB891781$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB893066$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB893756$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB894391$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB894476$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB896358$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB896422$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB896423$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB896424$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB896428$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB898461$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB899587$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB899591$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB900485$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB900725$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB901017$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB901214$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB902400$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB904706$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB904942$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB905414$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB905749$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB905915$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB907371-V2$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB908519$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB908531$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB909394$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB910437$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB911280$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB911562$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB911564$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB911565$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB911567$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB911927$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB912812$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB912919$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB913446$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB913580$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB914388$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB914389$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB914440$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB915865$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB916281$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB916595$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB917159$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB917344$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB917422$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB917734_WMP10$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB917953$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB918118$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB918439$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB918899$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB919007$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB920213$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB920214$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB920670$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB920683$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB920685$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB920872$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB921398$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB921503$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB921883$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB922582$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB922616$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB922760$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB922819$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB923191$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB923414$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB923561$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB923689$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB923694$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB923980$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB924191$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB924270$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB924496$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB924667$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB925398_WMP64$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB925454$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB925486$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB925902$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB926255$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB926436$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB927779$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB927802$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB927891$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB928090$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB928255$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB928843$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB929123$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB929338$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB929969$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB930178$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB930916$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB931261$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB931784$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB931836$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB932168$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB932168_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB932823-v3$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB933360$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB933729$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB935839$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB935840$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB936021$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB936357$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB936782_WMP10$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB938464$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB938464-v2$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB938464_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB938828$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB938829$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB941202$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB941568$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB941569$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB941644$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB941693$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB942763$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB943055$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB943460$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB943485$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB944653$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB945553$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB946026$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB946648$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB946648_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB948590$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB948881$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB950749$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB950760$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB950762$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB950762_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB950974$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB950974_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951066$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951066_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951072-v2$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951376$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951376-v2$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951376-v2_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951376_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951698$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951698_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951748$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951748_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB951978$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB952004$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB952069_WM9$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB952287$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB952287_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB952954$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB952954_0$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB953839$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB954155_WM9$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB954211$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB954459$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB954600$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB955069$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB955759$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB955839$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB956391$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB956572$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB956744$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB956802$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB956803$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB956841$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB956844$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB957095$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB957097$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB958644$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB958687$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB958690$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB958869$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB959426$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB960225$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB960715$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB960803$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB960859$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB961118$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB961371$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB961373$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB961501$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB967715$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB968389$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB968537$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB968816_WM9$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB969059$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB969898$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB969947$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB970238$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB970430$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB970653-v3$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB971468$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB971486$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB971557$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB971633$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB971657$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB971737$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB972270$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973346$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973354$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973507$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973525$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973540_WM9$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973687$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973815$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973869$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB973904$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB974112$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB974318$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB974392$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB974571$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB975025$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB975467$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB975560$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB975561$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB975713$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB976098-v2$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB977165$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB977816$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB977914$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB978037$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB978251$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB978262$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB978338$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB978542$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB978601$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB978706$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB979306$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB979309$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB979683$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB980232$ <- Successfully deleted.

C:\WINDOWS\$NtUninstallKB981793$ <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\mofcomp.log <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\wbemcore.log <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\wbemcore.lo_ <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\wbemess.log <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\wbemess.lo_ <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\wbemprox.log <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\wbemprox.lo_ <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\WinMgmt.log <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\wmiadap.log <- Successfully deleted.

C:\WINDOWS\system32\wbem\Logs\wmiprov.log <- Successfully deleted.

C:\sqmdata00.sqm <- Successfully deleted.

C:\sqmdata01.sqm <- Successfully deleted.

C:\sqmdata02.sqm <- Successfully deleted.

C:\sqmdata03.sqm <- Successfully deleted.

C:\sqmdata04.sqm <- Successfully deleted.

C:\sqmdata05.sqm <- Successfully deleted.

C:\sqmdata06.sqm <- Successfully deleted.

C:\sqmdata07.sqm <- Successfully deleted.

C:\sqmdata08.sqm <- Successfully deleted.

C:\sqmdata09.sqm <- Successfully deleted.

C:\sqmdata10.sqm <- Successfully deleted.

C:\sqmdata11.sqm <- Successfully deleted.

C:\sqmdata12.sqm <- Successfully deleted.

C:\sqmdata13.sqm <- Successfully deleted.

C:\sqmdata14.sqm <- Successfully deleted.

C:\sqmdata15.sqm <- Successfully deleted.

C:\sqmdata16.sqm <- Successfully deleted.

C:\sqmdata17.sqm <- Successfully deleted.

C:\sqmdata18.sqm <- Successfully deleted.

C:\sqmdata19.sqm <- Successfully deleted.

C:\sqmnoopt00.sqm <- Successfully deleted.

C:\sqmnoopt01.sqm <- Successfully deleted.

C:\sqmnoopt02.sqm <- Successfully deleted.

C:\sqmnoopt03.sqm <- Successfully deleted.

C:\sqmnoopt04.sqm <- Successfully deleted.

C:\sqmnoopt05.sqm <- Successfully deleted.

C:\sqmnoopt06.sqm <- Successfully deleted.

C:\sqmnoopt07.sqm <- Successfully deleted.

C:\sqmnoopt08.sqm <- Successfully deleted.

C:\sqmnoopt09.sqm <- Successfully deleted.

C:\sqmnoopt10.sqm <- Successfully deleted.

C:\sqmnoopt11.sqm <- Successfully deleted.

C:\sqmnoopt12.sqm <- Successfully deleted.

C:\sqmnoopt13.sqm <- Successfully deleted.

C:\sqmnoopt14.sqm <- Successfully deleted.

C:\sqmnoopt15.sqm <- Successfully deleted.

C:\sqmnoopt16.sqm <- Successfully deleted.

C:\sqmnoopt17.sqm <- Successfully deleted.

C:\sqmnoopt18.sqm <- Successfully deleted.

C:\sqmnoopt19.sqm <- Successfully deleted.

C:\Documents and Settings\All Users\Documentos\As minhas imagens\Exemplos de imagens\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Definições locais\Application Data\IconCache.db <- Successfully deleted.

C:\Documents and Settings\user\Definições locais\Application Data\Google\Picasa2\db2\thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\As minhas imagens\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\As minhas imagens\Sample Images\Flower\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\As minhas imagens\Sample Images\Nature\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\As minhas imagens\Sample Images\Travel\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2008-05 (Mai)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2008-12 (Dez)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2009-02 (Fev)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2009-03 (Mar)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2009-04 (Abr)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-01 (Jan)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-03 (Mar)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-04 (Abr)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-05 (Mai)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Minhas digitalizações\2010-06 (Jun)\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\Pasta de trocas do Bluetooth\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\PrintScreen Files\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\user\Os meus documentos\SnagIt Catalog\Thumbs.db <- Successfully deleted.

C:\DVD\Thumbs.db <- Successfully deleted.

C:\Programas\Ant Movie Catalog\Toolbars\Thumbs.db <- Successfully deleted.

C:\Programas\Hp\Digital Imaging\Skins\oov1\tj\Thumbs.db <- Successfully deleted.

C:\Programas\InterVideo\WinDVD\Skins\WinDVD 5\Language Subpanel\Thumbs.db <- Successfully deleted.

C:\Programas\software SAPO\Thumbs.db <- Successfully deleted.

C:\Programas\software SAPO\plugins\AddrBookUIPlugin\Thumbs.db <- Successfully deleted.

C:\Programas\software SAPO\plugins\CallUIPlugin\Thumbs.db <- Successfully deleted.

C:\Programas\software SAPO\plugins\SMSUIPlugin\Thumbs.db <- Successfully deleted.

C:\Programas\software SAPO\plugins\StatusBarMgrPlugin\Thumbs.db <- Successfully deleted.

C:\Programas\software SAPO\plugins\XFramePlugin\Thumbs.db <- Successfully deleted.

C:\WINDOWS\Thumbs.db <- Successfully deleted.

 

Total space cleaned: 1083063985 bytes

 

-=E.O.F=-

 

Deixo o log do HiJack This Actualizado

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:42:44, on 01-07-2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Programas\Sygate\SPF\smc.exe

C:\Programas\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\Synaptics\SynTP\SynTPLpr.exe

C:\Programas\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe

C:\Programas\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Programas\HP\HP Software Update\HPWuSchd2.exe

C:\Programas\Windows Defender\MSASCui.exe

C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe

C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe

C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Programas\Microsoft ActiveSync\wcescomm.exe

C:\PROGRA~1\MICROS~3\rapimgr.exe

C:\Programas\Software WIDCOMM\Bluetooth\BTTray.exe

X:\Programas\eBoostr\eBoostrCP.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

X:\Programas\eBoostr\EBstrSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\HPQ\shared\hpqwmi.exe

C:\PROGRA~1\SOFTWA~1\BLUETO~1\BTSTAC~1.EXE

C:\WINDOWS\system32\taskmgr.exe

C:\Programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

E:\Software\Hijack This\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programas\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programas\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Ver HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Programas\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programas\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [synTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe" /Start

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [smcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHEI~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programas\Microsoft ActiveSync\wcescomm.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: eBoostr Control Panel.lnk = X:\Programas\eBoostr\eBoostrCP.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar para &Bluetooth - C:\Programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176752437921

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.5.0) -

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - X:\Programas\eBoostr\EBstrSvc.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programas\HPQ\shared\hpqwmi.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe

O23 - Service: Serviço do Auto-Protect do Norton AntiVirus (navapsvc) - Unknown owner - C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe

 

--

End of file - 10291 bytes

 

Um abraço

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.