Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

meligeni

[Resolvido] &nbspAcessa internet em tudo menos no internet explorer

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

meligeni    0

meligeni
Postado

pessoal uma amiga esta com um problema de acesso ao internet explorer

acessa normal em outros navegadores

 

O GRANDE PROBLEMA É QUE TODA VEZ QUE ABRE O NAVEGADOR CRIA-SE A SEGUINTE INFORMAÇÃO NO REGISTRO

IE - HKU\S-1-5-21-329068152-861567501-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKU\S-1-5-21-329068152-861567501-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:60970

 

já passei o malware, hijack otl e rsit e combofix

 

mas mesmo assim continua criando este registro no windows

 

 

 

SEGUEM OS LOGS

 

HIJACKTHIS

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:45:13, on 11/1/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\sm56hlpr.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe

C:\Arquivos de programas\Sony\PMB\PMBVolumeWatcher.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Documents and Settings\Bya\Meus documentos\Meus arquivos recebidos\HiJackThis.exe

C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe

c:\arquivos de programas\teamviewer\version5\TeamViewer_Desktop.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:60970

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Arquivos de programas\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Arquivos de programas\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/mjss/MJSS.cab109791.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6AEFA2CE-3124-4F71-B19C-73C7C22AE852}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Arquivos de programas\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

 

--

End of file - 9418 bytes

 

==================================================================================================================================================================================================

 

OTL

OTL logfile created on: 11/1/2011 19:36:57 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Bya\Meus documentos\Meus arquivos recebidos

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

958,00 Mb Total Physical Memory | 602,00 Mb Available Physical Memory | 63,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): c:\pagefile.sys 1440 2880 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 76,68 Gb Total Space | 56,19 Gb Free Space | 73,28% Space Free | Partition Type: NTFS

 

Computer Name: BYA-84A8946583B | User Name: Bya | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/01/11 19:29:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bya\Meus documentos\Meus arquivos recebidos\OTL.exe

PRC - [2010/10/19 10:29:08 | 001,881,384 | ---- | M] (TeamViewer GmbH) -- c:\Arquivos de programas\TeamViewer\Version5\TeamViewer_Desktop.exe

PRC - [2010/10/19 10:29:03 | 006,917,416 | ---- | M] (TeamViewer GmbH) -- C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe

PRC - [2010/06/28 18:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe

PRC - [2010/06/28 18:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/03/24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Arquivos de programas\Sony\PMB\PMBVolumeWatcher.exe

PRC - [2010/01/15 10:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe

PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Arquivos de programas\Sony\PMB\PMBDeviceInfoProvider.exe

PRC - [2009/09/17 22:59:51 | 000,122,368 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Quick Search Box\GoogleQuickSearchBox.exe

PRC - [2009/02/06 18:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

PRC - [2008/04/14 10:00:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005/11/10 03:44:28 | 000,557,056 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe

PRC - [2005/04/15 01:01:46 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

PRC - [2005/03/11 07:33:28 | 000,147,456 | R--- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe

PRC - [2005/03/07 17:33:28 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/01/11 19:29:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bya\Meus documentos\Meus arquivos recebidos\OTL.exe

MOD - [2010/10/19 10:29:08 | 000,120,104 | ---- | M] (TeamViewer GmbH) -- c:\Arquivos de programas\TeamViewer\Version5\TV.dll

MOD - [2010/08/23 14:11:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2010/06/28 18:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV - [2010/06/28 18:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV - [2010/06/28 18:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/01/15 10:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Arquivos de programas\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)

SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | Auto | Stopped] -- E:\Info Hardware\hw32_237\HWiNFO32.SYS -- (HWiNFO32)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys -- (FETNDIS)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Bya\CONFIG~1\Temp\catchme.sys -- (catchme)

DRV - [2010/06/28 18:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2010/06/28 18:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2010/06/28 18:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2010/06/28 18:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2010/06/28 18:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/06/28 18:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2007/05/18 12:41:30 | 000,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)

DRV - [2007/03/29 12:36:00 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)

DRV - [2005/11/10 03:47:00 | 000,922,148 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)

DRV - [2005/04/19 00:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2003/05/06 01:35:08 | 000,227,200 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cccp106.sys -- (CCCP106)

DRV - [2001/08/17 22:49:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-329068152-861567501-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKU\S-1-5-21-329068152-861567501-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:60970

 

========== FireFox ==========

 

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 60970

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2010/12/26 20:15:12 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2010/12/10 11:17:28 | 000,000,000 | ---D | M]

 

[2010/01/22 19:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bya\Dados de aplicativos\Mozilla\Extensions

[2010/10/28 12:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bya\Dados de aplicativos\Mozilla\Firefox\Profiles\gd4lr9i5.default\extensions

[2010/01/22 19:38:12 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions

[2010/01/15 23:18:55 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml

[2010/01/15 23:18:55 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2010/01/15 23:18:55 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2010/01/15 23:18:55 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml

 

O1 HOSTS File: ([2011/01/11 19:14:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)

O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-329068152-861567501-1644491937-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [avast5] C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Google Quick Search Box] C:\Arquivos de programas\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)

O4 - HKLM..\Run: [LanguageShortcut] C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe ()

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Arquivos de programas\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [sMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)

O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\McAfee Security Scan Plus.lnk = C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-329068152-861567501-1644491937-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-329068152-861567501-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-329068152-861567501-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-329068152-861567501-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Arquivos de programas\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/mjss/MJSS.cab109791.cab ()

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Bya\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bya\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/09/05 18:21:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

 

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/11 19:17:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2011/01/11 19:08:58 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011/01/11 19:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2011/01/11 18:40:27 | 000,000,000 | ---D | C] -- C:\Temp

[2011/01/11 06:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bya\Menu Iniciar\Programas\Baixo Cidade

[2011/01/11 06:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bya\Dados de aplicativos\Malwarebytes

[2011/01/11 06:13:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/01/11 06:13:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware

[2011/01/11 06:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes

[2011/01/11 06:13:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/01/11 06:13:02 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware

[2011/01/11 05:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bya\Dados de aplicativos\TeamViewer

[2011/01/11 05:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\TeamViewer 5

[2011/01/11 05:46:38 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\TeamViewer

[2011/01/11 02:25:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live Safety Center

[2011/01/10 20:56:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bya\Recent

[2011/01/10 20:55:57 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Utherverse Digital Inc

[2011/01/07 04:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bya\Dados de aplicativos\Utherverse

[2011/01/07 04:41:38 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Baixo Cidade

[2010/12/26 03:21:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bya\Dados de aplicativos\Sony Corporation

[2010/12/21 15:22:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs

[2010/12/21 15:22:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\PMB

[2010/12/21 15:21:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Sony

[2010/12/21 15:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony Corporation

[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/11 19:23:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/01/11 19:22:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/01/11 19:14:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2011/01/11 19:09:03 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2011/01/11 06:15:30 | 000,002,149 | ---- | M] () -- C:\Documents and Settings\Bya\Desktop\Baixo Cidade.lnk

[2011/01/11 06:13:11 | 000,000,840 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/01/11 05:46:43 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 5.lnk

[2011/01/10 19:14:14 | 000,005,722 | ---- | M] () -- C:\Documents and Settings\Bya\Dados de aplicativos\EFB2.896

[2011/01/10 11:47:15 | 000,000,128 | ---- | M] () -- C:\WINDOWS\wininit.ini

[2011/01/10 08:18:01 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/12/26 05:04:08 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Bya\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/12/21 15:22:25 | 000,001,645 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ajuda do PMB.lnk

[2010/12/21 15:22:25 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PMB Launcher.lnk

[2010/12/21 15:22:25 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PMB.lnk

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/12/15 12:46:22 | 000,263,824 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/12/15 04:23:56 | 000,008,134 | ---- | M] () -- C:\Documents and Settings\Bya\Meus documentos\VIC2.jpg

[2010/12/13 04:52:03 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Bya\Desktop\Meu computador.lnk

[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/01/11 19:09:03 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2011/01/11 19:09:00 | 000,261,856 | RHS- | C] () -- C:\cmldr

[2011/01/11 06:15:30 | 000,002,149 | ---- | C] () -- C:\Documents and Settings\Bya\Desktop\Baixo Cidade.lnk

[2011/01/11 06:13:10 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/01/11 05:46:43 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 5.lnk

[2011/01/10 11:47:15 | 000,000,128 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2011/01/09 02:58:50 | 000,005,722 | ---- | C] () -- C:\Documents and Settings\Bya\Dados de aplicativos\EFB2.896

[2010/12/21 15:22:25 | 000,001,645 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ajuda do PMB.lnk

[2010/12/21 15:22:25 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PMB Launcher.lnk

[2010/12/21 15:22:25 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PMB.lnk

[2010/12/15 04:23:52 | 000,008,134 | ---- | C] () -- C:\Documents and Settings\Bya\Meus documentos\VIC2.jpg

[2010/12/13 04:52:02 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Bya\Desktop\Meu computador.lnk

[2010/06/30 23:57:32 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI

[2010/06/30 23:57:32 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini

[2010/06/30 23:57:32 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI

[2010/01/17 06:34:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009/09/15 03:01:41 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\ezsid.dat

[2009/09/11 04:36:21 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Bya\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/09/09 22:26:28 | 000,061,440 | R--- | C] () -- C:\WINDOWS\System32\dcccp106.dll

[2009/09/09 22:26:28 | 000,000,307 | R--- | C] () -- C:\WINDOWS\DC2110a.ini

[2009/09/09 22:26:27 | 000,227,200 | R--- | C] () -- C:\WINDOWS\System32\drivers\cccp106.sys

[2009/09/09 22:26:27 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\vcccp106.dll

[2009/09/09 22:26:27 | 000,015,542 | R--- | C] () -- C:\WINDOWS\cccp106.ini

[2009/09/05 20:32:53 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2009/09/05 19:34:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll

[2009/09/05 19:34:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll

[2009/09/05 19:34:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll

[2009/09/05 19:34:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll

[2009/09/05 19:34:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll

[2009/09/05 19:34:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll

[2009/09/05 19:34:50 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll

[2009/09/05 19:34:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll

[2009/09/05 19:34:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll

[2009/09/05 15:12:01 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2006/10/27 14:52:34 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP7311.ini

[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS

[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS

 

========== LOP Check ==========

 

[2010/11/16 04:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alawar Stargaze

[2010/07/28 12:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alwil Software

[2009/12/11 05:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\EscapeTheMuseum

[2009/12/31 05:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Fenomen Games

[2010/11/16 03:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\freshgames

[2010/01/18 05:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Fugazo

[2009/12/24 04:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Gamers Digital

[2009/12/15 03:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GoBit Games

[2009/12/13 16:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Kristanix Games

[2009/11/04 20:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

[2009/10/06 05:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Mushroom Age

[2009/09/29 03:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\MythPeople

[2010/10/19 04:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PlayFirst

[2010/10/19 06:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Playrix Entertainment

[2010/01/08 16:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PoBros

[2009/09/15 05:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Princess Isabella

[2009/12/18 04:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Redrum

[2009/12/13 04:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\rionix

[2009/12/16 03:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sandlot Games

[2009/12/17 06:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Slapdash Games

[2010/11/16 05:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2010/01/01 17:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\The Mirror Mysteries

[2010/01/08 06:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Zylom

[2010/10/19 05:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Anabel

[2010/10/18 04:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Artifex Mundi

[2010/01/05 06:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Artogon

[2010/01/05 05:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Batovi

[2010/10/18 03:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Big Fish Games

[2009/12/02 03:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Cat's Eye Games

[2009/12/15 02:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\DivoGames

[2010/01/08 06:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\EleFun Games

[2010/01/09 06:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\ERS G-Studio

[2010/04/29 17:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\FarmVicio

[2010/01/01 18:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Friday's games

[2010/01/08 17:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Gamenauts

[2009/12/19 04:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Gamers Digital

[2010/01/18 12:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Games

[2009/09/29 04:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\IronCode

[2009/12/17 04:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\ITTNord

[2010/01/18 13:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Lost in the City

[2009/12/12 04:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\MastersOfMystery2

[2009/09/09 22:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Opera

[2009/12/09 03:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Orneon

[2010/06/05 07:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\PacificPoker

[2010/10/19 04:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\PlayFirst

[2009/12/17 05:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Playrix Entertainment

[2010/01/08 16:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\PoBros

[2010/01/05 05:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\SprillRichiEng

[2011/01/11 05:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\TeamViewer

[2011/01/11 06:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Utherverse

[2010/01/18 13:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\World-LooM

[2010/01/08 06:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bya\Dados de aplicativos\Zylom

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.exe >

 

 

< MD5 for: AGP440.SYS >

[2008/04/14 10:00:00 | 020,099,802 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2008/04/14 10:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys

[2008/04/14 10:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

 

< MD5 for: ATAPI.SYS >

[2008/04/14 10:00:00 | 020,099,802 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008/04/14 10:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys

[2008/04/14 10:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

 

< MD5 for: EVENTLOG.DLL >

[2008/04/14 10:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\ERDNT\cache\eventlog.dll

[2008/04/14 10:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\dllcache\eventlog.dll

[2008/04/14 10:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\eventlog.dll

 

< MD5 for: NETLOGON.DLL >

[2008/04/14 10:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\ERDNT\cache\netlogon.dll

[2008/04/14 10:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\dllcache\netlogon.dll

[2008/04/14 10:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\netlogon.dll

 

< MD5 for: SCECLI.DLL >

[2008/04/14 10:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\ERDNT\cache\scecli.dll

[2008/04/14 10:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\dllcache\scecli.dll

[2008/04/14 10:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\scecli.dll

 

< MD5 for: VIAMRAID.SYS >

[2007/03/19 17:13:46 | 000,118,120 | ---- | M] (VIA Technologies inc,.ltd) MD5=503F50BF170661A23C2D50C423011469 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\VRAIDDrv\drvdisk\x86\NT4\viamraid.sys

[2007/03/19 17:13:46 | 000,118,120 | ---- | M] (VIA Technologies inc,.ltd) MD5=503F50BF170661A23C2D50C423011469 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\VRAIDDrv\NT4\viamraid.sys

[2007/03/19 17:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\VRAIDDrv\2K\viamraid.sys

[2007/03/19 17:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\VRAIDDrv\drvdisk\x86\NT5\viamraid.sys

[2007/03/19 17:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\VRAIDDrv\SRV2003\x86\viamraid.sys

[2007/03/19 17:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\VRAIDDrv\XP\x86\viamraid.sys

[2007/03/19 17:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\WINDOWS\system32\drivers\viamraid.sys

[2007/03/21 18:35:38 | 000,113,152 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=8C7E7769643D3D17B8B67F99A6416C5B -- C:\NXTC5CHIPSET\NXTC5CHIPSET\VRAIDDrv\drvdisk\VISTA\x86\viamraid.sys

[2007/03/21 18:35:38 | 000,113,152 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=8C7E7769643D3D17B8B67F99A6416C5B -- C:\NXTC5CHIPSET\NXTC5CHIPSET\VRAIDDrv\VISTA\x86\viamraid.sys

 

< MD5 for: VIPRT.SYS >

[2007/03/26 16:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\SATAIDE\W2K\ViPrt.sys

[2007/03/26 16:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\SATAIDE\WNET\ViPrt.sys

[2007/03/26 16:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\SATAIDE\WXP\ViPrt.sys

[2007/03/26 16:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\NXTC5CHIPSET\NXTC5CHIPSET\SATAIDE\WLH\ViPrt.sys

 

< %systemroot%\*. /mp /s >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-12-15 05:07:48

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:60A4BB64

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:39C7B7C6

@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:FA7CDE12

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:3FD496E1

@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DC21D414

@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E732B44B

@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:CC4C59B4

@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:25249477

@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E895790F

@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A4076A3B

@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0EC7A545

@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F84B8DB5

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D46D2E5A

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0696EC8E

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A7B70C4E

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:1181620C

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:596E2371

@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:AE2EA3C2

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:70E897B5

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:700B9342

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:15DE523E

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A3B8F70C

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A02025CE

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D507B5A8

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:CFFC9DD0

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:EF5B3572

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:80E965A3

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:2BC498A4

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:1F96ED45

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E80802C7

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:B4980368

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:3651A580

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:737160C1

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5B09C4D9

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:C9FD258B

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:89A5891E

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D055FC10

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:BF2E2F0E

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F986CC21

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:EA701346

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A688EF17

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:8DF68137

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:56C17A93

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:24FECE50

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:1C6CB897

@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:425759C6

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A6CDBCAC

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:086DE893

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:27D1368B

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9857FAE3

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:3790BACD

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:97C4F81F

@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:12EA4DC9

@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:AC83EA04

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F2AF86D9

@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:612B1D36

@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:3D36932D

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:114BD271

 

< End of report >

 

OTL Extras logfile created on: 11/1/2011 19:36:57 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Bya\Meus documentos\Meus arquivos recebidos

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

958,00 Mb Total Physical Memory | 602,00 Mb Available Physical Memory | 63,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): c:\pagefile.sys 1440 2880 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 76,68 Gb Total Space | 56,19 Gb Free Space | 73,28% Space Free | Partition Type: NTFS

 

Computer Name: BYA-84A8946583B | User Name: Bya | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_USERS\S-1-5-21-329068152-861567501-1644491937-1003\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 4

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\MSN Messenger\livecall.exe" = C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\Baixo Cidade\Baixo Cidade VWW Client\Utherverse.exe" = C:\Arquivos de programas\Baixo Cidade\Baixo Cidade VWW Client\Utherverse.exe:*:Enabled:Utherverse -- ()

"C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe" = C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

"C:\Arquivos de programas\TeamViewer\Version5\TeamViewer_Service.exe" = C:\Arquivos de programas\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{183135A3-2CE8-43B5-BA5A-757EBAECB413}" = Disney Pix Micro Downloader

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}" = Opera 10.00

"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call

"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail

"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam

"{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{99C8C1F6-7120-47A2-9173-31AFB325624C}" = CamMaestro 1.0.2.7 Build 390P

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{AC76BA86-7AD7-1046-7B44-A90000000001}" = Adobe Reader 9 - Português

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger

"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}" = Disney Pix 2.2

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"avast5" = avast! Free Antivirus

"Baixo Cidade" = Baixo Cidade

"CCleaner" = CCleaner (remove only)

"DSB-C110" = D-Link CIF Webcam

"DVD Shrink_is1" = DVD Shrink 3.2

"ENTERPRISE" = Microsoft Office Enterprise 2007

"ie8" = Windows Internet Explorer 8

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gerenciador de dispositivo de plataforma

"InstallShield_{99C8C1F6-7120-47A2-9173-31AFB325624C}" = CamMaestro 1.0.2.7 Build 390P

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"McAfee Security Scan" = McAfee Security Scan Plus

"Messenger Plus! Live" = Messenger Plus! Live

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Picasa 3" = Picasa 3

"PokerStars" = PokerStars

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"TeamViewer 5" = TeamViewer 5

"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinLiveSuite_Wave3" = Windows Live Essentials

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 9/1/2010 05:26:29 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 9/1/2010 05:28:23 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 9/1/2010 05:28:37 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 9/1/2010 05:28:59 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 11/1/2010 16:25:47 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 11/1/2010 16:26:29 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 11/1/2010 16:26:38 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 29/5/2010 15:01:45 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 30/5/2010 17:45:41 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

Error - 2/6/2010 13:55:46 | Computer Name = BYA-84A8946583B | Source = avast! | ID = 33554522

Description =

 

[ Application Events ]

Error - 16/4/2010 17:32:42 | Computer Name = BYA-84A8946583B | Source = Application Hang | ID = 1002

Description = Aplicativo com falha Skype.exe, versão 4.2.0.155, módulo com falha

hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

 

Error - 16/4/2010 18:17:52 | Computer Name = BYA-84A8946583B | Source = Microsoft Office 12 | ID = 2001

Description = Rejected Safe Mode action : Microsoft Office Outlook.

 

Error - 17/4/2010 19:56:14 | Computer Name = BYA-84A8946583B | Source = Application Hang | ID = 1002

Description = Aplicativo com falha firefox.exe, versão 1.9.2.3743, módulo com falha

hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

 

Error - 18/4/2010 23:10:41 | Computer Name = BYA-84A8946583B | Source = Application Hang | ID = 1002

Description = Aplicativo com falha firefox.exe, versão 1.9.2.3743, módulo com falha

hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

 

Error - 19/4/2010 13:01:45 | Computer Name = BYA-84A8946583B | Source = Application Hang | ID = 1002

Description = Aplicativo com falha firefox.exe, versão 1.9.2.3743, módulo com falha

hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

 

Error - 19/4/2010 13:30:37 | Computer Name = BYA-84A8946583B | Source = Application Hang | ID = 1002

Description = Aplicativo com falha msnmsgr.exe, versão 14.0.8089.726, módulo com

falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

 

Error - 19/4/2010 13:30:37 | Computer Name = BYA-84A8946583B | Source = Application Hang | ID = 1002

Description = Aplicativo com falha msnmsgr.exe, versão 14.0.8089.726, módulo com

falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

 

Error - 19/4/2010 13:30:39 | Computer Name = BYA-84A8946583B | Source = Application Hang | ID = 1002

Description = Aplicativo com falha msnmsgr.exe, versão 14.0.8089.726, módulo com

falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

 

Error - 21/4/2010 00:57:23 | Computer Name = BYA-84A8946583B | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 21/4/2010 00:57:23 | Computer Name = BYA-84A8946583B | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

[ System Events ]

Error - 11/1/2011 03:36:06 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço HWiNFO32 Kernel Driver devido ao

seguinte erro: %%3

 

Error - 11/1/2011 04:40:55 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço HWiNFO32 Kernel Driver devido ao

seguinte erro: %%3

 

Error - 11/1/2011 04:41:00 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: ViaIde

 

Error - 11/1/2011 04:56:30 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço HWiNFO32 Kernel Driver devido ao

seguinte erro: %%3

 

Error - 11/1/2011 11:36:13 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço HWiNFO32 Kernel Driver devido ao

seguinte erro: %%3

 

Error - 11/1/2011 13:06:14 | Computer Name = BYA-84A8946583B | Source = sr | ID = 1

Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'

ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume

foi interrompido.

 

Error - 11/1/2011 13:06:30 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço HWiNFO32 Kernel Driver devido ao

seguinte erro: %%3

 

Error - 11/1/2011 13:06:30 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: ViaIde

 

Error - 11/1/2011 16:34:24 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço HWiNFO32 Kernel Driver devido ao

seguinte erro: %%3

 

Error - 11/1/2011 17:23:06 | Computer Name = BYA-84A8946583B | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço HWiNFO32 Kernel Driver devido ao

seguinte erro: %%3

 

 

< End of report >

Compartilhar este post

Link para o post
Compartilhar em outros sites

Felipe_88    0

Felipe_88
Postado

Olá, meligeni! Seja Bem Vindo ao iMasters Fóruns!

 

*Baixe o programa do link e salve-o no desktop

http://windowsxp.mvps.org/utils/IEFix.zip

*Extraia o IEFix.exe para o desktop

*Feche todas as janelas abertas do Internet Explorer

*Duplo clique em IEFix.exe, clique em [Apply] e aguarde..

*Caso seja solicitada a inserção do CD do Windows clique em Cancelar e aguarde o término.

*Reinicie o PC e veja se o problema corrigiu...

*Caso negativo, repita o procedimento e insira o CD do Windows

*Direcione o local onde encontra-se o CD do Windows e em seguida clique [OK]...aguarde

*Reinicie o PC e veja se o problema corrigiu...

Compartilhar este post

Link para o post
Compartilhar em outros sites

meligeni    0

meligeni
Postado

Olá, meligeni! Seja Bem Vindo ao iMasters Fóruns!

 

*Baixe o programa do link e salve-o no desktop

http://windowsxp.mvps.org/utils/IEFix.zip

*Extraia o IEFix.exe para o desktop

*Feche todas as janelas abertas do Internet Explorer

*Duplo clique em IEFix.exe, clique em [Apply] e aguarde..

*Caso seja solicitada a inserção do CD do Windows clique em Cancelar e aguarde o término.

*Reinicie o PC e veja se o problema corrigiu...

*Caso negativo, repita o procedimento e insira o CD do Windows

*Direcione o local onde encontra-se o CD do Windows e em seguida clique [OK]...aguarde

*Reinicie o PC e veja se o problema corrigiu...

 

 

Muito obrigado felipe!

Podem fechar caso resolvido.

 

Ou posso perguntar mais coisas por esse topico?

Pq tem um segundo problema mas que não esta relacionado a este.

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito