Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

.matiello

[Resolvido] &nbspAnálise de log

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

.matiello    0

.matiello
Postado

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:19:38, on 26/1/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\WINDOWS\sttray.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\Arquivos de programas\SEC\Natural Color Pro\NCProTray.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Arquivos de programas\TeamSpeak 3 Client\ts3client_win32.exe

C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Hijack\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice

O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /installquiet

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [avast5] "C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: NCProTray.lnk = C:\Arquivos de programas\SEC\Natural Color Pro\NCProTray.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe

 

--

End of file - 9645 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Olá .matiello

 

1.

*Baixe o SCRP e salve-o no desktop

*Extraia para o desktop

*Execute o SCRP, aguarde e clique [OK]

 

2.

*Baixe o ERUNT e salve-o no desktop

*Crie uma pasta em C:\ chamada ERUNT e extraia para ela

*Execute o arquivo C:\ERUNT\ERUNT.exe

*Clique [OK] > [OK] > [sim] > [OK]

 

3.

*Baixe o OTL e salve-o no desktop

*Execute o OTL e selecione a opção:

[X] Verificar All Users

*Clique [Verificação Rápida] e aguarde o término

*Cole o relatório OTL.txt apresentado

Compartilhar este post

Link para o post
Compartilhar em outros sites

.matiello    0

.matiello
Postado

Veio um relatório chamado Extras.txt separado do OTL.txt, postei os dois.

 

OTL logfile created on: 27/1/2011 01:13:18 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Henrique\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 149,04 Gb Total Space | 90,05 Gb Free Space | 60,42% Space Free | Partition Type: NTFS

 

Computer Name: MATIELLO | User Name: Henrique | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/01/27 01:12:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henrique\Desktop\OTL.exe

PRC - [2011/01/13 06:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/01/13 06:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/11/04 03:29:41 | 000,993,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

PRC - [2010/10/20 14:19:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.39\GoogleCrashHandler.exe

PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/05/14 12:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

PRC - [2009/04/28 12:33:12 | 002,374,464 | ---- | M] (Agnitum Ltd.) -- C:\Arquivos de programas\Agnitum\Outpost Firewall\op_mon.exe

PRC - [2009/04/28 11:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) -- C:\Arquivos de programas\Agnitum\Outpost Firewall\acs.exe

PRC - [2008/04/13 20:21:00 | 001,542,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2006/11/16 20:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

PRC - [2006/05/26 12:58:54 | 000,086,016 | ---- | M] (SigmaTel, Inc.) -- C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\stacsv.exe

PRC - [2006/05/26 12:58:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\sttray.exe

PRC - [2006/04/10 15:24:20 | 000,049,220 | ---- | M] (Samsung) -- C:\Arquivos de programas\SEC\Natural Color Pro\NCProTray.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/01/27 01:12:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henrique\Desktop\OTL.exe

MOD - [2011/01/13 06:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\snxhk.dll

MOD - [2010/08/23 14:11:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/01/13 06:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2009/04/28 11:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Arquivos de programas\Agnitum\Outpost Firewall\acs.exe -- (acssrv)

SRV - [2009/01/21 14:08:06 | 001,095,560 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe -- (sdCoreService)

SRV - [2009/01/07 13:40:56 | 000,348,752 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)

SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2007/02/08 17:13:46 | 000,212,480 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2006/05/26 12:58:54 | 000,086,016 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)

SRV - [2005/04/04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Running] -- -- (XDva380)

DRV - [2011/01/13 06:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/01/13 06:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/01/13 06:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2011/01/13 06:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/01/13 06:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2011/01/13 06:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/07/09 20:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

DRV - [2009/11/16 14:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)

DRV - [2009/04/06 12:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SandBox.sys -- (SandBox)

DRV - [2009/04/03 12:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)

DRV - [2009/02/18 18:30:56 | 000,031,128 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw)

DRV - [2009/02/10 17:15:42 | 000,257,432 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore)

DRV - [2008/04/13 12:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Driver de áudio USB (WDM)

DRV - [2008/04/13 10:36:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2007/02/22 11:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)

DRV - [2007/02/22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)

DRV - [2007/02/22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)

DRV - [2007/02/22 11:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)

DRV - [2006/05/26 12:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)

DRV - [2005/12/02 22:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)

DRV - [2005/10/21 08:25:32 | 000,013,396 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MTictwl.sys -- (NCPro)

DRV - [2005/10/21 08:25:32 | 000,013,396 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MTictwl.sys -- (MagicTune)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\S-1-5-21-1078081533-515967899-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1078081533-515967899-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

 

 

[2010/06/27 18:29:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Henrique\Dados de aplicativos\Mozilla\Extensions

[2010/06/27 18:29:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Henrique\Dados de aplicativos\Mozilla\Extensions\mozswing@mozswing.org

 

O1 HOSTS File: ([2001/10/28 16:06:36 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast5] C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe ()

O4 - HKLM..\Run: [OutpostFeedBack] C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.)

O4 - HKLM..\Run: [OutpostMonitor] C:\Arquivos de programas\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.)

O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\S-1-5-21-1078081533-515967899-725345543-1003..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\NCProTray.lnk = C:\Arquivos de programas\SEC\Natural Color Pro\NCProTray.exe (Samsung)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Arquivos de programas\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/06/27 14:14:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/27 01:12:47 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Henrique\Desktop\OTL.exe

[2011/01/27 01:12:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2011/01/27 01:11:32 | 000,000,000 | ---D | C] -- C:\ERUNT

[2011/01/27 01:10:44 | 000,386,048 | ---- | C] (http://Tec-updates.blogspot.com) -- C:\Documents and Settings\Henrique\Desktop\SCRP.exe

[2011/01/20 19:17:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Henrique\Recent

[2011/01/02 12:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Picasa 3

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/27 01:12:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Henrique\Desktop\OTL.exe

[2011/01/27 01:11:15 | 000,513,320 | ---- | M] () -- C:\Documents and Settings\Henrique\Desktop\erunt.zip

[2011/01/27 01:10:26 | 000,198,821 | ---- | M] () -- C:\Documents and Settings\Henrique\Desktop\SCRP.zip

[2011/01/27 00:26:00 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/27 00:24:00 | 000,001,156 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-515967899-725345543-1003UA.job

[2011/01/26 23:11:18 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/26 23:10:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/01/26 14:24:00 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-515967899-725345543-1003Core.job

[2011/01/25 12:21:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/01/24 20:00:54 | 000,104,448 | ---- | M] () -- C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/01/22 21:04:03 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2011/01/20 23:39:10 | 000,002,169 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2011/01/20 21:15:01 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/01/19 00:44:27 | 000,003,018 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011/01/13 06:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/01/13 06:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/01/13 06:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/01/13 06:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/01/13 06:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/01/13 06:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/01/13 06:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/01/13 06:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2010/12/31 18:06:36 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/01/27 01:11:14 | 000,513,320 | ---- | C] () -- C:\Documents and Settings\Henrique\Desktop\erunt.zip

[2011/01/27 01:10:29 | 000,198,821 | ---- | C] () -- C:\Documents and Settings\Henrique\Desktop\SCRP.zip

[2011/01/22 12:28:27 | 000,128,913 | ---- | C] () -- C:\Documents and Settings\Henrique\Meus documentos\The.Town.EXTENDED.720p.Bluray.x264-CBGB.srt

[2010/07/03 23:12:34 | 000,104,448 | ---- | C] () -- C:\Documents and Settings\Henrique\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/28 15:16:31 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2010/06/27 21:42:06 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010/06/27 21:42:06 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2010/06/27 21:42:04 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010/06/27 21:42:04 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010/06/27 21:42:04 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/06/27 15:26:35 | 000,013,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTictwl.sys

[2010/06/27 11:05:57 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010/01/11 05:24:40 | 000,001,683 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2009/11/16 14:33:38 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2009/06/07 09:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll

[2007/01/23 23:39:54 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll

[2007/01/23 23:39:54 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2005/12/07 13:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll

 

========== LOP Check ==========

 

[2010/09/07 19:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Agnitum

[2010/11/26 12:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alwil Software

[2010/11/09 15:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FileCure

[2010/07/08 00:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

[2010/10/08 15:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nexon

[2010/07/27 01:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nokia

[2010/11/26 12:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Panda Security

[2010/11/26 14:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Panda Security Toolbar Antiphishing

[2010/07/27 01:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite

[2011/01/22 18:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2010/06/27 22:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2010/06/28 22:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\Auslogics

[2010/07/08 23:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\IObit

[2010/11/29 12:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\LimeWire

[2010/09/11 15:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\Nokia

[2010/08/16 23:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\NSeries

[2010/11/26 12:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\Panda Security

[2010/07/27 01:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\PC Suite

[2010/10/25 15:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\PointBlank

[2010/11/26 12:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\SurfSecret Privacy Suite

[2010/10/09 00:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\TeamViewer

[2011/01/03 00:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\TS3Client

[2010/07/05 16:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\Unity

[2011/01/26 21:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\uTorrent

[2010/08/12 18:46:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Henrique\Dados de aplicativos\VDownloader

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

 

< End of report >

 

 

 

OTL Extras logfile created on: 27/1/2011 01:13:18 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Henrique\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 149,04 Gb Total Space | 90,05 Gb Free Space | 60,42% Space Free | Partition Type: NTFS

 

Computer Name: MATIELLO | User Name: Henrique | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 

[HKEY_USERS\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Level Up! Games\Combat Arms\CombatArms.exe" = C:\Level Up! Games\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Level Up! Games\Combat Arms\Engine.exe" = C:\Level Up! Games\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\uTorrent\uTorrent.exe" = C:\Arquivos de programas\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

"C:\ongame\Pointblank\PointBlank.exe" = C:\ongame\Pointblank\PointBlank.exe:*:Enabled:PointBlank -- (Zepetto)

"C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe" = C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

"C:\Arquivos de programas\TeamViewer\Version5\TeamViewer_Service.exe" = C:\Arquivos de programas\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)

"C:\Level Up! Games\Combat Arms\CombatArms.exe" = C:\Level Up! Games\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Level Up! Games\Combat Arms\Engine.exe" = C:\Level Up! Games\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)

"C:\Level Up! Games\Combat Arms\NMService.exe" = C:\Level Up! Games\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)

"C:\Arquivos de programas\iTunes\iTunes.exe" = C:\Arquivos de programas\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0CBADDF4-2CF6-4CDB-B4F5-29B8FCA7FE07}" = Microsoft .NET Framework 1.1 Brazilian Portuguese Language Pack

"{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}" = Windows Live Essentials

"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb

"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{20BCD471-7897-481D-ACF2-CB9BABF6A6CF}" = Nokia Software Updater

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 22

"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes

"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB

"{423290D4-DC50-48FA-9871-9D61FCAD7C13}" = Microsoft .NET Framework 2.0 Language Pack - PTB

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live

"{590035D9-BFA0-406A-A7F0-479C72C0DDB2}" = Windows Live Call

"{6094AB91-4CC8-498E-9DFF-134CC0B159DE}" = PC Connectivity Solution

"{674636D6-F844-4ACB-AA56-3F4E55F172D6}" = SlimDrivers

"{67E4EF06-E0D6-42E0-A2BA-67199B0143FB}_is1" = Windows Media Player Plus! 1.0

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}" = Windows Live Messenger

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1046-7B44-A94000000001}" = Adobe Reader 9.4.1 - Português

"{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB

"{B53F4598-B3D9-41DF-911E-523FA91EE464}" = Nokia Software Launcher

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F1932E56-8A95-40E0-A15B-E06B45969845}" = Nokia NSeries System Utilities

"{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access

"{F6B23E59-1240-4C20-AE0B-70658A91976A}" = Intel® PRO Network Connections

"{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier

"{F87DA817-8D53-42CC-AA45-93A100341046}" = Nero 7 Essentials

"{F89E5AD8-AE47-49B5-B9F9-C498791E6255}" = Nokia NSeries Music Manager

"{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III

"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro

"{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer

"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Advanced SystemCare 3_is1" = Advanced SystemCare 3

"Agnitum Outpost Firewall_is1" = Outpost Firewall 2009

"Ares" = Ares 2.1.7

"avast5" = avast! Free Antivirus

"CCleaner" = CCleaner

"Combat Arms" = Combat Arms

"Discador Velox_is1" = Discador Velox 0.98

"ENTERPRISE" = Microsoft Office Enterprise 2007

"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)

"Force 2.0_is1" = Force 2.0

"ie8" = Windows Internet Explorer 8

"InstallShield_{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III

"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.9 (Full)

"LimeWire" = LimeWire 5.5.10

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Messenger Plus! Live" = Messenger Plus! Live

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - PTB" = Microsoft .NET Framework 2.0 Language Pack - PTB

"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MV RegClean 5.5_is1" = MV RegClean 5.5

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager

"Picasa 3" = Picasa 3

"Programador de Modem Velox_is1" = Programador de Modem Velox 2.0

"Revo Uninstaller" = Revo Uninstaller 1.90

"Seven Remix XP" = Seven Remix XP 2.4

"Spyware Doctor" = Spyware Doctor 6.0

"SpywareBlaster_is1" = SpywareBlaster 4.3

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"TeamViewer 5" = TeamViewer 5

"uTorrent" = µTorrent

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinPcapInst" = WinPcap 4.1.1

"WinRAR archiver" = Arquivo do WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1078081533-515967899-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"PointBlank" = PointBlank

"UnityWebPlayer" = Unity Web Player

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 15/8/2010 13:23:42 | Computer Name = MATIELLO | Source = Nokia Software Launcher | ID = 1

Description =

 

[ System Events ]

Error - 21/1/2011 09:24:21 | Computer Name = MATIELLO | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0019D15B3BD6 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 24/1/2011 09:15:15 | Computer Name = MATIELLO | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0019D15B3BD6 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 25/1/2011 10:21:03 | Computer Name = MATIELLO | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0019D15B3BD6 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 26/1/2011 09:02:51 | Computer Name = MATIELLO | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a placa de rede com endereço

de rede 0019D15B3BD6 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

 

Error - 26/1/2011 09:03:34 | Computer Name = MATIELLO | Source = W32Time | ID = 39452689

Description = Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível

de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma

nova tentativa em 15 minutos. Erro: Uma operação de soquete foi tentada em um host

inacessível. (0x80072751)

 

Error - 26/1/2011 09:03:34 | Computer Name = MATIELLO | Source = W32Time | ID = 39452701

Description = O provedor de tempo NtpClient foi configurado para obter tempo de

uma ou mais fontes de tempo; no entanto, nenhuma delas está acessível no momento.

 

Não será feita nenhuma tentativa de contatar uma fonte durante 14 minutos. O NtpClient

não tem uma fonte de tempo preciso.

 

Error - 26/1/2011 09:03:34 | Computer Name = MATIELLO | Source = W32Time | ID = 39452689

Description = Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível

de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma

nova tentativa em 15 minutos. Erro: Uma operação de soquete foi tentada em um host

inacessível. (0x80072751)

 

Error - 26/1/2011 09:03:34 | Computer Name = MATIELLO | Source = W32Time | ID = 39452701

Description = O provedor de tempo NtpClient foi configurado para obter tempo de

uma ou mais fontes de tempo; no entanto, nenhuma delas está acessível no momento.

 

Não será feita nenhuma tentativa de contatar uma fonte durante 15 minutos. O NtpClient

não tem uma fonte de tempo preciso.

 

Error - 26/1/2011 09:08:34 | Computer Name = MATIELLO | Source = W32Time | ID = 39452689

Description = Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível

de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma

nova tentativa em 15 minutos. Erro: Uma operação de soquete foi tentada em um host

inacessível. (0x80072751)

 

Error - 26/1/2011 09:08:34 | Computer Name = MATIELLO | Source = W32Time | ID = 39452701

Description = O provedor de tempo NtpClient foi configurado para obter tempo de

uma ou mais fontes de tempo; no entanto, nenhuma delas está acessível no momento.

 

Não será feita nenhuma tentativa de contatar uma fonte durante 15 minutos. O NtpClient

não tem uma fonte de tempo preciso.

 

 

< End of report >

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Nada de relevante no log.

 

Algum problema ou somente verificação?

 

Caso seja só verificação:

*Execute o OTL e clique [Limpeza] > [OK]

*O PC será reiniciado

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito