Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Leandrueo

[Resolvido] &nbspPC com virus

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

Leandrueo    0

Leandrueo
Postado

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:55:24, on 29/1/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\Microsoft Application Virtualization Client\sftvsa.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\Arquivos de programas\Microsoft Application Virtualization Client\sftlist.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Arquivos de programas\XfireXO\tbXfi0.dll

O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Arquivos de programas\ConduitEngine\ConduitEngine.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Arquivos de programas\XfireXO\tbXfi0.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Arquivos de programas\XfireXO\tbXfi0.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [steam] "C:\Arquivos de programas\Steam\Steam.exe" -silent

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing)

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Arquivos de programas\AVG\AVG8\Toolbar\ToolbarBroker.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

 

--

End of file - 9852 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Olá Leandrueo

 

 

1.

*Baixe o AD-Remover e salve-o no desktop

*Execute o AD-Remover

*Clique [Clean] > [OK] > [sim]

*O PC será reiniciado

*Cole o relatório C:\Ad-Report-CLEAN[1].txt

Compartilhar este post

Link para o post
Compartilhar em outros sites

Leandrueo    0

Leandrueo
Postado

======= REPORT FROM AD-REMOVER 2.0.0.2,D | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 29/01/11 at 16:00

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [2]) -> Launched at 15:59:14 on 04/02/2011, Normal boot

 

Microsoft Windows XP Professional Service Pack 3 (X86)

windows@ALESSANDRO ( )

 

============== ACTION(S) ==============

 

 

File deleted: C:\WINDOWS\system32\ConduitEngine.tmp

File deleted: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

Folder deleted: C:\Documents and Settings\windows\Dados de aplicativos\Mozilla\FireFox\Profiles\g9cswzeo.default\conduit

Folder deleted: C:\Arquivos de programas\Ask.com

Folder deleted: C:\Documents and Settings\windows\Configurações locais\Dados de aplicativos\AskToolbar

Folder deleted: C:\Documents and Settings\windows\Configurações locais\Dados de aplicativos\ConduitEngine

Folder deleted: C:\Arquivos de programas\ConduitEngine

File deleted: C:\Arquivos de programas\Windows Live\Messenger\Riched20.dll

 

(!) -- Temporary files deleted.

 

 

-- File opened: C:\Documents and Settings\windows\Dados de aplicativos\Mozilla\FireFox\Profiles\g9cswzeo.default\Prefs.js --

Line deleted: user_pref("extensions.asktb.cbid", "5J");

Line deleted: user_pref("extensions.asktb.crumb", "2011.01.09+19.34.39-toolbar007iad-BR-UmlvIERlIEphbmVpcm8sQnJhem...

Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://br.ask.com/web?q={query}&qsrc={qsrc}&...

Line deleted: user_pref("extensions.asktb.dtid", "YYYYYYYYBR");

Line deleted: user_pref("extensions.asktb.fresh-install", false);

Line deleted: user_pref("extensions.asktb.l", "dis");

Line deleted: user_pref("extensions.asktb.last-config-req", "1294630479980");

Line deleted: user_pref("extensions.asktb.locale", "pt_BR");

Line deleted: user_pref("extensions.asktb.o", "102869");

Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

Line deleted: user_pref("extensions.asktb.qsrc", "2871");

Line deleted: user_pref("extensions.asktb.r", "3");

Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true);

-- File closed --

 

 

Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key deleted: HKLM\Software\Classes\CLSID\{17D87FC1-85B1-4EF1-8095-0B8E5A6E5A38}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17D87FC1-85B1-4EF1-8095-0B8E5A6E5A38}

Key deleted: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key deleted: HKLM\Software\Classes\CLSID\{3925F040-6B1D-4EB6-A9C5-C4A9704B24B3}

Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key deleted: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}

Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key deleted: HKLM\Software\Classes\Conduit.Engine

Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

Key deleted: HKLM\Software\Classes\Toolbar.CT2304157

Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key deleted: HKLM\Software\Conduit

Key deleted: HKLM\Software\conduitEngine

Key deleted: HKCU\Software\Ask.com

Key deleted: HKCU\Software\AskToolbar

Key deleted: HKCU\Software\Conduit

Key deleted: HKCU\Software\conduitEngine

Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo

Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAA33A1F-3414-42EB-A7AE-EB16CA065AB3}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

 

Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

** Mozilla Firefox Version [3.6.13 (pt-BR)] **

 

-- C:\Documents and Settings\windows\Dados de aplicativos\Mozilla\FireFox\Profiles\g9cswzeo.default\Prefs.js --

browser.download.dir, C:\\Documents and Settings\\windows\\Desktop

browser.download.lastDir, C:\\Documents and Settings\\windows\\Desktop

browser.startup.homepage, hxxp://www.globo.com/

browser.startup.homepage_override.mstone, rv:1.9.2.13

keyword.URL, hxxp://search.avg.com/route/?d=4cc72a25&v=6.010.006.004&i=23&tp=ab&iy=&ychte=br&lng=pt-BR&q=

 

========================================

 

** Internet Explorer Version [6.0.2900.5512] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

Use Search Asst: no

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Arquivos de programas\Ad-Remover\Quarantine: 124 File(s)

C:\Arquivos de programas\Ad-Remover\Backup: 27 File(s)

 

C:\Ad-Report-CLEAN[1].txt - 22/11/2010 (16759 Byte(s))

C:\Ad-Report-CLEAN[2].txt - 04/02/2011 (2236 Byte(s))

 

End at: 16:00:46, 04/02/2011

 

============== E.O.F ==============

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

*Baixe o OTL e salve-o no desktop

*Execute-o e selecione a opção:

[X] Verificar All Users

*Clique [Verificação Rápida] e cole os relatórios apresentados

Compartilhar este post

Link para o post
Compartilhar em outros sites

Leandrueo    0

Leandrueo
Postado

OTL Extras logfile created on: 5/2/2011 15:18:18 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\windows\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

894,00 Mb Total Physical Memory | 274,00 Mb Available Physical Memory | 31,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free

Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 74,52 Gb Total Space | 22,89 Gb Free Space | 30,72% Space Free | Partition Type: NTFS

Drive D: | 480,69 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: ALESSANDRO | User Name: windows | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

 

[HKEY_USERS\S-1-5-21-1060284298-1960408961-842925246-1003\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"57938:TCP" = 57938:TCP:*:Enabled:Pando Media Booster

"57938:UDP" = 57938:UDP:*:Enabled:Pando Media Booster

"58789:TCP" = 58789:TCP:*:Enabled:Pando Media Booster

"58789:UDP" = 58789:UDP:*:Enabled:Pando Media Booster

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"57938:TCP" = 57938:TCP:*:Enabled:Pando Media Booster

"57938:UDP" = 57938:UDP:*:Enabled:Pando Media Booster

"8378:TCP" = 8378:TCP:*:Enabled:League of Legends Launcher

"8378:UDP" = 8378:UDP:*:Enabled:League of Legends Launcher

"8379:TCP" = 8379:TCP:*:Enabled:League of Legends Launcher

"8379:UDP" = 8379:UDP:*:Enabled:League of Legends Launcher

"8393:TCP" = 8393:TCP:*:Enabled:League of Legends Lobby

"8393:UDP" = 8393:UDP:*:Enabled:League of Legends Lobby

"8390:TCP" = 8390:TCP:*:Enabled:League of Legends Game Client

"8390:UDP" = 8390:UDP:*:Enabled:League of Legends Game Client

"6989:TCP" = 6989:TCP:*:Enabled:League of Legends Launcher

"6989:UDP" = 6989:UDP:*:Enabled:League of Legends Launcher

"58789:TCP" = 58789:TCP:*:Enabled:Pando Media Booster

"58789:UDP" = 58789:UDP:*:Enabled:Pando Media Booster

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe" = C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\AVG\AVG8\avgemc.exe" = C:\Arquivos de programas\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)

"C:\Arquivos de programas\AVG\AVG8\avgupd.exe" = C:\Arquivos de programas\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)

"C:\Arquivos de programas\AVG\AVG8\avgnsx.exe" = C:\Arquivos de programas\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)

"C:\Arquivos de programas\uTorrent\uTorrent.exe" = C:\Arquivos de programas\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

"C:\Arquivos de programas\Mozilla Firefox\firefox.exe" = C:\Arquivos de programas\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Arquivos de programas\Ares\Ares.exe" = C:\Arquivos de programas\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)

"C:\Documents and Settings\windows\Dados de aplicativos\PowerChallenge\PowerSoccer\PowerSoccer.exe" = C:\Documents and Settings\windows\Dados de aplicativos\PowerChallenge\PowerSoccer\PowerSoccer.exe:*:Enabled:PowerSoccer -- ()

"C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)

"C:\NGM\NGM.exe" = C:\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)

"C:\Arquivos de programas\DsNET Corp\aTube Catcher 2.0\yct.exe" = C:\Arquivos de programas\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos.

"C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe" = C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth

"C:\Riot Games\League of Legends\air\LolClient.exe" = C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby

"C:\Riot Games\League of Legends\game\League of Legends.exe" = C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client

"C:\Riot Games\League of Legends\lol.launcher.exe" = C:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher

"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Arquivos de programas\Steam\Steam.exe" = C:\Arquivos de programas\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)

"C:\gPotato.com\Allods Online\bin\Launcher.exe" = C:\gPotato.com\Allods Online\bin\Launcher.exe:*:Enabled:Allods Online launcher.exe -- (© 2008 - 2009 Astrum Nival, LLC)

"C:\gPotato.com\Allods Online\bin\AOgame.exe" = C:\gPotato.com\Allods Online\bin\AOgame.exe:*:Enabled:Allods Online AOgame.exe -- (© 2008 - 2009 Astrum Nival, LLC)

"C:\Arquivos de programas\Sports Interactive\Football Manager 2010\fm.exe" = C:\Arquivos de programas\Sports Interactive\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010

"C:\Arquivos de programas\Sports Interactive\Football Manager 2011\fm.exe" = C:\Arquivos de programas\Sports Interactive\Football Manager 2011\fm.exe:*:Enabled:Football Manager 2011 -- (Sports Interactive)

"C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe" = C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

"C:\Arquivos de programas\Garena\Garena.exe" = C:\Arquivos de programas\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)

"C:\Arquivos de programas\iTunes\iTunes.exe" = C:\Arquivos de programas\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

"C:\Arquivos de programas\Garena HostBot v4.0\GarenaHostBot.exe" = C:\Arquivos de programas\Garena HostBot v4.0\GarenaHostBot.exe:*:Enabled:Garena HostBot - advanced hosting bot for garena -- (www.GarenaWorld.com)

"C:\Arquivos de programas\Garena HostBot v4.0\ghost.exe" = C:\Arquivos de programas\Garena HostBot v4.0\ghost.exe:*:Enabled:ghost -- ()

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}" = Windows Live Essentials

"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18

"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour

"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live

"{564c9fa9-3609-4dad-9ef8-9899cd492ae6}" = Nero 9 Lite

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{590035D9-BFA0-406A-A7F0-479C72C0DDB2}" = Windows Live Call

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{90140011-0062-0409-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - English

"{90850416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{95120000-00AF-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Portuguese (Brazil))

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}" = Windows Live Messenger

"{A0B0BCE9-2994-36F2-BE66-D23C884372E8}" = Visual C++ 9.0 OpenMP (x86) WinSXS MSM

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA2EBBCC-4E3B-3442-865E-7BB3E9F45F0C}" = Visual C++ 9.0 CRT (x86) WinSXS MSM

"{AC76BA86-7AD7-1046-7B44-A93000000001}" = Adobe Reader 9.3.3 - Português

"{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB

"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center

"{B9CA59A0-3B70-48F8-9054-67595DE6E72B}" = League of Legends

"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi

"{CF58B132-4C67-4E0A-BE3D-8DADB1E32258}" = Vegas Movie Studio 9.0

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer

"{EB5BA578-FF7F-3863-8E53-7A003222B7FC}" = Visual C++ 9.0 CRT (x86) WinSXS MSM

"{EB6C11E5-449C-3BA3-9086-80B18BCFF947}" = Visual C++ 9.0 OpenMP (x86) WinSXS MSM

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Ad-Remover" = Ad-Remover By C_XX

"Any Video Converter_is1" = Any Video Converter 3.0.5

"Ares" = Ares 2.1.3

"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1

"AstrumNival Allods" = Allods Online 1.1.02.58

"AVG8Uninstall" = AVG Free 8.5

"Combat Arms" = Combat Arms

"Football Manager 2011" = Football Manager 2011

"Garena" = Garena 2010

"Garena HostBot v4.04.0" = Garena HostBot v4.0

"HijackThis" = HijackThis 2.0.2

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.6.1

"LogMeIn Hamachi" = LogMeIn Hamachi

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"ManyCam" = ManyCam 2.6.30 (remove only)

"Messenger Plus! Live" = Messenger Plus! Live

"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NVIDIA Drivers" = NVIDIA Drivers

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"PhotoScape" = PhotoScape

"uTorrent" = µTorrent

"WinAVI Video Converter 10.5_is1" = WinAVI Video Converter

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinPcapInst" = WinPcap 4.1.1

"WinRAR archiver" = Arquivo do WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XfireXO Toolbar" = XfireXO Toolbar

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.9

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1060284298-1960408961-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Power Loader" = Power Challenge Game Plugin

"UnityWebPlayer" = Unity Web Player

"Warcraft III" = Warcraft III: All Products

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 20/1/2011 18:01:02 | Computer Name = ALESSANDRO | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 27/1/2011 17:55:26 | Computer Name = ALESSANDRO | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 27/1/2011 17:55:31 | Computer Name = ALESSANDRO | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 28/1/2011 11:43:18 | Computer Name = ALESSANDRO | Source = Application Error | ID = 1000

Description = Aplicativo com falha plugin-container.exe, versão 1.9.2.3989, módulo

com falha ntdll.dll, versão 5.1.2600.5755, endereço com falha 0x0000100b.

 

Error - 28/1/2011 14:51:02 | Computer Name = ALESSANDRO | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 28/1/2011 14:51:04 | Computer Name = ALESSANDRO | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 28/1/2011 15:22:19 | Computer Name = ALESSANDRO | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

Error - 29/1/2011 15:49:03 | Computer Name = ALESSANDRO | Source = CVHSVC | ID = 100

Description = Information only. (Patch task for {90140011-0062-0409-0000-0000000FF1CE}):

DownloadLatest Failed:

 

Error - 30/1/2011 06:37:59 | Computer Name = ALESSANDRO | Source = CVHSVC | ID = 100

Description = Information only. (Patch task for {90140011-0062-0409-0000-0000000FF1CE}):

DownloadLatest Failed:

 

Error - 1/2/2011 19:31:56 | Computer Name = ALESSANDRO | Source = WindowsLiveMessenger | ID = 15728647

Description =

 

[ System Events ]

Error - 4/2/2011 13:59:45 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7034

Description = O serviço Java Quick Starter foi encerrado inesperadamente. Isso

aconteceu 1 vez(es).

 

Error - 4/2/2011 13:59:45 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7034

Description = O serviço AVG Free8 E-mail Scanner foi encerrado inesperadamente.

Isso aconteceu 1 vez(es).

 

Error - 4/2/2011 13:59:45 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7034

Description = O serviço LogMeIn Hamachi 2.0 Tunneling Engine foi encerrado inesperadamente.

Isso aconteceu 1 vez(es).

 

Error - 4/2/2011 13:59:49 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7034

Description = O serviço Application Virtualization Client foi encerrado inesperadamente.

Isso aconteceu 1 vez(es).

 

Error - 4/2/2011 14:03:52 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7023

Description = O serviço HID Input Service terminou com o erro: %%126

 

Error - 4/2/2011 15:59:05 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7023

Description = O serviço HID Input Service terminou com o erro: %%126

 

Error - 4/2/2011 22:54:04 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7023

Description = O serviço HID Input Service terminou com o erro: %%126

 

Error - 5/2/2011 07:21:12 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7023

Description = O serviço HID Input Service terminou com o erro: %%126

 

Error - 5/2/2011 12:01:07 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7023

Description = O serviço HID Input Service terminou com o erro: %%126

 

Error - 5/2/2011 12:27:57 | Computer Name = ALESSANDRO | Source = Service Control Manager | ID = 7023

Description = O serviço HID Input Service terminou com o erro: %%126

 

 

< End of report >

 

 

 

 

 

 

 

 

 

 

 

OTL logfile created on: 5/2/2011 15:18:18 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\windows\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

894,00 Mb Total Physical Memory | 274,00 Mb Available Physical Memory | 31,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free

Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 74,52 Gb Total Space | 22,89 Gb Free Space | 30,72% Space Free | Partition Type: NTFS

Drive D: | 480,69 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: ALESSANDRO | User Name: windows | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/02/05 15:17:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\windows\Desktop\OTL.exe

PRC - [2010/12/11 00:04:00 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe

PRC - [2010/12/06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2010/12/06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/09/21 16:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

PRC - [2010/07/08 17:11:31 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgtray.exe

PRC - [2010/04/24 02:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010/04/24 02:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

PRC - [2010/02/28 03:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

PRC - [2010/01/20 11:38:52 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

PRC - [2010/01/20 11:38:38 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgwdsvc.exe

PRC - [2010/01/13 11:45:17 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgemc.exe

PRC - [2010/01/13 11:45:17 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgnsx.exe

PRC - [2010/01/13 11:45:17 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG8\avgrsx.exe

PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

PRC - [2009/11/24 12:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Arquivos de programas\Skype\Toolbars\Shared\SkypeNames2.exe

PRC - [2008/04/14 10:00:00 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/04/13 17:21:20 | 000,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/02/05 15:17:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\windows\Desktop\OTL.exe

MOD - [2010/08/23 14:11:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010/12/06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Arquivos de programas\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)

SRV - [2010/04/27 19:01:00 | 003,530,992 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)

SRV - [2010/04/24 02:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de programas\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010/04/24 02:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/28 03:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)

SRV - [2010/01/20 11:38:38 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Arquivos de programas\AVG\AVG8\avgwdsvc.exe -- (avg8wd)

SRV - [2010/01/13 11:45:17 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Arquivos de programas\AVG\AVG8\avgemc.exe -- (avg8emc)

SRV - [2010/01/09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2008/04/13 17:21:20 | 000,073,796 | ---- | M] (Smart Link) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010/04/24 02:10:54 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)

DRV - [2010/04/24 02:10:52 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)

DRV - [2010/04/24 02:10:50 | 000,211,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)

DRV - [2010/04/24 02:10:44 | 000,554,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)

DRV - [2010/04/21 00:13:14 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010/02/03 16:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2010/01/27 00:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)

DRV - [2010/01/13 11:45:39 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)

DRV - [2010/01/13 11:45:34 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)

DRV - [2010/01/13 11:45:32 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)

DRV - [2009/09/27 21:12:22 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

DRV - [2008/04/14 10:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008/04/13 09:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)

DRV - [2008/04/13 09:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)

DRV - [2008/04/13 09:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)

DRV - [2008/04/13 09:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)

DRV - [2008/04/13 09:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)

DRV - [2008/04/13 09:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)

DRV - [2008/04/13 09:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)

DRV - [2008/04/13 07:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

DRV - [2007/04/11 04:04:40 | 004,397,568 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

 

 

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll ()

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll ()

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Arquivos de programas\XfireXO\tbXfi0.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll ()

IE - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://www.globo.com/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198

FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cc72a25&v=6.010.006.004&i=23&tp=ab&iy=&ychte=br&lng=pt-BR&q="

 

FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Arquivos de programas\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010/10/26 17:21:08 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2010/12/15 19:44:11 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2010/12/15 19:44:11 | 000,000,000 | ---D | M]

 

[2010/01/19 21:27:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\windows\Dados de aplicativos\Mozilla\Extensions

[2011/02/04 19:30:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\windows\Dados de aplicativos\Mozilla\Firefox\Profiles\g9cswzeo.default\extensions

[2010/06/21 18:04:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\windows\Dados de aplicativos\Mozilla\Firefox\Profiles\g9cswzeo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/02/04 19:30:44 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions

[2010/08/30 22:05:19 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/02/03 20:53:29 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\ARQUIVOS DE PROGRAMAS\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010/01/15 23:18:55 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml

[2010/01/15 23:18:55 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2010/01/15 23:18:55 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2010/01/15 23:18:55 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml

 

O1 HOSTS File: ([2010/11/01 22:33:50 | 000,000,121 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Arquivos de programas\XfireXO\tbXfi0.dll (Conduit Ltd.)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll ()

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Arquivos de programas\XfireXO\tbXfi0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll ()

O3 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Arquivos de programas\XfireXO\tbXfi0.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll ()

O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVG8_TRAY] C:\Arquivos de programas\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [PAC7302_Monitor] File not found

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003..\Run: [ares] C:\Arquivos de programas\Ares\Ares.exe (Ares Development Group)

O4 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003..\Run: [DAEMON Tools Lite] C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003..\Run: [steam] C:\Arquivos de programas\Steam\Steam.exe (Valve Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-1060284298-1960408961-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Arquivos de programas\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll ()

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\windows\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\windows\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/01/13 11:05:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2003/05/21 15:11:08 | 000,061,440 | R--- | M] () - D:\autoplay.exe -- [ CDFS ]

O32 - AutoRun File - [2003/02/12 05:01:48 | 000,000,050 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/02/05 15:17:36 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\windows\Desktop\OTL.exe

[2011/02/04 23:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight

[2011/02/04 23:40:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight

[2011/02/02 18:43:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\windows\Desktop\Filme_Strong_World.mp4 ONE PIECE

[2011/01/21 12:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\windows\Dados de aplicativos\VDownloader

[2011/01/21 12:18:48 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\WinPcap

[2011/01/11 22:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\windows\Desktop\Nova pasta (2)

[2011/01/11 21:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\windows\Dados de aplicativos\PhotoScape

[2011/01/11 21:17:57 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\PhotoScape

[2011/01/10 01:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\windows\Configurações locais\Dados de aplicativos\ManyCam

[2011/01/10 01:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\windows\Dados de aplicativos\ManyCam

[2011/01/10 01:30:02 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\ManyCam

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/02/05 15:24:11 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/02/05 15:17:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\windows\Desktop\OTL.exe

[2011/02/05 14:28:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/02/05 14:26:35 | 000,196,865 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml

[2011/02/05 14:26:18 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/02/05 14:26:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/02/05 12:32:59 | 000,067,584 | ---- | M] () -- C:\Documents and Settings\windows\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/02/05 12:00:25 | 000,014,677 | ---- | M] () -- C:\Documents and Settings\windows\Desktop\Supernatural_S06E12_HDTV_XviD-2HD_[eztv].6151094.TPB.torrent

[2011/02/05 09:41:00 | 070,736,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2011/02/04 19:49:50 | 000,022,962 | ---- | M] () -- C:\Documents and Settings\windows\Desktop\misstakef18a0bc330aed33324b6d038bbdc4fff.rar

[2011/02/04 15:59:09 | 000,001,626 | ---- | M] () -- C:\Documents and Settings\windows\Desktop\AD-R.lnk

[2011/02/01 17:07:03 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/01/26 17:34:18 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk

[2011/01/21 12:18:43 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VDownloader.lnk

[2011/01/11 21:31:04 | 000,022,528 | -H-- | M] () -- C:\Documents and Settings\windows\Desktop\photothumb.db

[2011/01/10 01:30:41 | 000,000,858 | ---- | M] () -- C:\Documents and Settings\windows\Desktop\ManyCam.lnk

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/02/05 12:00:24 | 000,014,677 | ---- | C] () -- C:\Documents and Settings\windows\Desktop\Supernatural_S06E12_HDTV_XviD-2HD_[eztv].6151094.TPB.torrent

[2011/02/04 19:49:49 | 000,022,962 | ---- | C] () -- C:\Documents and Settings\windows\Desktop\misstakef18a0bc330aed33324b6d038bbdc4fff.rar

[2011/01/21 12:18:42 | 000,444,283 | ---- | C] () -- C:\Arquivos de programas\Arquivos comuns\WinPcapNmap.exe

[2011/01/11 21:20:11 | 000,022,528 | -H-- | C] () -- C:\Documents and Settings\windows\Desktop\photothumb.db

[2011/01/10 01:30:41 | 000,000,858 | ---- | C] () -- C:\Documents and Settings\windows\Desktop\ManyCam.lnk

[2010/12/10 23:52:33 | 000,000,205 | ---- | C] () -- C:\Documents and Settings\windows\Dados de aplicativos\D2Info0

[2010/12/10 23:52:33 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\windows\Dados de aplicativos\DofusAppId0_2

[2010/10/21 06:34:49 | 000,102,154 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-S-1-5-21-1060284298-1960408961-842925246-1003-0.dat

[2010/10/21 06:34:43 | 000,102,154 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-System.dat

[2010/06/28 23:51:01 | 000,300,432 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\FontCache3.0.0.0.dat

[2010/04/21 00:13:13 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2010/04/10 22:27:13 | 000,000,026 | ---- | C] () -- C:\WINDOWS\neosetup.INI

[2010/03/23 18:18:41 | 000,000,047 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2010/01/27 00:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2010/01/19 21:34:05 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010/01/19 21:34:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2010/01/19 21:34:03 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010/01/19 21:34:03 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010/01/19 21:34:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2010/01/19 21:34:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/01/13 11:41:07 | 000,067,584 | ---- | C] () -- C:\Documents and Settings\windows\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/13 08:28:33 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2007/11/06 21:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

 

========== LOP Check ==========

 

[2010/07/07 02:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ashampoo

[2010/10/26 17:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\AVG Security Toolbar

[2010/04/21 00:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite

[2010/08/25 23:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FlyVPN

[2010/03/19 19:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

[2010/04/03 15:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS

[2010/12/10 12:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PMB Files

[2010/07/06 19:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony

[2010/04/05 22:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sports Interactive

[2010/04/21 21:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2010/07/14 17:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\VirtualizedApplications

[2010/05/15 22:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2010/06/21 18:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\AnvSoft

[2010/12/10 23:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\app

[2010/07/07 02:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Ashampoo

[2010/02/08 18:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\CRSpace

[2010/04/21 00:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\DAEMON Tools Lite

[2010/12/10 23:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Dofus 2

[2010/12/10 23:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2010/12/05 12:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Football Superstars

[2010/07/25 20:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\LolClient

[2011/01/10 01:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\ManyCam

[2010/01/15 16:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\OpenArena

[2011/01/11 21:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\PhotoScape

[2010/02/23 20:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\PowerChallenge

[2010/07/06 22:29:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Publish Providers

[2010/12/10 23:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2010/10/18 23:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\SoftGrid Client

[2010/07/06 22:29:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Sony

[2010/04/05 22:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Sports Interactive

[2010/07/11 21:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\TP

[2010/09/24 23:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Unity

[2011/02/05 12:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\uTorrent

[2011/01/21 12:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\VDownloader

[2010/07/22 12:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\WinAVI

[2010/07/12 23:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\windows\Dados de aplicativos\Youtube Downloader HD

 

========== Purity Check ==========

 

 

 

< End of report >

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

OK...log limpo.

 

 

1.

*Execute o AD-Remover

*Clique [uninstall] > [Não] > [Close]

 

2.

*Execute o OTL e clique [Limpeza] > [OK]

*O PC será reiniciado

 

 

Um abraço.

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito