SmasH 0 Denunciar post Postado Janeiro 27, 2012 Quando o relatório acabou todos programas pararam de funcionar, nada funcionava, reiniciei o computador e voltou ao normal. Relatório ComboFix: ComboFix 12-01-27.01 - marilaine 27/01/2012 11:00:56.2.2 - x86 Microsoft Windows 7 Starter 6.1.7600.0.1252.55.1046.18.2038.1400 [GMT -2:00] Executando de: c:\users\marilaine.marilaine-Mega\Desktop\Giovanne\Anti Malwares\ComboFix.exe Comandos utilizados :: c:\users\marilaine.marilaine-Mega\Desktop\CFScript.txt AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66} SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\system32\drivers\davtizzd.sys" "c:\windows\xhunter1.sys" "c:\windows\xspirit.sys" . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Mozilla Firefox\searchplugins\search.xml c:\windows\config.ini . . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_XDVA374 -------\Legacy_XDVA377 -------\Legacy_XDVA379 -------\Legacy_XDVA382 -------\Legacy_XDVA383 -------\Legacy_XDVA385 -------\Legacy_XDVA386 -------\Legacy_XDVA387 -------\Legacy_XDVA388 -------\Legacy_XDVA389 -------\Legacy_XDVA390 -------\Legacy_XDVA391 -------\Legacy_XHUNTER1 -------\Legacy_XSPIRIT -------\Service_XDva374 -------\Service_XDva377 -------\Service_XDva379 -------\Service_XDva382 -------\Service_XDva383 -------\Service_XDva385 -------\Service_XDva386 -------\Service_XDva387 -------\Service_XDva388 -------\Service_XDva389 -------\Service_XDva390 -------\Service_XDva391 -------\Service_xhunter1 -------\Service_xspirit . . (((((((((((((((( Arquivos/Ficheiros criados de 2011-12-27 to 2012-01-27 )))))))))))))))))))))))))))) . . 2012-01-27 13:09 . 2012-01-27 13:11 -------- d-----w- c:\users\marilaine.marilaine-Mega\AppData\Local\temp 2012-01-27 13:09 . 2012-01-27 13:09 -------- d-----w- c:\users\MARILAINE\AppData\Local\temp 2012-01-27 13:09 . 2012-01-27 13:09 -------- d-----w- c:\users\MARILA~1~MAR\AppData\Local\temp 2012-01-27 13:09 . 2012-01-27 13:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-27 13:09 . 2012-01-27 13:09 -------- d-----w- c:\users\Convidado\AppData\Local\temp 2012-01-27 12:47 . 2012-01-27 13:10 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7123371F-A3EE-4678-952D-554DF54BDFA3}\offreg.dll 2012-01-27 01:57 . 2012-01-27 01:57 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2012-01-27 01:37 . 2012-01-27 03:03 -------- d-----w- C:\ZHP 2012-01-27 01:37 . 2012-01-27 03:01 -------- d-----w- c:\program files\ZHPDiag 2012-01-26 15:56 . 2012-01-26 15:56 -------- d-----w- c:\program files\Ad-Remover 2012-01-26 15:33 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7123371F-A3EE-4678-952D-554DF54BDFA3}\mpengine.dll 2012-01-26 15:32 . 2012-01-26 15:32 -------- d-----w- c:\users\marilaine.marilaine-Mega\AppData\Roaming\Malwarebytes 2012-01-26 15:32 . 2012-01-26 15:32 -------- d-----w- c:\programdata\Malwarebytes 2012-01-26 15:32 . 2012-01-26 15:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-26 15:32 . 2011-12-10 17:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-26 01:48 . 2012-01-26 16:06 -------- d-----w- C:\HijackThis 2012-01-24 00:17 . 2012-01-24 00:17 -------- d-----w- c:\program files\Microsoft XNA 2012-01-15 19:58 . 2012-01-15 19:58 237 ----a-w- C:\user.js 2012-01-15 19:58 . 2012-01-15 19:58 -------- d-----w- c:\program files\BrowserCompanion 2012-01-08 16:50 . 2012-01-08 16:50 -------- d-----w- c:\program files\PricePeep 2012-01-03 10:22 . 2012-01-03 10:22 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2012-01-02 19:37 . 2012-01-02 19:37 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll 2012-01-02 19:37 . 2012-01-02 19:37 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll 2012-01-02 19:37 . 2012-01-02 19:37 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll 2012-01-02 19:37 . 2012-01-02 19:37 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-12 18:47 . 2011-08-09 23:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-06 04:19 . 2010-10-29 18:35 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-01-04 09:26 . 2010-05-18 12:34 236576 ------w- c:\windows\system32\MpSigStub.exe 2011-12-26 01:57 . 2011-11-30 16:26 665616 ----a-w- c:\windows\system32\xsherlock.xem 2010-10-16 14:50 . 2010-11-07 14:08 3056008 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe 2010-01-26 13:11 . 2010-11-07 14:08 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe 2012-01-02 19:37 . 2011-04-09 13:34 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}] 2011-10-27 09:24 225584 ----a-w- c:\program files\BrowserCompanion\jsloader.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{949A7FED-30B4-433e-9718-23EC99A126B0}] 2011-04-20 18:53 81920 ----a-w- c:\program files\leveluptb\levelupdx.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}] 2011-10-27 09:24 141104 ----a-w- c:\program files\BrowserCompanion\updatebhoWin32.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{949A7FED-30B4-433e-9718-23EC99A126B0}"= "c:\program files\leveluptb\levelupdx.dll" [2011-04-20 81920] . [HKEY_CLASSES_ROOT\clsid\{949a7fed-30b4-433e-9718-23ec99a126b0}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120] "ares"="c:\program files\Ares\Ares.exe" [2010-10-27 1015808] "Ghost Control"="c:\program files\Ghost Control\ghost.exe" [2010-10-27 1991616] "MessengerPlus3"="c:\program files\Windows Live\Messenger\MsgPlus.exe" [2011-10-10 190024] "Akamai NetSession Interface"="c:\users\marilaine.marilaine-Mega\AppData\Local\Akamai\netsession_win.exe" [2011-12-23 3334432] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-28 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-15 1474560] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552] "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "MessengerPlus3"="c:\program files\Windows Live\Messenger\MsgPlus.exe" [2011-10-10 190024] "LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "Browser companion helper"="c:\program files\BrowserCompanion\BCHelper.exe" [2011-11-29 182576] . c:\users\marilaine.marilaine-Mega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 apf001;apf001;c:\game\SoftnyxGame\GunBoundPS\apf001.sys [2011-05-27 10872] R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x] R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x] R3 gupdatem;Serviço do Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-19 4122968] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 TKCtrl;TKCtrl;c:\windows\system32\TKCtrl2k.sys [x] R3 TKFsAvM;TKFsAvM;c:\windows\system32\TKFsAv.sys [x] R3 TkFsFtM;MiniFilter Driver;c:\windows\system32\TKFsFt.sys [x] R3 TKFWVT;TKFWVT;c:\windows\system32\TKFWVT.sys [x] R3 TkIdsVt;TkIdsVt;c:\windows\system32\TkIdsVt.sys [x] R3 TKPcFt;TKPcFt;c:\windows\system32\TKPcFtCb.sys [x] R3 vtany;vtany;c:\windows\vtany.sys [x] R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [2011-12-26 665616] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-07-04 436792] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992] S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288] S2 PCSpeedUpService;PCSpeedUp Service;c:\program files\Velocidade Do PC\PCSpeedUpService.exe [2011-04-29 37600] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640] S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688] S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008] S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l260x86.sys [2009-07-13 29184] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304] S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-10 1067008] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc Akamai REG_MULTI_SZ Akamai . . ------- Scan Suplementar ------- . uStart Page = hxxp://google.fr uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421; IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 200.143.88.8 200.143.88.1 Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll FF - ProfilePath - c:\users\marilaine.marilaine-Mega\AppData\Roaming\Mozilla\Firefox\Profiles\tzol3vmr.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.ccvteam.com/forum/ FF - prefs.js: network.proxy.type - 0 . - - - - ORFÃOS REMOVIDOS - - - - . WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file) WebBrowser-{C2ED826E-8903-4A9D-B0DF-3A8FB8EA918A} - (no file) WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file) AddRemove-NSS - c:\progra~1\NORTON~2\Engine\351~1.8\InstWrap.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_b427739.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\xsherlock] "ImagePath"="c:\windows\system32\xsherlock.xem" . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- . - - - - - - - > 'Explorer.exe'(3184) c:\program files\Windows Live\Messenger\MsgPlusLoader.dll . ------------------------ Outros Processos em Execução ------------------------ . c:\program files\Microsoft Security Essentials\MsMpEng.exe c:\windows\system32\AUDIODG.EXE c:\windows\system32\taskhost.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\system32\conhost.exe c:\windows\system32\igfxsrvc.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Tempo para conclusão: 2012-01-27 11:15:24 - Máquina reiniciou ComboFix-quarantined-files.txt 2012-01-27 13:15 ComboFix2.txt 2012-01-26 19:28 . Pré-execução: 130.976.485.376 bytes disponíveis Pós execução: 130.827.804.672 bytes disponíveis . - - End Of File - - 03AA8E3821B9F0B4F9D9655467B278D3 Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 28, 2012 Bom Dia! SmasH Desculpe-me a demora,pois fui ao Centro resolver problemas. |- Desabilite seu antivírus! |- Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /uninstall --> Clique OK. |- < > |- Clique em Executar --> Aguarde! |- Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK. |- Caso encontre,apague: C:\ComboFix <-- A pasta! + C:\ComboFix.txt <-- Relatório! |- Ou,vá em Iniciar --> Executar --> Digite ou cole ( Paste ): |- "%userprofile%\desktop\combofix" /uninstall |- Clique OK. |- Aguarde a desinstalação,e clique OK na mensagem. |- Ps: Outra opção,seria renomear o Combofix.exe para uninstall.exe e executá-lo. ///°°°/// |- Abra,novamente,RogueKiller e lance a opção 2. Suppression ou Delete. |- Poste o relatório: RKreport[2].txt ///°°°/// |- Baixe: < Security Check > ( ...by screen17 ) |- < Link - 2 > |- Salve-o no desktop! |- Duplo-clique em SecurityCheck.exe |- Siga as instruções e poste o relatório. ( checkup.txt ) ///°°°/// |- Baixe: < > ( ...by OldTimer Tools ) |- Clique em Salvar! < > |- Salve-o no desktop! < > |- Duplo clique em OTL.exe --> Executar: |- Execute o OTL,em seu rápido escaneamento. ( Verificação rápida ) |- Ps: Para Windows 7,clique direito e execute-o como "Administrador". |- Copie e poste o relatório. ( C:\_OTM\MovedFiles\xxxx2012_xxxxxx.log ) |- Poste,também,o relatório "Extras". Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
SmasH 0 Denunciar post Postado Janeiro 28, 2012 Sem problemas, pois moderador também é humano. xD Bom, tinha uns 5 relatórios do roguekiller, postei o 2 como você pediu. Relatório do RogueKiller: RogueKiller V7.0.0 [01/26/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 32 bits version Started in : Normal mode User: marilaine [Admin rights] Mode: Scan -- Date : 01/26/2012 19:12:34 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 5 ¤¤¤ [sUSP PATH] RunAsStdUser Task.job : C:\Users\marilaine.marilaine-Mega\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\ClickPotatoLiteSA.exe -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] c4622ebc8a772cdce79e25490246e9d8 [bSP] 4025c6ef95d8c128147d0261651ea7a0 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 320070 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt Relatório do Security Check: Results of screen317's Security Check version 0.99.24 Windows 7 x86 (UAC is enabled) Internet Explorer 8 Out of date! `````````````````````````````` Antivirus/Firewall Check: McAfee Security Scan Plus Microsoft Security Essentials WMI entry may not exist for antivirus; attempting automatic update. Microsoft Security Essentials successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: CCleaner Java 6 Update 27 Adobe Flash Player 11.1.102.55 ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSMpEng.exe Microsoft Security Essentials msseces.exe ``````````End of Log```````````` Relatório OTL: OTL logfile created on: 28/01/2012 10:05:54 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\marilaine.marilaine-Mega\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 1,99 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,68% Memory free 3,98 Gb Paging File | 3,12 Gb Available in Paging File | 78,47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 298,09 Gb Total Space | 162,49 Gb Free Space | 54,51% Space Free | Partition Type: NTFS Computer Name: MARILAINE-MEGA | User Name: marilaine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/01/28 10:02:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\marilaine.marilaine-Mega\Desktop\OTL.exe PRC - [2012/01/02 17:37:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Arquivos de Programas\Mozilla Firefox\firefox.exe PRC - [2011/11/29 13:50:40 | 000,182,576 | ---- | M] (Blabbers Communications LTD) -- C:\Arquivos de Programas\BrowserCompanion\BCHelper.exe PRC - [2011/10/10 19:38:18 | 000,190,024 | ---- | M] (Patchou) -- C:\Arquivos de Programas\Windows Live\Messenger\MsgPlus.exe PRC - [2011/08/15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Arquivos de Programas\LogMeIn Hamachi\hamachi-2.exe PRC - [2011/02/26 03:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/12/07 08:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Arquivos de Programas\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010/09/22 13:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010/09/15 04:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Security Essentials\msseces.exe PRC - [2010/08/05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Arquivos de Programas\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2010/08/05 08:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Arquivos de Programas\Common Files\PC Tools\sMonitor\SSDMonitor.exe PRC - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de Programas\Microsoft Security Essentials\MsMpEng.exe PRC - [2010/02/28 02:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE PRC - [2009/12/23 19:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Arquivos de Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009/07/13 23:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/13 23:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe ========== Modules (No Company Name) ========== MOD - [2012/01/12 16:47:07 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2012/01/02 17:37:36 | 002,124,760 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\mozjs.dll MOD - [2011/12/06 08:45:26 | 000,076,800 | ---- | M] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Mozilla\Firefox\Profiles\tzol3vmr.default\extensions\{f8e9011a-4c40-4940-9480-a8ac729c8658}\components\RadioWMPCoreGecko9.dll MOD - [2011/08/07 09:54:44 | 000,362,029 | ---- | M] () -- C:\Arquivos de Programas\BrowserCompanion\sqlite3.dll MOD - [2011/02/28 22:42:14 | 000,652,800 | ---- | M] () -- C:\Arquivos de Programas\IZArc\IZArcCM.dll MOD - [2010/03/15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Arquivos de Programas\WinRAR\RarExt.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (gupdatem) Serviço do Google Update (gupdatem) SRV - File not found [Auto | Stopped] -- -- (gupdate) Google Update Service (gupdate) SRV - [2011/12/25 23:57:59 | 000,665,616 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\xsherlock.xem -- (xsherlock) SRV - [2011/12/13 23:10:02 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_b427739.dll -- (Akamai) SRV - [2011/08/15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011/06/19 15:57:00 | 004,122,968 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2011/04/29 15:31:58 | 000,037,600 | ---- | M] (Speedchecker) [Auto | Stopped] -- C:\Program Files\Velocidade Do PC\PCSpeedUpService.exe -- (PCSpeedUpService) SRV - [2010/12/07 08:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Arquivos de Programas\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010/08/05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Arquivos de Programas\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2010/01/15 10:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009/12/23 19:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Arquivos de Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009/07/13 23:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/09/05 08:59:02 | 000,024,635 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe -- (wampapache) SRV - [2007/07/06 13:14:02 | 005,730,304 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe -- (wampmysqld) ========== Driver Services (SafeList) ========== DRV - [2011/07/03 23:21:47 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2011/06/07 10:44:16 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2011/05/27 19:16:48 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Game\SoftnyxGame\GunBoundPS\apf001.sys -- (apf001) DRV - [2010/12/18 09:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2010/11/09 16:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135) DRV - [2010/04/24 01:10:54 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2010/04/24 01:10:52 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2010/04/24 01:10:50 | 000,195,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2010/04/24 01:10:44 | 000,550,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2009/07/13 21:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/07/13 20:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009/07/13 20:02:47 | 000,029,184 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l260x86.sys -- (Atc002) DRV - [2009/07/10 11:04:42 | 001,067,008 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [1996/04/03 17:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found IE - HKLM\..\URLSearchHook: {c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} - No CLSID value found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421; ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.ccvteam.com/forum/" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\marilaine.marilaine-Mega\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\Firefox [2011/09/30 16:01:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/02 17:37:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/13 10:58:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/02 17:37:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/13 10:58:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/02 17:37:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/13 10:58:15 | 000,000,000 | ---D | M] [2012/01/26 18:07:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\mozilla\Extensions [2012/01/27 14:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\mozilla\Firefox\Profiles\tzol3vmr.default\extensions [2012/01/02 22:24:49 | 000,000,000 | ---D | M] (Mario Forever Community Toolbar) -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\mozilla\Firefox\Profiles\tzol3vmr.default\extensions\{707db484-2428-402d-afb5-d85b387544c7} [2012/01/11 14:05:33 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\mozilla\Firefox\Profiles\tzol3vmr.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} [2012/01/09 10:41:52 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\mozilla\Firefox\Profiles\tzol3vmr.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949} [2012/01/27 14:34:36 | 000,000,000 | ---D | M] (CCV Team Community Toolbar) -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\mozilla\Firefox\Profiles\tzol3vmr.default\extensions\{f8e9011a-4c40-4940-9480-a8ac729c8658} [2012/01/15 17:58:30 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\mozilla\Firefox\Profiles\tzol3vmr.default\extensions\bbrs_002@blabbers.com [2011/10/07 21:25:51 | 000,002,207 | ---- | M] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Mozilla\Firefox\Profiles\tzol3vmr.default\searchplugins\MyStart Search.xml [2012/01/26 13:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de Programas\Mozilla Firefox\extensions () (No name found) -- C:\USERS\MARILAINE.MARILAINE-MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TZOL3VMR.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI () (No name found) -- C:\USERS\MARILAINE.MARILAINE-MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TZOL3VMR.DEFAULT\EXTENSIONS\OM.BRUNOLM@GMAIL.COM.XPI [2012/01/02 17:37:37 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/07/19 06:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/10/11 21:48:41 | 000,001,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\buscape.xml [2011/10/11 21:48:41 | 000,001,212 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml [2011/11/10 11:45:24 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml [2011/10/11 21:48:41 | 000,001,168 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-br.xml [2011/10/11 21:48:41 | 000,000,952 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml ========== Chrome ========== CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: OGPlanet Game Plugin (Enabled) = C:\Windows\system32\npOGPPlugin.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: DealPly = C:\Users\marilaine.marilaine-Mega\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\ CHR - Extension: Browser Companion Helper = C:\Users\marilaine.marilaine-Mega\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgfbdggapddbjjbopabhlhianklajie\1.0.5_0\ O1 HOSTS File: ([2012/01/27 11:11:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Arquivos de Programas\BrowserCompanion\jsloader.dll ( ) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de Programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (LevelUp Toolbar) - {949A7FED-30B4-433e-9718-23EC99A126B0} - C:\Arquivos de Programas\leveluptb\levelupdx.dll () O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Arquivos de Programas\BrowserCompanion\updatebhoWin32.dll ( ) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de Programas\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Arquivos de Programas\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Arquivos de Programas\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (LevelUp Toolbar) - {949A7FED-30B4-433e-9718-23EC99A126B0} - C:\Arquivos de Programas\leveluptb\levelupdx.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MessengerPlus3] C:\Program Files\Windows Live\Messenger\MsgPlus.exe (Patchou) O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [sSDMonitor] C:\Arquivos de Programas\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\marilaine.marilaine-Mega\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKCU..\Run: [Ghost Control] C:\Program Files\Ghost Control\ghost.exe (N.R.S.) O4 - HKCU..\Run: [MessengerPlus3] C:\Program Files\Windows Live\Messenger\MsgPlus.exe (Patchou) O4 - Startup: C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Arquivos de Programas\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.143.88.8 200.143.88.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1C9A612-C009-4A09-8A61-F4F32344231D}: DhcpNameServer = 200.143.88.8 200.143.88.1 O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Arquivos de Programas\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Arquivos de Programas\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Arquivos de Programas\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 19:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/01/28 10:05:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\marilaine.marilaine-Mega\Desktop\OTL.exe [2012/01/27 20:01:26 | 000,000,000 | ---D | C] -- C:\Users\marilaine.marilaine-Mega\Documents\My Cheat Tables [2012/01/27 20:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1 [2012/01/27 20:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.1 [2012/01/27 11:15:26 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/01/27 11:14:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/01/27 11:09:36 | 000,000,000 | ---D | C] -- C:\Users\marilaine.marilaine-Mega\AppData\Local\temp [2012/01/26 23:37:58 | 000,000,000 | ---D | C] -- C:\ZHP [2012/01/26 23:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [2012/01/26 23:37:37 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2012/01/26 19:13:04 | 000,000,000 | ---D | C] -- C:\Users\marilaine.marilaine-Mega\Desktop\RogueKiller Reports [2012/01/26 19:02:27 | 000,000,000 | ---D | C] -- C:\Users\marilaine.marilaine-Mega\Desktop\RK_Quarantine [2012/01/26 17:15:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/01/26 13:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2012/01/26 13:32:15 | 000,000,000 | ---D | C] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Malwarebytes [2012/01/26 13:32:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/01/26 13:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/01/26 13:32:07 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012/01/26 13:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/01/25 23:48:10 | 000,000,000 | ---D | C] -- C:\HijackThis [2012/01/23 22:24:54 | 000,000,000 | ---D | C] -- C:\Users\marilaine.marilaine-Mega\Documents\My Games [2012/01/23 22:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA [2012/01/15 17:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\BrowserCompanion [2012/01/13 17:40:13 | 000,000,000 | ---D | C] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medieval Lords [2012/01/13 17:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Lords [2012/01/08 15:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2 [2012/01/08 14:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\PricePeep [2012/01/03 15:38:31 | 000,000,000 | ---D | C] -- C:\Users\marilaine.marilaine-Mega\Desktop\pasta do rodrigo protegida por pastas [2010/11/07 12:08:23 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/01/28 10:02:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\marilaine.marilaine-Mega\Desktop\OTL.exe [2012/01/28 10:00:02 | 000,869,194 | ---- | M] () -- C:\Users\marilaine.marilaine-Mega\Desktop\SecurityCheck.exe [2012/01/28 09:58:53 | 000,013,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/28 09:58:53 | 000,013,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/28 09:51:29 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012/01/28 09:51:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/28 09:51:16 | 1602,936,832 | -HS- | M] () -- C:\hiberfil.sys [2012/01/27 11:11:19 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012/01/26 23:57:16 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2012/01/26 23:37:41 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2012/01/26 23:37:41 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2012/01/26 23:37:41 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2012/01/24 00:32:58 | 000,651,894 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/01/24 00:32:58 | 000,120,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/01/24 00:32:58 | 000,053,140 | ---- | M] () -- C:\Windows\System32\prfh0416.dat [2012/01/24 00:32:58 | 000,025,024 | ---- | M] () -- C:\Windows\System32\prfc0416.dat [2012/01/15 17:58:47 | 000,000,237 | ---- | M] () -- C:\user.js [2012/01/13 17:10:54 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012/01/13 10:58:16 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/01/08 14:52:06 | 000,000,000 | ---- | M] () -- C:\ProgramData\3178cbbc28556882f50e07e5734a85ff_c [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/01/28 10:00:15 | 000,869,194 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\Desktop\SecurityCheck.exe [2012/01/26 23:57:16 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin [2012/01/26 23:37:41 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2012/01/26 23:37:41 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2012/01/26 23:37:41 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2012/01/15 17:58:46 | 000,000,237 | ---- | C] () -- C:\user.js [2012/01/13 10:58:16 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012/01/13 10:58:16 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/01/08 14:52:06 | 000,000,000 | ---- | C] () -- C:\ProgramData\3178cbbc28556882f50e07e5734a85ff_c [2012/01/02 10:32:42 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat [2011/12/12 23:19:12 | 000,368,343 | ---- | C] () -- C:\Windows\HGWC.dat [2011/11/14 23:51:43 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011/11/14 23:51:43 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011/11/14 23:51:43 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011/11/01 22:04:17 | 000,051,270 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\room_v3.dat [2011/11/01 19:55:02 | 000,000,000 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\{7C83F4B2-B60B-4ED1-A69A-6922540CEF03} [2011/10/27 16:43:25 | 000,019,414 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\UserTile.png [2011/10/18 16:28:32 | 000,000,000 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\{0A89F746-21FF-4F5D-B2CE-C3E7F7B8BC15} [2011/10/10 12:11:03 | 000,000,000 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\{B6C01147-35D7-4E8C-91AE-0DFD575CBEC4} [2011/10/07 21:28:07 | 000,000,032 | ---- | C] () -- C:\Windows\System32\comcnt.sys [2011/09/20 12:26:52 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/06/11 14:39:46 | 000,007,597 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\Resmon.ResmonCfg [2011/06/04 20:57:04 | 000,012,920 | ---- | C] () -- C:\Windows\System32\apl001.sys [2011/06/04 20:57:04 | 000,010,872 | ---- | C] () -- C:\Windows\System32\apf001.sys [2011/05/31 04:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll [2011/05/31 04:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll [2011/04/15 00:33:23 | 000,046,742 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\room.dat [2011/04/07 23:29:35 | 000,005,632 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/03/13 18:54:43 | 000,890,880 | ---- | C] () -- C:\Windows\MachineCore2.dll [2011/02/24 21:17:20 | 000,931,840 | ---- | C] () -- C:\Windows\MachineCore.dll [2011/02/24 21:17:20 | 000,506,880 | ---- | C] () -- C:\Windows\PCheatsTrainer.exe [2011/02/22 19:05:05 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011/02/20 23:21:26 | 000,000,257 | ---- | C] () -- C:\Windows\SIERRA.INI [2011/01/28 14:16:08 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe [2011/01/11 23:21:25 | 000,605,184 | ---- | C] () -- C:\Windows\xfire_toucan_42194.dll [2010/12/29 18:11:25 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll [2010/12/03 12:41:16 | 000,000,008 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\DofusAppId0_3 [2010/12/03 11:43:01 | 000,000,008 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\DofusAppId0_1 [2010/12/03 11:37:54 | 000,000,197 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\D2Info0 [2010/12/03 11:37:54 | 000,000,008 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\DofusAppId0_2 [2010/12/03 11:37:51 | 000,090,584 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010/11/07 12:08:23 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2010/10/31 21:53:22 | 000,000,014 | ---- | C] () -- C:\Windows\popcinfo.dat [2010/10/29 17:21:14 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010/09/27 22:47:09 | 000,000,407 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\Big Bang Checkers Preferences [2010/09/26 20:06:16 | 000,000,407 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\Big Bang Reversi Preferences [2010/09/26 19:36:55 | 000,000,405 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\Big Bang Mancala Preferences [2010/09/26 16:51:58 | 000,000,548 | ---- | C] () -- C:\Users\marilaine.marilaine-Mega\AppData\Local\Big Bang Tic-Tac-Toe [2010/05/18 11:41:15 | 000,042,496 | ---- | C] () -- C:\Windows\System32\Delay.exe [2010/05/18 11:41:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\ShowMessage.exe [2010/05/18 10:46:02 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2010/03/26 17:04:54 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2009/07/14 06:31:12 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat [2009/07/14 06:31:12 | 000,053,140 | ---- | C] () -- C:\Windows\System32\prfh0416.dat [2009/07/14 06:31:12 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat [2009/07/14 06:31:12 | 000,025,024 | ---- | C] () -- C:\Windows\System32\prfc0416.dat [2009/07/14 02:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 02:33:53 | 000,264,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 00:05:48 | 000,651,894 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 00:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 00:05:48 | 000,120,568 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 00:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 00:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 00:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/13 21:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 21:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/13 21:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 19:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005/02/24 13:29:14 | 000,162,176 | ---- | C] () -- C:\Windows\System32\drivers\PFC027.sys [2005/01/25 16:15:42 | 000,010,240 | ---- | C] () -- C:\Windows\System32\PA207USD.DLL [2004/11/22 14:37:38 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe [1996/04/03 17:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== LOP Check ========== [2011/10/05 11:42:41 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\.minecraft [2011/03/11 20:23:26 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Ashampoo [2011/05/29 11:50:29 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Audacity [2011/09/27 16:14:10 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\BANDISOFT [2011/11/17 23:19:34 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\BitTorrent [2010/12/03 12:03:20 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Dofus 2 [2010/12/03 11:37:54 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010/12/03 12:41:16 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010/12/03 11:43:01 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011/06/01 11:15:14 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\GameMaker [2012/01/08 14:56:00 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\GetRightToGo [2011/08/12 00:41:14 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\GrabPro [2010/09/26 17:03:13 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Hoyle [2010/10/31 10:45:05 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Hoyle FaceCreator [2010/11/04 17:57:42 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Hoyle Puzzle and Board Games [2011/05/14 10:44:06 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\iScreensaver [2011/08/17 15:06:06 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\leveluptb [2010/12/27 14:09:06 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\ManyCam [2011/06/06 19:18:35 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Megaupload [2011/06/03 21:10:00 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\NCH Swift Sound [2011/08/12 00:41:45 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Orbit [2010/12/30 10:55:22 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\PhotoScape [2011/08/12 00:41:16 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\ProgSense [2010/12/02 13:32:53 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Raptr [2010/12/03 11:37:56 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011/01/29 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Registry Mechanic [2011/03/20 21:42:58 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Sahmon Games [2011/12/30 22:51:58 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\SoftGrid Client [2011/01/18 20:44:48 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\TeamViewer [2011/02/15 13:16:45 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Thinstall [2010/10/26 09:45:18 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\TP [2011/05/22 00:29:13 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\TS3Client [2011/06/08 17:18:55 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\United Football [2011/06/08 22:39:39 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Unity [2010/11/07 13:40:36 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\VDownloader [2011/04/11 14:20:41 | 000,000,000 | ---D | M] -- C:\Users\marilaine.marilaine-Mega\AppData\Roaming\Windows Live Writer [2012/01/13 15:20:20 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Files - Unicode (All) ========== [2010/12/13 07:39:31 | 000,000,000 | ---D | M](C:\Users\marilaine.marilaine-Mega\Documents\?? ???) -- C:\Users\marilaine.marilaine-Mega\Documents\넥슨 플러그 [2010/12/13 07:39:31 | 000,000,000 | ---D | C](C:\Users\marilaine.marilaine-Mega\Documents\?? ???) -- C:\Users\marilaine.marilaine-Mega\Documents\넥슨 플러그 ========== Alternate Data Streams ========== @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report > OTL Extras: OTL Extras logfile created on: 28/01/2012 10:05:54 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\marilaine.marilaine-Mega\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 1,99 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,68% Memory free 3,98 Gb Paging File | 3,12 Gb Available in Paging File | 78,47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 298,09 Gb Total Space | 162,49 Gb Free Space | 54,51% Space Free | Partition Type: NTFS Computer Name: MARILAINE-MEGA | User Name: marilaine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Level Up! Games\Combat Arms\CombatArms.exe" = C:\Level Up! Games\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon) "C:\Level Up! Games\Combat Arms\Engine.exe" = C:\Level Up! Games\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon) "C:\Users\marilaine.marilaine-Mega\AppData\Local\Kamuse\KCSTrayDownloader\KCSTrayDownloaderEngine.exe" = [string data over 1000 bytes] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{07766F89-EFAA-4635-86B7-636B89EA2C0D}" = Bing Bar Platform "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Barra do Bing "{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = PC Camera "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0D007CA9-64EE-4069-8CD2-D90EDFC046E3}" = ATI RADEON 9700 Dogs Screen Saver v1.1 "{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}" = Windows Live Essentials "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live "{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.4.2499.0 "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java 6 Update 27 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0 "{2DF215E0-BD3C-4C98-8616-AFEF09747285}" = Windows Live Sync "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live "{590035D9-BFA0-406A-A7F0-479C72C0DDB2}" = Windows Live Call "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{732799C0-7785-43C5-8496-71546A062992}" = SuddenAttackNA "{743ADE22-4AB7-4BE6-9017-A2E8D57ED6A2}_is1" = Atualização do CS 1.6 - CounterZone "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{8EF54987-EE4A-4096-90CB-8B21214B50E8}" = Microsoft Antimalware Service PT-BR Language Pack "{90140000-006D-0416-0000-0000000FF1CE}" = Microsoft Office com Clique para Executar 2010 "{90140011-0066-0416-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Português (Brasil) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0416-0000-0000000FF1CE}" = Visualizador do Microsoft PowerPoint "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6 "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.6 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{98ADF875-648F-3E73-8F3B-010C2464C948}" = Microsoft .NET Framework 4 Extended PTB Language Pack "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}" = Windows Live Messenger "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A3B4BDAA-7B03-43B1-804C-54B451EF9668}" = nProtect Security Platform "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.720 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101 "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1046-7B44-A95000000001}" = Adobe Reader 9.5.0 - Português "{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0 "{BD27566B-20F4-4BE0-B388-125A6724C459}_is1" = Closed Beta "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Ad-Remover" = Ad-Remover par C_XX "Akamai" = Akamai NetSession Interface Service "Ares" = Ares 2.1.7 "Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced 9.25 "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode) "Bandicam" = Bandicam "BandiMPEG1" = Bandisoft MPEG-1 Decoder "BitTorrent" = BitTorrent "boys1024x768" = boys1024x768 Screen Saver "BrowserCompanion" = BrowserCompanion "CCleaner" = CCleaner "Cheat Engine 6.1_is1" = Cheat Engine 6.1 "Combat Arms" = Combat Arms "CPUID CPU-Z_is1" = CPUID CPU-Z 1.57.1 "Crazy Serpentine_is1" = Crazy Serpentine "Cross Fire AL_is1" = Cross Fire AL "eMule" = eMule "EPSON Printer and Utilities" = EPSON Printer Software "Farm Frenzy 2_is1" = Farm Frenzy 2 "Fraps" = Fraps "GameMaker81" = GameMaker 8.1 "Garena 2010" = Garena 2010 "Ghost Control_is1" = Ghost Control 3.0.6 "GitzWC2011" = GitzWC2011 "Google Chrome" = Google Chrome "Grand Theft Auto San Andreas_is1" = GTA: San Andreas RIP PT-BR by TemDono - #GTABrasil - BrasNET "GunboundPS_is1" = GunboundPS "HDMI" = Intel® Graphics Media Accelerator Driver "Hoyle Card Games" = Hoyle Card Games "InstallShield_{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = PC Camera "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gerenciador de dispositivo de plataforma "Killing Floor_is1" = Killing Floor "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.9.0 "leveluptb" = LevelUp Toolbar "LogMeIn Hamachi" = LogMeIn Hamachi "LostSagaUS" = Lost Saga "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.60.0.1800 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) "Microsoft Security Essentials" = Microsoft Security Essentials "MiniGolfPro_is1" = Mini Golf Pro "MixPad" = MixPad Audio Mixer "Mozilla Firefox 9.0.1 (x86 pt-BR)" = Mozilla Firefox 9.0.1 (x86 pt-BR) "MsgPlus! Plugin" = Messenger Plus! 3 "MTA:SA" = MTA:SA v1.0.4 "NoIPDUC" = No-IP DUC "Office14.Click2Run" = Microsoft Office com Clique para Executar 2010 "OGPlanet Game Launcher US" = OGPlanet Game Launcher "Patch Dofus Gold 1.0" = Patch Dofus Gold 1.0 "pcsx2-r4600" = PCSX2 - Playstation 2 Emulator "PhotoScape" = PhotoScape "Picasa 3" = Picasa 3 "Pixillion" = Pixillion Image Converter "PK-PCSU_is1" = Velocidade Do PC "Plugin Letras.mus.br" = Plugin Letras.mus.br 1.10 "PremiumSoft Navicat for MySQL_is1" = PremiumSoft Navicat 9.0 for MySQL "PricePeep" = PricePeep for FireFox "RagnaBROS Aesir" = RagnaBROS Aesir "RagnaRush v2" = RagnaRush v2 "Registry Mechanic_is1" = Registry Mechanic 10.0 "Silkroad" = Silkroad "Softonic_ES Toolbar" = Softonic_ES Toolbar "SpeedFan" = SpeedFan (remove only) "Switch" = Switch Sound File Converter "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 6" = TeamViewer 6 "TVWiz" = Intel® TV Wizard "UNLOOCK FULL 3.37" = UNLOOCK FULL 3.37 "WampServer 2_is1" = WampServer 2.0 "WavePad" = WavePad Sound Editor "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = Arquivo do WinRAR "Xfire" = Xfire (remove only) "XfireXO Toolbar" = XfireXO Toolbar "ZHPDiag_is1" = ZHPDiag 1.28 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "2e4572743b8884b4" = Gerenciador de Downloads "AIKA" = AIKA "Akamai" = Akamai NetSession Interface "Hoyle® Puzzle & Board 2009" = Hoyle® Puzzle & Board 2009 "UnityWebPlayer" = Unity Web Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 03/07/2011 21:21:27 | Computer Name = marilaine-Mega | Source = VSS | ID = 8194 Description = Error - 04/07/2011 10:36:31 | Computer Name = marilaine-Mega | Source = Application Hang | ID = 1002 Description = O programa msinfo32.exe versão 6.1.7600.16385 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: f1c Hora de Início: 01cc3a57a768a33b Hora de Término: 10 Caminho do Aplicativo: C:\Windows\system32\msinfo32.exe Id do Relatório: ff869473-a64a-11e0-9769-002511b32bf6 Error - 05/07/2011 08:51:26 | Computer Name = marilaine-Mega | Source = PerfNet | ID = 2005 Description = Error - 05/07/2011 14:17:58 | Computer Name = marilaine-Mega | Source = PerfNet | ID = 2004 Description = Error - 05/07/2011 18:03:17 | Computer Name = marilaine-Mega | Source = PerfNet | ID = 2004 Description = Error - 06/07/2011 08:39:08 | Computer Name = marilaine-Mega | Source = PerfNet | ID = 2004 Description = Error - 06/07/2011 12:19:55 | Computer Name = marilaine-Mega | Source = PerfNet | ID = 2004 Description = Error - 06/07/2011 13:39:05 | Computer Name = marilaine-Mega | Source = Application Error | ID = 1000 Description = Nome de aplicativo com falha: crossfire.exe, versão: 1.1.3.4, carimbo de hora: 0x4df5514e Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdaae Código de exceção: 0xc0000005 Deslocamento com falha: 0x00009617 Identificação do processo com falha: 0xd4c Hora de início do aplicativo com falha: 0x01cc3bfcedb97b5a Caminho do aplicativo com falha: C:\Program Files\Z8Games\CrossFire\crossfire.exe FCaminho do módulo de falhas: C:\Windows\system32\KERNELBASE.dll Identificação do Relatório: d810fcc7-a7f6-11e0-819c-002511b32bf6 Error - 06/07/2011 17:14:08 | Computer Name = marilaine-Mega | Source = Application Error | ID = 1000 Description = Nome de aplicativo com falha: Updater.exe, versão: 1.0.0.16749, carimbo de hora: 0x4dd2d92c Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdaae Código de exceção: 0xe06d7363 Deslocamento com falha: 0x00009617 Identificação do processo com falha: 0xfa8 Hora de início do aplicativo com falha: 0x01cc3bf8acdfa379 Caminho do aplicativo com falha: C:\Program Files\Ask.com\Updater\Updater.exe FCaminho do módulo de falhas: C:\Windows\system32\KERNELBASE.dll Identificação do Relatório: e2785926-a814-11e0-819c-002511b32bf6 Error - 07/07/2011 08:53:15 | Computer Name = marilaine-Mega | Source = PerfNet | ID = 2004 Description = [ System Events ] Error - 27/01/2012 09:10:49 | Computer Name = marilaine-Mega | Source = Microsoft Antimalware | ID = 3002 Description = O recurso de Proteção em Tempo Real %%861 encontrou um erro e falhou. Recurso: %%835 Código do Erro: 0x80004005 Descrição do erro: Erro não especificado Motivo: %%842 Error - 27/01/2012 09:13:28 | Computer Name = marilaine-Mega | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Google Update Service (gupdate) devido ao seguinte erro: %%2 Error - 27/01/2012 09:17:41 | Computer Name = marilaine-Mega | Source = Microsoft Antimalware | ID = 3002 Description = O recurso de Proteção em Tempo Real %%861 encontrou um erro e falhou. Recurso: %%835 Código do Erro: 0x80004005 Descrição do erro: Erro não especificado Motivo: %%842 Error - 27/01/2012 09:20:03 | Computer Name = marilaine-Mega | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Google Update Service (gupdate) devido ao seguinte erro: %%2 Error - 27/01/2012 10:27:50 | Computer Name = marilaine-Mega | Source = Microsoft Antimalware | ID = 3002 Description = O recurso de Proteção em Tempo Real %%861 encontrou um erro e falhou. Recurso: %%835 Código do Erro: 0x80004005 Descrição do erro: Erro não especificado Motivo: %%842 Error - 27/01/2012 10:30:14 | Computer Name = marilaine-Mega | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Google Update Service (gupdate) devido ao seguinte erro: %%2 Error - 27/01/2012 20:55:20 | Computer Name = marilaine-Mega | Source = Microsoft Antimalware | ID = 3002 Description = O recurso de Proteção em Tempo Real %%861 encontrou um erro e falhou. Recurso: %%835 Código do Erro: 0x80004005 Descrição do erro: Erro não especificado Motivo: %%842 Error - 27/01/2012 20:57:40 | Computer Name = marilaine-Mega | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Google Update Service (gupdate) devido ao seguinte erro: %%2 Error - 28/01/2012 07:51:26 | Computer Name = marilaine-Mega | Source = Microsoft Antimalware | ID = 3002 Description = O recurso de Proteção em Tempo Real %%861 encontrou um erro e falhou. Recurso: %%835 Código do Erro: 0x80004005 Descrição do erro: Erro não especificado Motivo: %%842 Error - 28/01/2012 07:53:51 | Computer Name = marilaine-Mega | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Google Update Service (gupdate) devido ao seguinte erro: %%2 < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 28, 2012 Bom Dia! SmasH RogueKiller V6.2.2 [12/31/2011] by Tigzymail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Teste [Admin rights] Mode: Remove -- Date : 01/07/2012 14:20:40 |- O relatório postado foi o de diagnóstico,onde o correto seria o que em "Mode",está escrito "Remove". ////°°°//// |- Execute o OTL.exe. |- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" ) :OTLIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found IE - HKLM\..\URLSearchHook: {c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421; O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D1B5B4F1 :Files C:\Program Files\Common Files\AskToolbarInstaller.exe :Commands [createrestorepoint] [emptytemp] [emptyflash] [Reboot] |- Clique no botão Consertar -> Aguarde a conclusão! |- O computador vai reiniciar! -> Clique em "Executar". |- Poste o relatório: C:\_OTL\MovedFiles\*.log Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
SmasH 0 Denunciar post Postado Janeiro 28, 2012 Relatório: All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}\ not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. C:\Windows\System32\sho7FE9.tmp deleted successfully. C:\Windows\msdownld.tmp folder deleted successfully. ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully. ========== FILES ========== C:\Program Files\Common Files\AskToolbarInstaller.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Convidado ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 294871 bytes ->Flash cache emptied: 56502 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: MARILAINE ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 5903716 bytes User: marilaine.marilaine-Mega ->Temp folder emptied: 6250895 bytes ->Temporary Internet Files folder emptied: 1844551 bytes ->Java cache emptied: 21778034 bytes ->FireFox cache emptied: 79165262 bytes ->Google Chrome cache emptied: 11075341 bytes ->Flash cache emptied: 49479291 bytes User: MARILA~1~MAR ->Temp folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: Todos os Usuários User: Usuário Padrão ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 557122 bytes RecycleBin emptied: 1414 bytes Total Files Cleaned = 168,00 mb [EMPTYFLASH] User: All Users User: Convidado ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: MARILAINE User: marilaine.marilaine-Mega ->Flash cache emptied: 0 bytes User: MARILA~1~MAR User: Public User: Todos os Usuários User: Usuário Padrão ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 01282012_144805 Files\Folders moved on Reboot... File\Folder C:\Windows\temp\TMP00000001F9AE0ECD0BDE65A9 not found! Registry entries deleted on Reboot... Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 29, 2012 Boa Noite! SmasH |- Não possuis mais o relatório de Suppression de RogueKiller? ///°°°/// |- Abra o OTL.exe -> Clique em Limpeza. <-- Confirme! |- Ps: O computador irá reiniciar! ///°°°/// Results of screen317's Security Check version 0.99.24 Windows 7 x86 (UAC is enabled) Internet Explorer 8 Out of date! `````````````````````````````` Antivirus/Firewall Check: McAfee Security Scan Plus Microsoft Security Essentials WMI entry may not exist for antivirus; attempting automatic update. Microsoft Security Essentials successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: CCleaner Java™ 6 Update 27 |- O relatório de "Security Check",indicou desatualizações no IE8 e Java. |- Procure atualizar esses softwares,e faça a opção por apenas 1 antivírus. ///°°°/// |- Baixe: < JavaRa > |- Dê um duplo clique no JavaRa.exe -> Clique em "Search For Updates". |- Selecione a opção "Update Using jucheck.exe" -> Clique no botão "Search". |- Se estiver atualizado,receberá um aviso confirmando a última versão. Caso contrário,aguarde a nova versão do Java ser baixada e instalada. |- Clique no botão "Remove Older Versions" -> Aguarde! |- Maiores informações: |Aqui| ou |Aqui|. |- Ps: Não basta,apenas,baixar e instalar o Java,sem verificar onde ele está atuando. |- Abra o Painel de controle e clique direito no ícone do java. |- Clique em "Abrir". |- Abra a guia "Avançado",no Painel de Controle Java. |- Nas Definições,expanda "Java Default para browsers" e escolha "Microsoft Internet Explorer". |- Clique em "Aplicar" -> OK. |- Reinicie o computador e abra o Internet Explorer,já integrado ao Java. ///°°°/// |- Baixe: < StartUpLite > |- Ou aqui: < > |- Salve-o no desktop! |- Feche programas que estejam abertos. |- Abra-o e clique em "Executar". |- Na próxima janela,serão listadas todas as entradas desnecessárias que poderão ser desabilitadas ou removidas da inicialização. |- Clique,à seguir,em "Continue" -> OK. |- Reinicie o computador! |- Ps: Recomendo desabilitá-las,uma à uma e sempre na observação de seus efeitos,pois o objetivo é o ganho de velocidade ao ligar o computador. |- Ao abrir,novamente,o StartUpLite,deveremos encontrar esta mensagem. ( no unnecessary startups found! ) |- Clique em Fechar. |- Encontrando,ainda,ítens à serem desabilitados vá ao Utilitário de Configuração do Sistema e desmarque as caixinhas desses ítens. |- Clique em "Re-enable disabled items" -> Aba "Inicializar". |- Concluindo,clique em Aplicar -> Fechar. ///°°°/// |- Baixe: < > (...par A.Rothstein & dj Quiou ) |- Clique em "Télécharger",para o download. |- Salve-o no desktop! |- Feche programas que estejam abertos,e execute a ferramenta. |- Clique no botão Recherche,para iniciar o scan. |- Ao concluir,teremos relacionados as ferramentas que serão removidas. |- Clique,à seguir,no botão "Supression" para remover os itens encontrados. |- Clique em Quitter para sair! --> OK. |- Caso queira,poste os relatórios: Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) |- Selecione e copie para o Bloco de Notas. ///°°°/// |- Seus logs estão limpos! |- A máquina,ainda,apresenta lentidão? Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Fevereiro 7, 2012 Tópico Arquivado Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
