OI Gostaria de receber ajuda, meu pc está muito lento cheio de virus. Alguem pode me ajudar a limpá-lo?
Grato
AdrianoPinho
Adriano7
Novo Membro
Registrado
43 Mensagens
0 Curtidas
- Home
- >
- Fórum
- >
- Windows, Softwa...
- >
- Segurança: deba...
- >
- Computador lento e com Vi...
henriquemds
Novo Membro
Registrado
6 Mensagens
0 Curtidas
henriquemds
Novo Membro
Registrado
6 Mensagens
0 Curtidas
Adriano7
Novo Membro
Registrado
43 Mensagens
0 Curtidas
Adriano Pinho
Adriano7
Novo Membro
Registrado
43 Mensagens
0 Curtidas
henriquemds
Novo Membro
Registrado
6 Mensagens
0 Curtidas
Caso queira continuar usar por um certo tempo, tente isso .
atualize seu anti - virus , depois reinicie seu pc em modo de segurança após isso faça uma varredura com o anti-vírus
Hurso
Ubbergeek
Registrado
3.4K Mensagens
445 Curtidas
O que pode ser feito é o seguinte(supondo que seja Windows):
Em relação a vírus:
Entrar no modo de segurança com rede.
Atualizar o anti-vírus (supondo que tenha um).
Roda o anti-vírus.
Em relação a lentidão:
No mesmo modo de segurança, mande desfragmentar o disco.
Ou usar o Defraggler para desfragmentar o disco rígido.
Depois disso você pode instalar o CCcleaner e mandar dar uma geral no registro do Windows.
Um abraço !!
FEDORA 37 + Win10*CM ELITE 310*FX-6300 * Gigabyte 78LMT-USB3 * WC PCYES SANGUE FRIO 120mm *AMD Radeon RX 5500 XT 8GB * 18GB DDR3 * WD 2TB+0,5TB*Kingston A400 de 240GB * K345*600W(CX 600)*LG 32LK450 * Blink 300Mb/s * EXTREAM LASSUS 2.1 * + Samsung M2070w * PS5 + Dell Inspiron 14 2230 N4050
Vamos GALO !!!
Vamos GALO !!!
apimente.br
Cyber Highlander
Moderador
51.1K Mensagens
3.8K Curtidas
Movido da sala Hardware Geral...
O Linux não é o Windows
Como fazer perguntas inteligentes? Clique aqui!
Ao pedir ajuda, informe sua configuração completa e forneça detalhes suficientes para alguém te ajudar.
Ao pedir ajuda, informe sua configuração completa e forneça detalhes suficientes para alguém te ajudar.
Lord Enigm@
Zerinho
Registrado
5K Mensagens
642 Curtidas
Adriano7 disse:OI Gostaria de receber ajuda, meu pc está muito lento cheio de virus. Alguem pode me ajudar a limpá-lo?
Olá Adriano7,
Antes de qualquer procedimento em sua máquina, seria interessante postar um log para análises.
- Baixe o programa -> Hijackthis
- Salve-o em uma pasta em C: (Ex.: C:/Hijackthis)
- Execute-o e clique em [ Do a system scan and save a logfile ].
- Uma janela contendo o resultado do scan será aberta.
- Copie e cole o relatório aqui no fórum!
Feito isso, aguarde que algúm analista virá em seu auxílio.
Adriano7
Novo Membro
Registrado
43 Mensagens
0 Curtidas
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:27:34, on 30/5/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\vVX1000.exe
C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\Pessoal\Desktop\Guia do hardware- limpeza de virus\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {F89CEB6F-335E-43EC-BD6B-7F72D7801158} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Arquivos de programas\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [desp2k] C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{49A3C9A2-728F-410B-BCEE-0F1DD2148FBA}: NameServer = 200.165.132.154 200.149.55.142
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate1c9d8f3e58232dc) (gupdate1c9d8f3e58232dc) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Arquivos de programas\WinPcap\rpcapd.exe
--
End of file - 9513 bytes
igoreso
Super Participante
Registrado
704 Mensagens
22 Curtidas
http://www.besttechie.net/tools/mbam-setup.exe
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html
Faça a instalação dando um duplo clique em "mbam-setup.exe";
Marque "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware", e clique em concluir;
Marque "Verificação Completa" e depois clique em Verificar;
Quando o scan terminar, clique em Ok e em "Mostrar Resultados" para ver o log;
Se algo for detectado, veja se tudo está marcado e clique em "Remover";
O log é automaticamente gravado e pode ser consultado clicando em "Logs" do menu principal;
Copie e cole todo o relatório em sua próxima resposta.
Não respondo duvidas por MP, e-mail e msn! Use o fórum!
Adriano7
Novo Membro
Registrado
43 Mensagens
0 Curtidas
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Versão da Base de Dados: 4155
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
30/5/2010 01:29:46
mbam-log-2010-05-30 (01-29-46).txt
Tipo de Verificação: Verificação Completa (C:\|)
Objetos escaneados: 171751
Tempo decorrido: 44 minuto(s), 27 segundo(s)
Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 8
Valores de Registro Infectados: 0
Itens de Dados no Registro Infectados: 0
Pastas Infectadas: 1
Arquivos Infectados: 8
Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)
Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)
Chaves de Registro Infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{99esp9c2-4fed-15cf-aae5-62cb5f2x4512} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f89ceb6f-335e-43ec-bd6b-7f72d7801158} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{99esp9c2-4fed-15cf-aae5-62cb5f2x4512} (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f89ceb6f-335e-43ec-bd6b-7f72d7801158} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f89ceb6f-335e-43ec-bd6b-7f72d7801158} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\NOD32KVBIT (Trojan.Frethog) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\rhavaj (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DRM\amty (Worm.Autorun) -> Quarantined and deleted successfully.
Valores de Registro Infectados:
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Infectados:
(Não foram detectados ítens maliciosos)
Pastas Infectadas:
C:\Documents and Settings\All Users\Dados de aplicativos\16470624 (Rogue.Multiple) -> Quarantined and deleted successfully.
Arquivos Infectados:
C:\Documents and Settings\Pessoal\Dados de aplicativos\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\766F0D\com.run (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\766F0D\dp1.fne (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\766F0D\eAPI.fne (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\766F0D\spec.fne (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\16470624\16470624 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\path\id (Malware.Trace) -> Quarantined and deleted successfully.
C:\uacpath\javahu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
igoreso
Super Participante
Registrado
704 Mensagens
22 Curtidas
http://oldtimer.geekstogo.com/OTL.exe
Execute o OTH conforme as instruções abaixo:
Lembre-se que estiver executando Windows Vista ou 7 é necessário dar privilégio de administrador a ferramenta para isso:
Clique com o direito do mouse sobre o arquivo e depois clique em
Deixe a tela principal configurada conforme figura abaixo:
http://i43.tinypic.com/npp3qe.jpg
Selecione estas linhas na codebox, clique com o direito sobre a seleção, e escolha a opção copiar:
netsvcs
msconfig
activex
drivers32
safebootminimal
safebootnetwork
hijackthisbackups
%SYSTEMDRIVE%\*.exe /90 /s
%systemroot%\*. /mp /s
%SystemDrive%\$recycle.bin\*.* /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\Tasks\*.job /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\system32\config\*.dll
%systemroot%\system32\config\*.exe
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\Internet Explorer\*.* /90
%PROGRAMFILES%\*.*
%Temp%\*.exe
%Temp%\*.dll
%UserProfile%\*.dll
%UserProfile%\*.sys
%UserProfile%\*.exe
%windir%\Fonts\*.dll
%windir%\Fonts\*.sys
%windir%\Fonts\*.exe
%AppData%\*.exe
%AppData%\*.dll
%AppData%\*.sys
Volte ao programa, clique com o direito em qualquer parte branca da sessão Exames Personalizados/Correções e escolha colar
Clique no botão Verificar
Não modifique nenhuma outra configuração, a menos que tenha sido orientado (a) a fazer isso.
O exame demora um pouco, tenha paciência.
Quando terminar será gerado dois logs: OTL.txt e Extras.txt e depois e reinicie o computador (clicando em reboot no OTH).
Poste os dois logs em sua próxima resposta, não exclua o OTL.
Não respondo duvidas por MP, e-mail e msn! Use o fórum!
Adriano7
Novo Membro
Registrado
43 Mensagens
0 Curtidas
OTL logfile created on: 30/5/2010 09:30:56 - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Documents and Settings\Pessoal\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
495,00 Mb Total Physical Memory | 119,00 Mb Available Physical Memory | 24,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 130,73 Gb Free Space | 87,71% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ITAUTEC-CAC5D54
Current User Name: Pessoal
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/05/30 09:27:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
PRC - [2010/04/30 09:17:34 | 000,055,072 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2010/03/19 10:53:04 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007/06/13 10:21:56 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 19:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft LifeCam\MSCamS32.exe
PRC - [2006/12/05 20:38:57 | 000,707,360 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2006/08/03 16:05:18 | 000,065,536 | ---- | M] (LightComm) -- C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe
PRC - [2006/06/01 13:32:12 | 000,094,208 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
========== Modules (SafeList) ==========
MOD - [2010/05/30 09:27:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
MOD - [2010/04/30 09:18:20 | 000,328,992 | ---- | M] (Banco do Brasil) -- C:\Arquivos de programas\GbPlugin\gbieh.dll
MOD - [2006/08/25 08:49:12 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/03/02 09:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010/04/30 09:17:34 | 000,055,072 | ---- | M] ( ) [Unknown | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007/11/06 17:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Arquivos de programas\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/01/04 19:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2010/04/30 09:18:34 | 000,045,472 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/12/08 17:23:26 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007/11/06 17:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/05/02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2006/12/05 20:39:11 | 001,963,680 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2006/03/02 09:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2005/07/05 17:49:38 | 000,925,572 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005/04/12 08:42:00 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/04/12 08:08:00 | 000,247,296 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Driver de áudio USB (WDM)
DRV - [2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 19:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/02 12:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 03:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002/07/10 09:39:34 | 000,032,256 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002/06/27 21:15:14 | 000,005,888 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide)
DRV - [2001/09/05 23:18:58 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 18:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.itautec.com.br
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.itautec.com.br
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE 2A A1 10 2F 37 CA 01 [binary data]
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2009/08/22 22:41:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [desp2k] C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe (LightComm)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LifeCam] C:\Arquivos de programas\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006..\Run: [Advanced SystemCare 3] C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://www14.bancobrasil.com.br/plugin/GbpDist.cab (GbpDistObj Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - C:\Arquivos de programas\GbPlugin\gbieh.dll - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pessoal\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pessoal\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/03/24 13:48:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{053d8976-4d65-11dd-a1f8-001558b5d3dd}\Shell\auto\command - "" = cssrs.exe
O33 - MountPoints2\{053d8976-4d65-11dd-a1f8-001558b5d3dd}\Shell\explore\command - "" = cssrs.exe
O33 - MountPoints2\{053d8976-4d65-11dd-a1f8-001558b5d3dd}\Shell\find\command - "" = cssrs.exe
O33 - MountPoints2\{053d8976-4d65-11dd-a1f8-001558b5d3dd}\Shell\open\command - "" = cssrs.exe
O33 - MountPoints2\{f75804e2-9564-11dc-a0e3-001558b5d3dd}\Shell\AutoRun\command - "" = D:\ywbsbm.exe -- File not found
O33 - MountPoints2\{f75804e2-9564-11dc-a0e3-001558b5d3dd}\Shell\explore\Command - "" = D:\ywbsbm.exe -- File not found
O33 - MountPoints2\{f75804e2-9564-11dc-a0e3-001558b5d3dd}\Shell\open\Command - "" = D:\ywbsbm.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/03/24 13:48:15 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0CBADDF4-2CF6-4CDB-B4F5-29B8FCA7FE07} - .NET Framework
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Processamento de gráficos vetoriais (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Ligação de dados de HTML dinâmico para Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Cancelar inscrição
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {423290D4-DC50-48FA-9871-9D61FCAD7C13} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Criação avançada
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes DirectAnimation para Java
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Atualização de Segurança para Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Pastas da Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Agendador de tarefas
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: wave2 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 30 Days ==========
[2010/05/30 09:27:12 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
[2010/05/30 00:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\Malwarebytes
[2010/05/30 00:40:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/30 00:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes
[2010/05/30 00:40:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/30 00:40:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware
[2010/05/29 21:44:18 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/05/29 20:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\HP
[2010/05/29 19:40:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live Safety Center
[2010/05/29 19:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\HP
[2010/05/29 19:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\HP
[2010/05/29 19:18:50 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\HP
[2010/05/29 19:18:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard
[2010/05/29 19:18:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Hewlett-Packard
[2010/05/29 19:17:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\zhenghe2
[2010/05/29 19:17:17 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\HP
[2010/05/29 19:14:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Hewlett-Packard
[2010/05/29 19:14:35 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll4v2.dll
[2010/05/29 19:14:33 | 000,258,048 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2010/05/29 19:14:11 | 000,569,344 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl4.dll
[2010/05/29 19:14:11 | 000,364,544 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
[2010/05/29 19:14:11 | 000,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2010/05/29 19:14:11 | 000,294,912 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst11.dll
[2010/05/29 19:14:10 | 000,675,840 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax4.dll
[2010/05/29 19:14:08 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010/05/29 19:13:11 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Pessoal\Desktop\*.tmp files -> C:\Documents and Settings\Pessoal\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/05/30 09:27:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
[2010/05/30 08:59:45 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/05/30 08:59:29 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/30 08:59:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/30 08:59:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/30 08:59:14 | 519,622,656 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/30 01:34:40 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\Pessoal\ntuser.dat
[2010/05/30 01:34:40 | 000,000,330 | -HS- | M] () -- C:\Documents and Settings\Pessoal\ntuser.ini
[2010/05/30 01:34:35 | 004,849,414 | -H-- | M] () -- C:\Documents and Settings\Pessoal\Configurações locais\Dados de aplicativos\IconCache.db
[2010/05/30 00:58:05 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/30 00:40:39 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/29 21:37:00 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\Pessoal\Desktop\Microsoft Office Word 2003.lnk
[2010/05/29 19:22:08 | 000,154,586 | ---- | M] () -- C:\WINDOWS\hpwins16.dat
[2010/05/29 19:21:10 | 000,000,920 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/29 19:19:33 | 000,001,060 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Central de Soluções HP.lnk
[2010/05/29 19:18:59 | 000,001,848 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk
[2010/05/29 18:55:54 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/11 20:39:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/02 13:51:04 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Pessoal\Desktop\Windows Live Call.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Pessoal\Desktop\*.tmp files -> C:\Documents and Settings\Pessoal\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/05/30 00:40:39 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/29 19:19:33 | 000,001,060 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Central de Soluções HP.lnk
[2010/05/29 19:18:59 | 000,001,848 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk
[2010/05/29 19:14:54 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\hpzinstall.log
[2010/05/29 19:14:51 | 000,154,586 | ---- | C] () -- C:\WINDOWS\hpwins16.dat
[2009/06/29 18:41:04 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2009/05/25 13:17:23 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/12/04 23:44:49 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/11/06 17:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007/08/02 09:58:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/08/02 09:52:31 | 000,015,498 | R--- | C] () -- C:\WINDOWS\VX1000.ini
[2007/04/23 07:33:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/04/21 06:50:13 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/21 06:48:35 | 000,000,103 | ---- | C] () -- C:\WINDOWS\I_DMI.INI
[2007/03/24 14:17:21 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CUSTOM_CD.INI
[2007/03/24 13:52:45 | 000,003,685 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/03/24 10:35:11 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2007/03/24 10:31:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2007/03/24 10:31:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2007/03/24 10:31:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2007/03/24 10:31:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2007/03/24 10:31:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2007/03/24 10:31:57 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2007/03/24 10:31:57 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2007/03/24 10:31:57 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2007/03/24 10:31:57 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2006/05/03 15:44:44 | 000,001,352 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/03/02 09:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2006/03/02 09:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2006/03/02 09:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2006/03/02 09:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2006/03/02 09:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2005/09/29 16:42:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\linstall.dll
[2005/06/10 10:56:06 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll
[2005/06/10 10:55:04 | 000,123,904 | ---- | C] () -- C:\WINDOWS\System32\ZipDll.dll
[2004/05/13 20:14:58 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\opencrypto.dll
[2004/03/18 17:43:44 | 000,843,776 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003/04/07 11:30:02 | 000,005,383 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2008/07/16 22:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ESET
[2010/05/09 21:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2009/07/31 01:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\MotionDSP
[2009/07/31 01:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP
[2009/09/27 23:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\com.isc.flaphoneAir.E0E79A3CC362EB125C76F1BD07217F6302F98994.1
[2010/05/30 01:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\Desktopicon
[2009/06/22 12:52:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\Drivers
[2009/12/02 20:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\IObit
[2008/07/28 00:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\OfficeUpdate12
[2008/12/01 22:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\zweitgeist
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe /90 /s >
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\32788R22FWJFW\pev.exe
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\32788R22FWJFW\License\iexplore.exe
[2 C:\Arquivos de programas\eMule\*.tmp files -> C:\Arquivos de programas\eMule\*.tmp -> ]
[2010/04/30 09:17:34 | 000,055,072 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
[2010/04/26 14:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
[2010/04/01 19:58:37 | 000,673,264 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Chrome\Application\4.1.249.1045\Installer\setup.exe
[2010/04/28 15:58:28 | 000,674,800 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Chrome\Application\4.1.249.1064\Installer\setup.exe
[2010/03/19 10:53:04 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\1.2.183.23\GoogleCrashHandler.exe
[2010/03/19 10:53:04 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\1.2.183.23\GoogleUpdate.exe
[2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe
[2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe
[2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
[2010/05/30 00:40:12 | 000,716,624 | ---- | M] () -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\unins000.exe
[2010/05/29 21:44:18 | 003,700,645 | ---- | M] () -- C:\Documents and Settings\Pessoal\Configurações locais\Temporary Internet Files\Content.IE5\G1V1RNO7\ComboFix[1].exe
[2010/05/30 00:40:12 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pessoal\Configurações locais\Temporary Internet Files\Content.IE5\G1V1RNO7\mbam-setup-1.46[1].exe
[2010/05/30 09:26:51 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Configurações locais\Temporary Internet Files\Content.IE5\I757OCAS\OTL[1].exe
[2010/05/29 19:38:25 | 000,130,760 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Pessoal\Configurações locais\Temporary Internet Files\Content.IE5\Z1D5Y6QU\OneCareBackupRestore[1].exe
[2010/05/30 09:27:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
[1 C:\Documents and Settings\Pessoal\Desktop\*.tmp files -> C:\Documents and Settings\Pessoal\Desktop\*.tmp -> ]
[2010/03/13 12:58:34 | 000,530,928 | ---- | M] (Google Inc.) -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP101\A0016234.exe
[2010/03/02 02:30:12 | 031,648,712 | ---- | M] (Microsoft Corporation) -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP114\A0017404.exe
[2010/03/28 00:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP122\A0017483.exe
[2010/03/25 18:59:02 | 000,673,264 | ---- | M] (Google Inc.) -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP122\A0017545.exe
[2010/04/06 14:52:54 | 031,971,272 | ---- | M] (Microsoft Corporation) -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP129\A0018588.exe
[2010/05/29 19:20:14 | 000,025,214 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP137\A0019694.exe
[2010/05/29 19:20:14 | 000,025,214 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP137\A0019695.exe
[2010/03/10 11:17:21 | 000,023,040 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015796.exe
[2010/03/10 11:17:21 | 000,794,624 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015797.exe
[2010/03/10 11:17:21 | 000,004,096 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015798.exe
[2010/03/10 11:17:20 | 000,027,136 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015799.exe
[2010/03/10 11:17:20 | 000,011,264 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015800.exe
[2010/03/10 11:17:20 | 000,086,016 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015801.exe
[2010/03/10 11:17:20 | 000,012,288 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015802.exe
[2010/03/10 11:17:20 | 000,593,920 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015803.exe
[2010/03/10 11:17:20 | 000,249,856 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015804.exe
[2010/03/10 11:17:20 | 000,061,440 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015805.exe
[2010/03/10 11:17:20 | 000,135,168 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015806.exe
[2010/03/10 11:17:20 | 000,286,720 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015807.exe
[2010/03/10 11:17:20 | 000,409,600 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015808.exe
[2010/03/10 11:17:01 | 000,023,040 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015810.exe
[2010/03/10 11:17:01 | 000,794,624 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015811.exe
[2010/03/10 11:17:00 | 000,004,096 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015812.exe
[2010/03/10 11:17:00 | 000,027,136 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015813.exe
[2010/03/10 11:17:00 | 000,011,264 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015814.exe
[2010/03/10 11:17:00 | 000,086,016 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015815.exe
[2010/03/10 11:17:00 | 000,012,288 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015816.exe
[2010/03/10 11:17:00 | 000,593,920 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015817.exe
[2010/03/10 11:17:00 | 000,249,856 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015818.exe
[2010/03/10 11:17:00 | 000,061,440 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015819.exe
[2010/03/10 11:17:00 | 000,135,168 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015820.exe
[2010/03/10 11:17:00 | 000,286,720 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015821.exe
[2010/03/10 11:16:59 | 000,409,600 | ---- | M] () -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015822.exe
[2010/03/02 02:30:12 | 031,648,712 | ---- | M] (Microsoft Corporation) -- C:\System Volume Information\_restore{60AF880C-D98F-401C-90E4-A13C352CCC00}\RP95\A0015849.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010/05/29 19:19:55 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\WINDOWS\Installer\{8C6027FD-53DC-446D-BB75-CACD7028A134}\ARPPRODUCTICON.exe
[2010/05/29 19:19:55 | 000,681,528 | R--- | M] (Hewlett-Packard) -- C:\WINDOWS\Installer\{8C6027FD-53DC-446D-BB75-CACD7028A134}\HPSUShortcut_BB85ED9CAFC943BDB8DC258C3C7DF72E.exe
[2010/05/11 20:42:16 | 000,593,920 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\accicons.exe
[2010/05/11 20:42:16 | 000,012,288 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\cagicon.exe
[2010/05/11 20:42:16 | 000,086,016 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\inficon.exe
[2010/05/11 20:42:15 | 000,135,168 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\misc.exe
[2010/05/11 20:42:16 | 000,011,264 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\mspicons.exe
[2010/05/11 20:42:16 | 000,027,136 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\oisicon.exe
[2010/05/11 20:42:16 | 000,004,096 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\opwicon.exe
[2010/05/11 20:42:16 | 000,794,624 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\outicon.exe
[2010/05/11 20:42:15 | 000,249,856 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pptico.exe
[2010/05/11 20:42:15 | 000,061,440 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\pubs.exe
[2010/05/11 20:42:16 | 000,023,040 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\unbndico.exe
[2010/05/11 20:42:15 | 000,286,720 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\wordicon.exe
[2010/05/11 20:42:15 | 000,409,600 | R--- | M] () -- C:\WINDOWS\Installer\{90110416-6000-11D3-8CFE-0150048383C9}\xlicons.exe
[2010/05/29 19:18:59 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\WINDOWS\Installer\{FF075778-6E50-47ed-991D-3B07FD4E3250}\NewShortcut1.A6CC6977_F7B4_4C0B_9510_BCD847D4BDB2.exe
[2010/04/21 10:28:50 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\584f050a6a972961a6df5e034141fd14\tzchange.exe
[2010/04/30 15:51:06 | 032,058,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2010/04/21 10:28:50 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tzchange.exe
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2010/04/25 08:54:08 | 000,084,507 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
< %systemroot%\*. /mp /s >
< %SystemDrive%\$recycle.bin\*.* /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2010/02/25 03:17:46 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\Tasks\*.job /90 >
[2010/05/30 08:59:45 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2010/05/30 08:59:29 | 000,001,044 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010/05/30 00:58:05 | 000,001,048 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/04/30 09:18:34 | 000,045,472 | ---- | M] (GAS Tecnologia) Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\gbpkm.sys
< %systemroot%\system32\drivers\*.sys /90 >
[2010/04/30 09:18:34 | 000,045,472 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\system32\drivers\gbpkm.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.dll >
< %systemroot%\system32\config\*.exe >
< %systemroot%\System32\config\*.sav >
[2007/03/24 10:27:40 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/03/24 10:27:39 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/03/24 10:27:39 | 000,425,984 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\Internet Explorer\*.* /90 >
< %PROGRAMFILES%\*.* >
[2008/09/30 21:57:07 | 003,231,826 | ---- | M] () -- C:\Arquivos de programas\eMule0.49b-Installer1.exe
< %Temp%\*.exe >
< %Temp%\*.dll >
< %UserProfile%\*.dll >
< %UserProfile%\*.sys >
< %UserProfile%\*.exe >
< %windir%\Fonts\*.dll >
< %windir%\Fonts\*.sys >
< %windir%\Fonts\*.exe >
< %AppData%\*.exe >
< %AppData%\*.dll >
< %AppData%\*.sys >
========== Alternate Data Streams ==========
@Alternate Data Stream - 204 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
< End of report >
Adriano7
Novo Membro
Registrado
43 Mensagens
0 Curtidas
taê o outro
OTL Extras logfile created on: 30/5/2010 09:30:56 - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Documents and Settings\Pessoal\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
495,00 Mb Total Physical Memory | 119,00 Mb Available Physical Memory | 24,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 130,73 Gb Free Space | 87,71% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ITAUTEC-CAC5D54
Current User Name: Pessoal
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Arquivos de programas\Microsoft LifeCam\LifeCam.exe" = C:\Arquivos de programas\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Arquivos de programas\Microsoft LifeCam\LifeExp.exe" = C:\Arquivos de programas\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Arquivos de programas\eMule\emule.exe" = C:\Arquivos de programas\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe:*
isabled:Nero Home -- (Nero AG)"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistência Remota - Windows Messenger e Voz -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0C405D1F-359E-41C5-A1A9-383A04BBD5E2}" = Windows Live Galeria de Fotos
"{0CBADDF4-2CF6-4CDB-B4F5-29B8FCA7FE07}" = Microsoft .NET Framework 1.1 Brazilian Portuguese Language Pack
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{423290D4-DC50-48FA-9871-9D61FCAD7C13}" = Microsoft .NET Framework 2.0 Language Pack - PTB
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D04C9A1-F28C-4F6F-9D66-81BB000693D9}" = BPDSoftware_Ini
"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{624DEAA0-B27D-444B-8BFE-70622B318A4A}" = Windows Live Toolbar
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C579DEB-2905-4331-9EF0-285A63B09062}" = Microsoft LifeCam
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F60CD17-EE34-4f77-83B7-F8ADBDC31D46}" = ProductContext
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88FBDCF4-8ACF-46e6-9C33-231FBA6378D8}" = J3600
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CE4CB34-8187-42A1-B597-517760BEE8EC}" = BPD_Scan
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BB69D0F-1369-4DBD-99A9-1BC228ED1046}" = Nero 7 Essentials
"{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1046-7646-A70000000000}" = Adobe Reader 7.0 - Português
"{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D27F8BF7-61A4-4F0D-A190-9E2CE8C0773B}" = 3600_Help
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ECAD4F6A-0BF3-4028-9C81-E5D9F9606CBA}" = BPDSoftware
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials
"{F793385C-5F01-4b46-B974-15A81FB86FF1}" = HP Officejet J3600 Series
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Argente - Registry Cleaner_is1" = Argente - Registry Cleaner 1.5.5.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"eMule" = eMule
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0 Language Pack - PTB" = Microsoft .NET Framework 2.0 Language Pack - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Oi Velox Check Up_is1" = Oi Velox Check Up 1.0
"Programador de Modem_is1" = LightModem 3.0
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"Skype_is1" = Skype 2.5
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = Arquivo do WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 29/5/2010 21:48:15 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 21:48:16 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 21:48:19 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 21:48:20 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 21:48:21 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 21:48:22 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 21:48:24 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 21:48:25 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 21:48:26 | Computer Name = ITAUTEC-CAC5D54 | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
Error - 29/5/2010 23:24:27 | Computer Name = ITAUTEC-CAC5D54 | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 29/5/2010 21:49:41 | Computer Name = ITAUTEC-CAC5D54 | Source = DCOM | ID = 10010
Description = O servidor {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} não se registrou
com o DCOM dentro do tempo limite requerido.
Error - 29/5/2010 23:24:05 | Computer Name = ITAUTEC-CAC5D54 | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume
foi interrompido.
Error - 29/5/2010 23:24:32 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7009
Description = Tempo limite (30000 milissegundos) de espera para que o serviço Nod32
AV se conecte.
Error - 29/5/2010 23:24:32 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Nod32 AV devido ao seguinte erro:
%%1053
Error - 30/5/2010 00:33:37 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7009
Description = Tempo limite (30000 milissegundos) de espera para que o serviço Nod32
AV se conecte.
Error - 30/5/2010 00:33:37 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Nod32 AV devido ao seguinte erro:
%%1053
Error - 30/5/2010 00:33:45 | Computer Name = ITAUTEC-CAC5D54 | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume
foi interrompido.
Error - 30/5/2010 07:59:31 | Computer Name = ITAUTEC-CAC5D54 | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume
foi interrompido.
Error - 30/5/2010 08:00:06 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7009
Description = Tempo limite (30000 milissegundos) de espera para que o serviço Nod32
AV se conecte.
Error - 30/5/2010 08:00:06 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Nod32 AV devido ao seguinte erro:
%%1053
< End of report >
