Logo Hardware.com.br
brando lee
brando lee Zerinho Registrado
2.4K Mensagens 97 Curtidas

Computador lento e com Virus

#1 Por brando lee 29/05/2010 - 21:03
Para adiantar o seu caso, enquanto "igoreso" esta ausente.

Agora para remover os virus no Pendriver:

Deixe conectado seu Pendriver na entrada USB:
*Duplo clique em UsbFix
*Tecle P > [ENTER]
*Tecle 2 > [ENTER] O PC será reiniciado, e começara um scan, e aguarde o término.

Terminando abrirá um relatório automatico copia ele todo e cole aqui.
pc computador lento virus receber cheio
Adriano7
Adriano7 Novo Membro Registrado
43 Mensagens 0 Curtidas
#32 Por Adriano7
03/06/2010 - 16:53
tae brando lee

############################## | UsbFix 7.002 |
Usuário: Pessoal (Administrador) # ITAUTEC-CAC5D54 [ ]
Atualizado em 31/05/10 por El Desaparecido & C_XX
Começou em 16:50:10 | 03/06/2010
Site: http://pagesperso-orange.fr/NosTools/index.html
Contato: [EMAIL="FindyKill.Contact@gmail.com"]FindyKill.Contact@gmail.com[/EMAIL]
CPU: Intel(R) Pentium(R) D CPU 2.80GHz
CPU 2: Intel(R) Pentium(R) D CPU 2.80GHz
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall: Habilitado
Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated]
RAM -> 495 Mb
C:\ (%systemdrive%) -> Disco fixo # 149 Gb (133 Mb livre - 89%) [] # NTFS
D:\ -> Disco removível # 2 Gb (102 Mb livre - 5%) [SEVEN] # FAT
H:\ -> CD-ROM
################## | Ficheiros # pastas infeciosos |
Presente ! C:\Arquivos de programas\GbPlugin
Presente ! C:\WINDOWS\system32\autorun.i
Presente ! C:\WINDOWS\system32\autorun.in
Presente ! D:\Autorun.inf
Presente ! C:\Recycler\S-1-5-21-804409071-1363060772-4094713968-1006
Presente ! D:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013
Presente ! D:\Recycler\S-1-5-21-1254416572-1263425100-317347820-0350
Presente ! C:\khu
Presente ! C:\khv
################## | Registro |
Presente ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Presente ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Presente ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoResolveSearch
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{053d8976-4d65-11dd-a1f8-001558b5d3dd}
Shell\auto\Command = cssrs.exe
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cssrs.exe
Shell\explore\Command = cssrs.exe
Shell\find\Command = cssrs.exe
Shell\open\Command = cssrs.exe

################## | Vaccin |
(!) Este computador não é vacinada!
################## | E.O.F |
Adriano7
Adriano7 Novo Membro Registrado
43 Mensagens 0 Curtidas
#34 Por Adriano7
07/06/2010 - 21:06
log usbfix

############################## | UsbFix 7.002 |
Usuário: Pessoal (Administrador) # ITAUTEC-CAC5D54 [ ]
Atualizado em 31/05/10 por El Desaparecido & C_XX
Começou em 21:00:46 | 07/06/2010
Site: http://pagesperso-orange.fr/NosTools/index.html
Contato: [EMAIL="FindyKill.Contact@gmail.com"]FindyKill.Contact@gmail.com[/EMAIL]
CPU: Intel(R) Pentium(R) D CPU 2.80GHz
CPU 2: Intel(R) Pentium(R) D CPU 2.80GHz
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall: Habilitado
Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | (!) Outdated]
RAM -> 495 Mb
C:\ (%systemdrive%) -> Disco fixo # 149 Gb (132 Mb livre - 89%) [] # NTFS
D:\ -> Disco removível # 2 Gb (102 Mb livre - 5%) [SEVEN] # FAT
H:\ -> CD-ROM
################## | Ficheiros # pastas infeciosos |
Não supprimido ! C:\Arquivos de programas\GbPlugin
Supprimido ! C:\WINDOWS\system32\autorun.i
Supprimido ! C:\WINDOWS\system32\autorun.in
Supprimido ! D:\Autorun.inf
Supprimido ! C:\Recycler\S-1-5-21-804409071-1363060772-4094713968-1006
Supprimido ! D:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013
Supprimido ! D:\Recycler\S-1-5-21-1254416572-1263425100-317347820-0350
Supprimido ! C:\khu
Supprimido ! C:\khv
################## | Registro |
Supprimido ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimido ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Supprimido ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoResolveSearch
################## | Mountpoints2 |

################## | Listing |
[23/08/2009 - 20:34:51 | HD ] C:\$AVG8.VAULT$
[30/07/2009 - 23:03:21 | A | 2] C:\142861195
[30/05/2010 - 03:25:38 | D ] C:\32788R22FWJFW
[30/05/2010 - 00:40:32 | RD ] C:\Arquivos de programas
[24/03/2007 - 13:48:40 | A | 0] C:\AUTOEXEC.BAT
[11/08/2009 - 10:23:50 | D ] C:\b5cf74c092ef6b1e6184eee74741
[02/08/2007 - 09:23:03 | A | 211] C:\Boot.bak
[21/08/2009 - 19:19:06 | RASH | 281] C:\boot.ini
[02/03/2006 - 09:00:00 | RASH | 4952] C:\Bootfont.bin
[02/08/2007 - 10:03:09 | D ] C:\Cd Web-Can
[21/08/2009 - 19:19:06 | RASHD ] C:\cmdcons
[03/08/2004 - 23:00:02 | A | 261920] C:\cmldr
[23/08/2009 - 17:03:33 | SD ] C:\ComboFix
[22/08/2009 - 22:46:38 | A | 19541] C:\ComboFix.txt
[29/05/2010 - 19:50:41 | HD ] C:\Config.Msi
[24/03/2007 - 13:48:40 | A | 0] C:\CONFIG.SYS
[22/08/2009 - 22:35:49 | A | 106] C:\DeQuarantine.txt
[02/08/2007 - 09:23:24 | D ] C:\Documents and Settings
[24/03/2007 - 10:35:31 | D ] C:\drv
[18/08/2009 - 03:07:52 | SHD ] C:\found.000
[07/06/2010 - 20:53:53 | ASH | 519622656] C:\hiberfil.sys
[28/07/2008 - 00:56:48 | A | 37361] C:\idrv.hta
[07/03/2010 - 13:14:35 | A | 230424] C:\img2-001.raw
[24/03/2007 - 13:48:40 | RASH | 0] C:\IO.SYS
[24/03/2007 - 14:19:15 | A | 85745] C:\J8112014.sw
[24/03/2007 - 13:48:40 | RASH | 0] C:\MSDOS.SYS
[21/04/2007 - 06:48:44 | RHD ] C:\MSOCache
[24/03/2007 - 14:34:18 | A | 3729] C:\msupdate.txt
[02/03/2006 - 09:00:00 | RASH | 47564] C:\NTDETECT.COM
[02/03/2006 - 09:00:00 | RASH | 251168] C:\ntldr
[07/06/2010 - 20:53:53 | ASH | 780140544] C:\pagefile.sys
[30/05/2010 - 01:29:46 | SD ] C:\path
[21/04/2007 - 03:14:49 | D ] C:\Progra~1
[07/06/2010 - 21:02:32 | SHD ] C:\RECYCLER
[23/04/2007 - 07:19:28 | A | 1296] C:\S3TST.LOG
[02/08/2007 - 09:57:31 | AH | 268] C:\sqmdata00.sqm
[02/08/2007 - 10:07:08 | AH | 208] C:\sqmdata01.sqm
[06/11/2007 - 09:21:31 | AH | 268] C:\sqmdata02.sqm
[06/07/2008 - 23:52:47 | AH | 268] C:\sqmdata03.sqm
[08/07/2008 - 12:37:31 | AH | 304] C:\sqmdata04.sqm
[08/07/2008 - 12:41:09 | AH | 280] C:\sqmdata05.sqm
[08/07/2008 - 12:45:42 | AH | 280] C:\sqmdata06.sqm
[08/07/2008 - 12:50:38 | AH | 268] C:\sqmdata07.sqm
[08/07/2008 - 12:50:52 | AH | 268] C:\sqmdata08.sqm
[08/07/2008 - 12:57:46 | AH | 304] C:\sqmdata09.sqm
[08/07/2008 - 13:00:55 | AH | 292] C:\sqmdata10.sqm
[08/07/2008 - 13:02:25 | AH | 280] C:\sqmdata11.sqm
[08/07/2008 - 13:06:01 | AH | 232] C:\sqmdata12.sqm
[25/07/2008 - 00:07:49 | AH | 268] C:\sqmdata13.sqm
[25/08/2008 - 11:40:33 | AH | 268] C:\sqmdata14.sqm
[22/10/2008 - 22:56:08 | AH | 268] C:\sqmdata15.sqm
[19/02/2009 - 20:51:03 | AH | 280] C:\sqmdata16.sqm
[09/03/2009 - 14:11:57 | AH | 232] C:\sqmdata17.sqm
[02/07/2009 - 19:18:33 | AH | 268] C:\sqmdata18.sqm
[30/07/2009 - 22:51:10 | AH | 268] C:\sqmdata19.sqm
[02/08/2007 - 09:57:31 | AH | 244] C:\sqmnoopt00.sqm
[02/08/2007 - 10:07:08 | AH | 172] C:\sqmnoopt01.sqm
[06/11/2007 - 09:21:31 | AH | 244] C:\sqmnoopt02.sqm
[06/07/2008 - 23:52:47 | AH | 244] C:\sqmnoopt03.sqm
[08/07/2008 - 12:37:31 | AH | 244] C:\sqmnoopt04.sqm
[08/07/2008 - 12:41:09 | AH | 244] C:\sqmnoopt05.sqm
[08/07/2008 - 12:45:42 | AH | 244] C:\sqmnoopt06.sqm
[08/07/2008 - 12:50:38 | AH | 244] C:\sqmnoopt07.sqm
[08/07/2008 - 12:50:52 | AH | 244] C:\sqmnoopt08.sqm
[08/07/2008 - 12:57:46 | AH | 244] C:\sqmnoopt09.sqm
[08/07/2008 - 13:00:55 | AH | 244] C:\sqmnoopt10.sqm
[08/07/2008 - 13:02:25 | AH | 244] C:\sqmnoopt11.sqm
[08/07/2008 - 13:06:01 | AH | 244] C:\sqmnoopt12.sqm
[25/07/2008 - 00:07:49 | AH | 244] C:\sqmnoopt13.sqm
[25/08/2008 - 11:40:33 | AH | 244] C:\sqmnoopt14.sqm
[22/10/2008 - 22:56:08 | AH | 244] C:\sqmnoopt15.sqm
[19/02/2009 - 20:51:03 | AH | 244] C:\sqmnoopt16.sqm
[09/03/2009 - 14:11:57 | AH | 244] C:\sqmnoopt17.sqm
[02/07/2009 - 19:18:33 | AH | 244] C:\sqmnoopt18.sqm
[30/07/2009 - 22:51:10 | AH | 244] C:\sqmnoopt19.sqm
[21/04/2007 - 06:50:15 | D ] C:\SW_UTIL
[31/05/2010 - 14:56:58 | SHD ] C:\System Volume Information
[30/05/2010 - 01:29:46 | SD ] C:\uacpath
[07/06/2010 - 21:02:32 | D ] C:\Usbfix
[07/06/2010 - 21:02:37 | A | 5746] C:\UsbFix.txt
[30/05/2010 - 19:16:44 | D ] C:\WINDOWS
[30/05/2010 - 21:24:18 | A | 27946] C:\winzip.log
[30/05/2010 - 19:16:39 | D ] C:\_OTL
[06/12/2009 - 11:59:46 | D ] D:\PEN DRIVE
[17/12/2009 - 20:51:04 | D ] D:\EXAMES - LFG GIL
[26/03/2010 - 09:18:42 | D ] D:\IEC
[19/02/2010 - 08:13:16 | A | 30720] D:\Comentários à Nova Lei do Mandado de Segurança.doc
[12/12/2009 - 10:01:16 | RSHD ] D:\tmp
[19/02/2010 - 08:13:58 | A | 24064] D:\resposta yahoo.doc
[12/05/2010 - 20:54:16 | D ] D:\fotos
[11/12/2009 - 17:38:10 | H | 35328] D:\~WRL3506.tmp
[19/02/2010 - 08:19:00 | A | 34816] D:\Quadro sinótico.doc
[19/02/2010 - 08:22:48 | A | 62976] D:\Introdução.doc
[19/02/2010 - 08:26:04 | A | 27648] D:\Ampliação do prazo para resposta e a exigência de contracautela.doc
[22/02/2010 - 22:05:18 | A | 34304] D:\Gilberto AD.doc
[20/02/2010 - 11:10:46 | D ] D:\trab metod
[18/03/2010 - 19:54:06 | A | 26112] D:\13.11.doc
[18/03/2010 - 19:25:56 | A | 27136] D:\25.09.doc
[18/03/2010 - 20:38:32 | A | 30208] D:\20.11.doc
[30/01/2010 - 10:51:42 | RSHD ] D:\AUTORUN
[18/03/2010 - 20:39:02 | A | 28160] D:\13.11.2009.doc
[18/03/2010 - 20:39:28 | A | 29696] D:\Resumo aula 20.11.2009.doc
[18/03/2010 - 20:39:46 | A | 28160] D:\Resumo aula 13.11.2009.doc
[18/03/2010 - 20:40:20 | A | 29184] D:\Resumo aula 25.09.2009.doc
[19/04/2010 - 11:53:12 | D ] D:\escritório
[14/05/2010 - 19:12:20 | D ] D:\san telmo
[27/05/2010 - 19:42:24 | A | 66460] D:\trio.jpg
[14/04/2010 - 13:52:26 | D ] D:\MONOGRAFIA ESPEC
[16/04/2010 - 16:57:22 | D ] D:\ADRIANO quanta eng
[19/04/2010 - 12:57:48 | A | 38554] D:\Op. Adriano.xlsx
[05/04/2010 - 14:19:40 | A | 33871] D:\Op. Michelle.xlsx
[07/04/2010 - 10:09:10 | A | 26313] D:\Op. Eliane.xlsx
[13/04/2010 - 15:50:04 | A | 22927] D:\Op. Erika.xlsx
[19/04/2010 - 13:48:06 | D ] D:\DI BONACCI
[12/05/2010 - 19:54:38 | D ] D:\infinity marko
[12/05/2010 - 20:04:42 | D ] D:\tabelas quanta
[19/05/2010 - 13:59:46 | A | 88966] D:\carta cliente.docx
[27/05/2010 - 19:56:24 | A | 9790] D:\7777.jpg
[19/05/2010 - 17:48:20 | A | 16006] D:\PDCA Adriano, Julice e Tirce.docx
[27/05/2010 - 19:41:04 | A | 72484] D:\niver junior.jpg
[20/08/2009 - 14:49:26 | RSHD ] D:\RECYCLER
[30/05/2010 - 21:43:54 | D ] D:\bar copa
[21/05/2010 - 11:53:36 | D ] D:\cartão visita
[07/06/2010 - 17:17:02 | A | 88064] D:\carta zion.doc
[03/06/2010 - 18:51:16 | A | 126229] D:\edital_de_selecao_comunicacao_ufpa_2010.pdf
################## | Vaccin |
C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)
################## | Upload |
Favor enviar o arquivo: C:\UsbFix_Upload_Me_ITAUTEC-CAC5D54.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Obrigado pela sua contribuição.
################## | E.O.F |
Adriano7
Adriano7 Novo Membro Registrado
43 Mensagens 0 Curtidas
#35 Por Adriano7
07/06/2010 - 21:30
Tae log otl


OTL logfile created on: 7/6/2010 21:10:59 - Run 4
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Documents and Settings\Pessoal\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

495,00 Mb Total Physical Memory | 99,00 Mb Available Physical Memory | 20,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 132,39 Gb Free Space | 88,83% Space Free | Partition Type: NTFS
Drive D: | 1,92 Gb Total Space | 0,10 Gb Free Space | 5,19% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ITAUTEC-CAC5D54
Current User Name: Pessoal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/30 09:27:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
PRC - [2010/05/26 10:46:42 | 000,055,072 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/06 18:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe
PRC - [2007/06/13 10:21:56 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/12/14 04:44:30 | 000,065,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AcroRd32.exe


========== Modules (SafeList) ==========

MOD - [2010/05/30 09:27:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
MOD - [2006/08/25 08:49:12 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/03/02 09:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/05/26 10:46:42 | 000,055,072 | ---- | M] ( ) [Unknown | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007/11/06 17:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Arquivos de programas\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/01/04 19:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Arquivos de programas\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2010/05/26 10:48:08 | 000,045,472 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/12/08 17:23:26 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007/11/06 17:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/05/02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2006/12/05 20:39:11 | 001,963,680 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2006/03/02 09:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2005/07/05 17:49:38 | 000,925,572 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005/04/12 08:42:00 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/04/12 08:08:00 | 000,247,296 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Driver de áudio USB (WDM)
DRV - [2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 19:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/02 12:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 03:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002/07/10 09:39:34 | 000,032,256 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002/06/27 21:15:14 | 000,005,888 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide)
DRV - [2001/09/05 23:18:58 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 18:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.itautec.com.br

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.itautec.com.br

IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE 2A A1 10 2F 37 CA 01 [binary data]
IE - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2009/08/22 22:41:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [desp2k] C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe (LightComm)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LifeCam] C:\Arquivos de programas\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-804409071-1363060772-4094713968-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://www14.bancobrasil.com.br/plugin/GbpDist.cab (GbpDistObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - C:\Arquivos de programas\GbPlugin\gbieh.dll - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pessoal\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pessoal\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/03/24 13:48:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/06/07 21:02:37 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/01/30 10:51:42 | 000,000,000 | RHSD | M] - D:\AUTORUN -- [ FAT ]
O32 - AutoRun File - [2010/06/07 21:02:42 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/07 21:02:37 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2010/06/02 23:09:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pessoal\Desktop\tcc
[2010/06/01 01:17:22 | 000,000,000 | ---D | C] -- C:\Usbfix
[2010/06/01 01:05:35 | 001,166,371 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\Pessoal\Desktop\Usbfix.exe
[2010/05/30 19:16:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/30 09:27:12 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
[2010/05/30 00:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\Malwarebytes
[2010/05/30 00:40:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/30 00:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes
[2010/05/30 00:40:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/30 00:40:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware
[2010/05/29 21:44:18 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/05/29 20:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\HP
[2010/05/29 19:40:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live Safety Center
[2010/05/29 19:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\HP
[2010/05/29 19:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\HP
[2010/05/29 19:18:50 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\HP
[2010/05/29 19:18:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard
[2010/05/29 19:18:19 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Hewlett-Packard
[2010/05/29 19:17:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\zhenghe2
[2010/05/29 19:17:17 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\HP
[2010/05/29 19:14:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Hewlett-Packard
[2010/05/29 19:14:35 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll4v2.dll
[2010/05/29 19:14:33 | 000,258,048 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2010/05/29 19:14:11 | 000,569,344 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl4.dll
[2010/05/29 19:14:11 | 000,364,544 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
[2010/05/29 19:14:11 | 000,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2010/05/29 19:14:11 | 000,294,912 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst11.dll
[2010/05/29 19:14:10 | 000,675,840 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax4.dll
[2010/05/29 19:14:08 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010/05/29 19:13:11 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys

========== Files - Modified Within 30 Days ==========

[2010/06/07 21:02:41 | 000,009,727 | ---- | M] () -- C:\UsbFix_Upload_Me_ITAUTEC-CAC5D54.zip
[2010/06/07 20:58:45 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/07 20:55:12 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/06/07 20:54:05 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/07 20:54:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/07 20:54:03 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/07 20:53:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/07 20:53:53 | 519,622,656 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/06 21:50:13 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\Pessoal\ntuser.dat
[2010/06/06 21:50:13 | 000,000,330 | -HS- | M] () -- C:\Documents and Settings\Pessoal\ntuser.ini
[2010/06/06 21:49:59 | 005,380,562 | -H-- | M] () -- C:\Documents and Settings\Pessoal\Configurações locais\Dados de aplicativos\IconCache.db
[2010/06/03 20:01:34 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\Pessoal\Desktop\Microsoft Office Word 2003.lnk
[2010/06/03 20:00:08 | 000,137,765 | ---- | M] () -- C:\Documents and Settings\Pessoal\Desktop\7777.pdf
[2010/06/02 22:12:56 | 000,225,816 | ---- | M] () -- C:\Documents and Settings\Pessoal\Desktop\Metodologia_Pesquisa_Juridica_Aula_1_Leitura_Obrigatoria_1.pdf
[2010/06/01 01:17:22 | 001,166,371 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\Pessoal\Desktop\Usbfix.exe
[2010/05/30 09:27:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pessoal\Desktop\OTL.exe
[2010/05/30 00:40:39 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/29 19:22:08 | 000,154,586 | ---- | M] () -- C:\WINDOWS\hpwins16.dat
[2010/05/29 19:21:10 | 000,000,920 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/29 19:19:33 | 000,001,060 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Central de Soluções HP.lnk
[2010/05/29 19:18:59 | 000,001,848 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk
[2010/05/26 10:48:08 | 000,045,472 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\gbpkm.sys
[2010/05/11 20:39:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2010/06/07 21:02:41 | 000,009,727 | ---- | C] () -- C:\UsbFix_Upload_Me_ITAUTEC-CAC5D54.zip
[2010/06/03 20:00:08 | 000,137,765 | ---- | C] () -- C:\Documents and Settings\Pessoal\Desktop\7777.pdf
[2010/06/02 22:12:56 | 000,225,816 | ---- | C] () -- C:\Documents and Settings\Pessoal\Desktop\Metodologia_Pesquisa_Juridica_Aula_1_Leitura_Obrigatoria_1.pdf
[2010/05/30 00:40:39 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/29 19:19:33 | 000,001,060 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Central de Soluções HP.lnk
[2010/05/29 19:18:59 | 000,001,848 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk
[2010/05/29 19:14:54 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\hpzinstall.log
[2010/05/29 19:14:51 | 000,154,586 | ---- | C] () -- C:\WINDOWS\hpwins16.dat
[2009/06/29 18:41:04 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2009/05/25 13:17:23 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/12/04 23:44:49 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/11/06 17:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007/08/02 09:58:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/08/02 09:52:31 | 000,015,498 | R--- | C] () -- C:\WINDOWS\VX1000.ini
[2007/04/23 07:33:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/04/21 06:50:13 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/21 06:48:35 | 000,000,103 | ---- | C] () -- C:\WINDOWS\I_DMI.INI
[2007/03/24 14:17:21 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CUSTOM_CD.INI
[2007/03/24 13:52:45 | 000,003,685 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/03/24 10:35:11 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2007/03/24 10:31:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2007/03/24 10:31:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2007/03/24 10:31:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2007/03/24 10:31:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2007/03/24 10:31:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2007/03/24 10:31:57 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2007/03/24 10:31:57 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2007/03/24 10:31:57 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2007/03/24 10:31:57 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2006/05/03 15:44:44 | 000,001,352 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/09/29 16:42:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\linstall.dll
[2005/06/10 10:56:06 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll
[2005/06/10 10:55:04 | 000,123,904 | ---- | C] () -- C:\WINDOWS\System32\ZipDll.dll
[2004/05/13 20:14:58 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\opencrypto.dll
[2004/03/18 17:43:44 | 000,843,776 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003/04/07 11:30:02 | 000,005,383 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2008/07/16 22:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ESET
[2010/06/01 09:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2009/07/31 01:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\MotionDSP
[2009/07/31 01:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP
[2009/09/27 23:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\com.isc.flaphoneAir.E0E79A3CC362EB125C76F1BD07217F6302F98994.1
[2010/05/30 01:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\Desktopicon
[2009/06/22 12:52:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\Drivers
[2009/12/02 20:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\IObit
[2008/07/28 00:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\OfficeUpdate12
[2008/12/01 22:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pessoal\Dados de aplicativos\zweitgeist

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 204 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
< End of report >
Adriano7
Adriano7 Novo Membro Registrado
43 Mensagens 0 Curtidas
#36 Por Adriano7
07/06/2010 - 21:31
tae log extra otl


OTL Extras logfile created on: 7/6/2010 21:10:59 - Run 4
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Documents and Settings\Pessoal\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

495,00 Mb Total Physical Memory | 99,00 Mb Available Physical Memory | 20,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 132,39 Gb Free Space | 88,83% Space Free | Partition Type: NTFS
Drive D: | 1,92 Gb Total Space | 0,10 Gb Free Space | 5,19% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ITAUTEC-CAC5D54
Current User Name: Pessoal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Arquivos de programas\Microsoft LifeCam\LifeCam.exe" = C:\Arquivos de programas\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Arquivos de programas\Microsoft LifeCam\LifeExp.exe" = C:\Arquivos de programas\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Arquivos de programas\eMule\emule.exe" = C:\Arquivos de programas\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Arquivos de programas\Nero\Nero 7\Nero Home\NeroHome.exe:*big_green.pngisabled:Nero Home -- (Nero AG)
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistência Remota - Windows Messenger e Voz -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0C405D1F-359E-41C5-A1A9-383A04BBD5E2}" = Windows Live Galeria de Fotos
"{0CBADDF4-2CF6-4CDB-B4F5-29B8FCA7FE07}" = Microsoft .NET Framework 1.1 Brazilian Portuguese Language Pack
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{423290D4-DC50-48FA-9871-9D61FCAD7C13}" = Microsoft .NET Framework 2.0 Language Pack - PTB
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D04C9A1-F28C-4F6F-9D66-81BB000693D9}" = BPDSoftware_Ini
"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{624DEAA0-B27D-444B-8BFE-70622B318A4A}" = Windows Live Toolbar
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C579DEB-2905-4331-9EF0-285A63B09062}" = Microsoft LifeCam
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F60CD17-EE34-4f77-83B7-F8ADBDC31D46}" = ProductContext
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88FBDCF4-8ACF-46e6-9C33-231FBA6378D8}" = J3600
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CE4CB34-8187-42A1-B597-517760BEE8EC}" = BPD_Scan
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BB69D0F-1369-4DBD-99A9-1BC228ED1046}" = Nero 7 Essentials
"{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1046-7646-A70000000000}" = Adobe Reader 7.0 - Português
"{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D27F8BF7-61A4-4F0D-A190-9E2CE8C0773B}" = 3600_Help
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ECAD4F6A-0BF3-4028-9C81-E5D9F9606CBA}" = BPDSoftware
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials
"{F793385C-5F01-4b46-B974-15A81FB86FF1}" = HP Officejet J3600 Series
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Argente - Registry Cleaner_is1" = Argente - Registry Cleaner 1.5.5.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"eMule" = eMule
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0 Language Pack - PTB" = Microsoft .NET Framework 2.0 Language Pack - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Oi Velox Check Up_is1" = Oi Velox Check Up 1.0
"Programador de Modem_is1" = LightModem 3.0
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"Skype_is1" = Skype 2.5
"Usbfix" = Usbfix By C_XX & El Desaparecido
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = Arquivo do WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/6/2010 15:35:23 | Computer Name = ITAUTEC-CAC5D54 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 3/6/2010 19:12:20 | Computer Name = ITAUTEC-CAC5D54 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 3/6/2010 19:14:24 | Computer Name = ITAUTEC-CAC5D54 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 4/6/2010 14:34:05 | Computer Name = ITAUTEC-CAC5D54 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 6/6/2010 15:00:50 | Computer Name = ITAUTEC-CAC5D54 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 6/6/2010 15:42:02 | Computer Name = ITAUTEC-CAC5D54 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 6/6/2010 15:58:26 | Computer Name = ITAUTEC-CAC5D54 | Source = Google Update | ID = 20
Description =

Error - 6/6/2010 18:41:34 | Computer Name = ITAUTEC-CAC5D54 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 7/6/2010 19:54:51 | Computer Name = ITAUTEC-CAC5D54 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: The server name or address could not be resolved

Error - 7/6/2010 19:58:26 | Computer Name = ITAUTEC-CAC5D54 | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 7/6/2010 19:54:48 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7009
Description = Tempo limite (30000 milissegundos) de espera para que o serviço Nod32
AV se conecte.

Error - 7/6/2010 19:54:48 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Nod32 AV devido ao seguinte erro:
%%1053

Error - 7/6/2010 20:00:54 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7031
Description = O serviço Gbp Service foi finalizado inesperadamente. Isto aconteceu
1 vez(es). A seguinte ação corretiva será tomada em 1000 milissegundos: Reiniciar
o serviço.

Error - 7/6/2010 20:00:54 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7034
Description = O serviço MSCamSvc foi encerrado inesperadamente. Isso aconteceu
1 vez(es).

Error - 7/6/2010 20:00:54 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7034
Description = O serviço Adaptador de desempenho WMI foi encerrado inesperadamente.
Isso aconteceu 1 vez(es).

Error - 7/6/2010 20:00:54 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7034
Description = O serviço Spooler de impressão foi encerrado inesperadamente. Isso
aconteceu 1 vez(es).

Error - 7/6/2010 20:00:54 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7034
Description = O serviço Serviço 'Gateway de camada de aplicativo' foi encerrado
inesperadamente. Isso aconteceu 1 vez(es).

Error - 7/6/2010 20:00:54 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7034
Description = O serviço SeaPort foi encerrado inesperadamente. Isso aconteceu 1
vez(es).

Error - 7/6/2010 20:00:54 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7034
Description = O serviço Java Quick Starter foi encerrado inesperadamente. Isso
aconteceu 1 vez(es).

Error - 7/6/2010 20:02:32 | Computer Name = ITAUTEC-CAC5D54 | Source = Service Control Manager | ID = 7031
Description = O serviço Gbp Service foi finalizado inesperadamente. Isto aconteceu
2 vez(es). A seguinte ação corretiva será tomada em 1000 milissegundos: Reiniciar
o serviço.


< End of report >
igoreso
igoreso Super Participante Registrado
704 Mensagens 22 Curtidas
#37 Por igoreso
10/06/2010 - 22:51
Abra o OTL.exe.
Lembre-se que estiver executando Windows Vista ou 7 é necessário dar privilégio de administrador a ferramenta para isso:
Clique com o direito do mouse sobre o arquivo e depois clique em
Imagem
Selecione estas linhas que estão na codebox, clique com o direito sobre a seleção e escolha a opção copiar:

:OTL
O32 - AutoRun File - [2010/06/07 21:02:37 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/01/30 10:51:42 | 000,000,000 | RHSD | M] - D:\AUTORUN -- [ FAT ]
O32 - AutoRun File - [2010/06/07 21:02:42 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ FAT ]

:Commands
[EMPTYTEMP]
[CREATERESTOREPOINT]
[CLEARALLRESTOREPOINTS]
[REBOOT]
Execute o OTL.exe
Clique com o direito em qualquer parte branca, da sessão Exames Personalizados/Correções e escolha a opção colar
Feche TODAS as janelas (exceto o próprio OTL).
Clique no botão Concertar
O programa executará o script e reiniciará o seu computador.
Quando o Windows for carregado, o OTL será executado automaticamente. Permita a sua execução.
Um bloco de notas será aberto, contendo algumas informações.
Copie TODO o conteúdo deste bloco de notas e cole na sua resposta.
Uma cópia deste log ficará armazenado na pasta C:\_OTL\MovedFiles com o nome no seguinte formato data_hora.log.
Exemplo: 03142010_145545.log
igoreso
igoreso Super Participante Registrado
704 Mensagens 22 Curtidas
#39 Por igoreso
12/06/2010 - 09:33
Adriano7 disse:
Tae o log


Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!

OTL by OldTimer - Version 3.2.5.1 log created on 06122010_092415

Desculpe errei a escrita!daa.png Esse programa é chato com essas tags :OTL, sempre esqueço. Repita o procedimento e depois clique em Limpeza.


agradecea.gif
No mais, o log está limpo. big_green.png
Leia aqui os últimos passos para finalizarmos a remoção, pule o OTC.

Abraços,
Igor
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal