Logo Hardware.com.br
DCR24
DCR24 Membro Junior Registrado
64 Mensagens 0 Curtidas

PC lento podem verificar meu log, por favor?

#1 Por DCR24 29/05/2010 - 14:00
Fiz uma varredura com o active scan 2.0 panda, ele tetectou algumas infecções leves e um virus (autorun), mas ele não deleta, só detecta.
Passei avira, malware bytes, clearn, spyware doctor, tudo q tenho e ta aparentemente limpo. Mas hj abri o ares e ele começou a carregar os arquivos, só q travou e quando consegui fechá-lo a maquina ficou muito lenta e continua meio lerda... seria virus? Podem verificar meu log?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:54:46, on 29/5/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\Arquivos de programas\Panda USB Vaccine\USBVaccine.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Arquivos de programas\Windows Defender\MSASCui.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Free Download Manager\fdm.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\eMule\emule.exe
C:\Arquivos de programas\VIVO S893v\S893v.exe
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
D:\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Barra de ferramentas ALOT Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Arquivos de programas\alot\bin\BHO\alotBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Barra de ferramentas ALOT - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Arquivos de programas\alot\bin\alot.dll
O3 - Toolbar: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Arquivos de programas\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Arquivos de programas\MP3 Player Utilities 3.75\AMVConverter\grab.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm
O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm
O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1041396138439
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267221857988
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF86D021-6CA7-4CFD-803E-9610B94908D4}: NameServer = 200.204.0.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1CC6161-F5F5-4D6C-9114-9D1CB6A236D4}: NameServer = 200.142.130.203 200.220.227.57
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
--
End of file - 8651 bytes
DCR24
DCR24 Membro Junior Registrado
64 Mensagens 0 Curtidas
#3 Por DCR24
29/05/2010 - 19:00
Boa noite!

Aqui esta:

(29-5-2010 21:39:38 (GMT))
EliStartPage v21.04 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Mayo del 2010)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
(29-5-2010 21:45:15 (GMT))
EliStartPage v21.04 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Mayo del 2010)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\AUTORUN.INF --> Eliminado, PWS-OnLineGames.Herss(inf)
C:\Arquivos de programas\Messenger_Plus_Live\TBMESS.DLL --> Eliminado, TBConduit(tb)
Nº Total de Directorios: 3186
Nº Total de Ficheros: 34959
Nº de Ficheros Analizados: 10439
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2
(29-5-2010 21:47:01 (GMT))
EliStartPage v21.04 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Mayo del 2010)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
Nº Total de Directorios: 3186
Nº Total de Ficheros: 34957
Nº de Ficheros Analizados: 10437
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
(29-5-2010 21:50:46 (GMT))
EliStartPage v21.04 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Mayo del 2010)
--------------------------------------------------
Lista de Acciones (por Acción Directa):
(29-5-2010 21:51:21 (GMT))
EliStartPage v21.04 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Mayo del 2010)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "D:\"
D:\Downloads\backups\BACKUP-20100303-183641-645.DLL --> Eliminado, TBConduit(tb)
Nº Total de Directorios: 177
Nº Total de Ficheros: 5763
Nº de Ficheros Analizados: 331
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
(29-5-2010 21:52:14 (GMT))
EliStartPage v21.04 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 28 de Mayo del 2010)
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando "D:\"
Nº Total de Directorios: 177
Nº Total de Ficheros: 5762
Nº de Ficheros Analizados: 330
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Wings
Wings Cyber Highlander Registrado
20.3K Mensagens 1.2K Curtidas
#4 Por Wings
29/05/2010 - 19:09
*Baixe o OTL e salve-o no desktop
*Duplo clique em OTL.exe
*Selecione as opções abaixo:

[x][] Verificar All Users
[] Ignorar Arquivos Microsoft
[] Verificar Lop
[] Verificar Purity

*Em Custom Scans/Fixes cole o código abaixo:


safebootminimal
safebootnetwork
drivers32
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
/md5stop
%systemroot%\*. /mp /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
netsvcs
CREATERESTOREPOINT

*Clique em [Verificar] e aguarde o término do processo
*Cole os relatórios criados no desktop chamados: OTL.txt e Extras.txt
DCR24
DCR24 Membro Junior Registrado
64 Mensagens 0 Curtidas
#5 Por DCR24
30/05/2010 - 13:38
Olá! Colei o q vc pediu naquele espaço em branco q tem abaixo, pq o nome exato q vc passou não achei, era o unico lugar q me permitia colar um texto.
Aqui está o log OTL:

OTL logfile created on: 30/5/2010 13:06:56 - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Documents and Settings\Daiane\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

1.015,00 Mb Total Physical Memory | 509,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 51,39 Gb Total Space | 41,53 Gb Free Space | 80,82% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 66,84 Gb Free Space | 68,45% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WINDOWS-7045042
Current User Name: Daiane
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/30 13:03:05 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daiane\Desktop\OTL.exe
PRC - [2010/02/18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Arquivos de programas\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/22 16:15:14 | 005,668,864 | ---- | M] (http://www.emule-project.net) -- C:\Arquivos de programas\eMule\emule.exe
PRC - [2009/01/02 16:12:58 | 003,399,727 | ---- | M] (FreeDownloadManager.ORG) -- C:\Arquivos de programas\Free Download Manager\fdm.exe
PRC - [2008/04/14 09:00:00 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Defender\MsMpEng.exe
PRC - [2006/11/02 23:31:06 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Media Player\wmplayer.exe
PRC - [2006/09/25 11:23:42 | 000,507,904 | ---- | M] () -- C:\Arquivos de programas\VIVO S893v\S893v.exe
PRC - [2001/10/12 07:18:09 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


========== Modules (SafeList) ==========

MOD - [2010/05/30 13:03:05 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daiane\Desktop\OTL.exe
MOD - [2008/04/14 09:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/01/21 13:08:06 | 001,095,560 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/01/07 12:40:56 | 000,348,752 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/03 11:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/13 08:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 06:34:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3SavageNB)
DRV - [2006/09/25 11:24:36 | 000,055,936 | ---- | M] (YISO Wireless) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ys893vxs.sys -- (ys893vxs)
DRV - [2006/09/25 11:24:36 | 000,036,480 | ---- | M] (DEVGURU) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ys893vxm.sys -- (ys893vxm)
DRV - [2005/01/01 22:11:43 | 000,003,968 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005/01/01 22:07:05 | 000,009,728 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2003/12/18 18:36:44 | 000,113,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudios.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2003/11/07 06:07:52 | 000,391,680 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viasens.sys -- (VIASens)
DRV - [2002/11/28 11:18:04 | 000,015,360 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2001/08/17 19:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1957994488-1682526488-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br
IE - HKU\S-1-5-21-1957994488-1682526488-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Search, =
IE - HKU\S-1-5-21-1957994488-1682526488-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com.br/"
FF - prefs.js..extensions.enabledItems: [EMAIL="jqs@sun.com:1.0"]jqs@sun.com:1.0[/EMAIL]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2010/02/28 22:18:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2010/05/09 10:59:07 | 000,000,000 | ---D | M]

[2010/02/28 22:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Daiane\Dados de aplicativos\Mozilla\Extensions
[2010/02/28 22:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Daiane\Dados de aplicativos\Mozilla\Firefox\Profiles\6hb0m86g.default\extensions
[2010/05/09 10:59:09 | 000,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions
[2010/05/09 10:59:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/15 22:18:55 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml
[2010/01/15 22:18:55 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml
[2010/01/15 22:18:55 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml
[2010/01/15 22:18:55 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2008/04/14 09:00:00 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Barra de ferramentas ALOT Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Arquivos de programas\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (Programa Auxiliar de Início de Sessão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Barra de ferramentas ALOT) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Arquivos de programas\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Barra de Ferramentas do Yahoo!) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1957994488-1682526488-854245398-1003\..\Toolbar\WebBrowser: (no name) - {9B339F6E-DDCD-401B-8764-230ADBD01761} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Arquivos de programas\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1957994488-1682526488-854245398-1003..\Run: [Free Download Manager] C:\Arquivos de programas\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKU\S-1-5-21-1957994488-1682526488-854245398-1003..\Run: [fsm] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1682526488-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html ()
O8 - Extra context menu item: Baixar com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Baixar tudo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download selecionado pelo Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1041396138439 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267221857988 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Arquivos de programas\Aurora Media Workshop\msdxm.ocx (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Daiane\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Daiane\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Arquivos de programas\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/23 12:15:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/02/02 17:43:22 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{8f111210-1d35-11d7-bceb-00e04cc2a88f}\Shell\AutoRun\command - "" = F:\62.exe -- File not found
O33 - MountPoints2\{8f111210-1d35-11d7-bceb-00e04cc2a88f}\Shell\open\Command - "" = F:\62.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sdauxservice - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootMin: sdcoreservice - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - C:\Arquivos de programas\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sdauxservice - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootNet: sdcoreservice - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinDefend - C:\Arquivos de programas\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\\WINDOWS\\system32\\iac25_32.ax ()
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - vfwwdm32.dll File not found
Drivers32: MSVideo8 - VfWWDM32.dll File not found
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/02/23 12:14:55 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Unable to start service SrService!

========== Files/Folders - Created Within 30 Days ==========

[2010/05/30 13:02:55 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Daiane\Desktop\OTL.exe
[2010/05/27 20:22:46 | 001,043,578 | ---- | C] (VeryPDF.com Inc ) -- D:\Meus Documentos\pwdremover.exe
[2010/05/23 12:41:27 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/05/23 12:41:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Panda Security
[2010/05/23 12:28:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Yahoo! Companion
[2010/05/23 12:28:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Daiane\Dados de aplicativos\Yahoo!
[2010/05/23 12:28:06 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Yahoo!
[2010/05/11 18:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Daiane\Dados de aplicativos\alot
[2010/05/11 18:22:22 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\alot
[2010/05/09 11:00:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/05/09 10:59:07 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/05/09 10:59:07 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/05/09 10:59:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/05/09 10:59:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/30 13:03:05 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daiane\Desktop\OTL.exe
[2010/05/30 10:00:23 | 000,000,346 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/05/30 09:57:06 | 000,002,284 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/30 09:56:20 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/05/30 09:56:19 | 000,000,594 | ---- | M] () -- C:\WINDOWS\tasks\PandaUSBVaccine.job
[2010/05/30 09:56:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/30 09:56:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/30 09:56:01 | 1064,882,176 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/29 21:52:15 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\Daiane\NTUSER.DAT
[2010/05/29 21:52:15 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\Daiane\ntuser.ini
[2010/05/29 13:36:34 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/05/27 20:23:01 | 001,043,578 | ---- | M] (VeryPDF.com Inc ) -- D:\Meus Documentos\pwdremover.exe
[2010/05/26 20:37:41 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Daiane\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/23 12:27:53 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Daiane\Desktop\CCleaner.lnk
[2010/05/22 19:06:55 | 000,000,057 | ---- | M] () -- D:\Meus Documentos\Default.PLS
[2010/05/22 18:58:33 | 000,060,136 | ---- | M] () -- D:\Meus Documentos\manos.gif
[2010/05/22 18:57:05 | 000,297,984 | -H-- | M] () -- D:\Meus Documentos\photothumb.db
[2010/05/22 18:43:50 | 000,106,314 | ---- | M] () -- D:\Meus Documentos\PDVD_005.BMP
[2010/05/22 18:43:39 | 000,069,714 | ---- | M] () -- D:\Meus Documentos\PDVD_004.BMP
[2010/05/22 18:43:10 | 000,086,166 | ---- | M] () -- D:\Meus Documentos\PDVD_002.BMP
[2010/05/22 18:42:55 | 000,070,614 | ---- | M] () -- D:\Meus Documentos\PDVD_000.BMP
[2010/05/15 18:37:43 | 000,020,480 | ---- | M] () -- D:\Meus Documentos\vampiro.doc
[2010/05/13 21:48:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/05/02 21:35:33 | 000,076,007 | ---- | M] () -- D:\Meus Documentos\Cópia de churrasco no pai do marcelo 021.jpg
[2010/05/02 21:34:55 | 000,728,293 | ---- | M] () -- D:\Meus Documentos\Cópia de m1.JPG
[2010/05/02 21:30:24 | 001,669,158 | ---- | M] () -- D:\Meus Documentos\DSC02445.JPG
[2010/05/02 21:30:05 | 002,002,873 | ---- | M] () -- D:\Meus Documentos\DSC02496.JPG
[2010/05/02 21:29:49 | 001,440,103 | ---- | M] () -- D:\Meus Documentos\DSC02532.JPG
[2010/05/02 21:29:32 | 001,337,567 | ---- | M] () -- D:\Meus Documentos\DSC02533.JPG
[2010/05/02 21:29:15 | 000,940,594 | ---- | M] () -- D:\Meus Documentos\DSC02536.JPG
[2010/05/02 21:21:42 | 002,127,651 | ---- | M] () -- D:\Meus Documentos\DSC02492.JPG
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/23 12:03:17 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Daiane\Desktop\CCleaner.lnk
[2010/05/22 18:58:33 | 000,060,136 | ---- | C] () -- D:\Meus Documentos\manos.gif
[2010/05/22 18:37:02 | 000,106,314 | ---- | C] () -- D:\Meus Documentos\PDVD_005.BMP
[2010/05/22 18:37:01 | 000,069,714 | ---- | C] () -- D:\Meus Documentos\PDVD_004.BMP
[2010/05/22 18:36:56 | 000,086,166 | ---- | C] () -- D:\Meus Documentos\PDVD_002.BMP
[2010/05/22 18:36:52 | 000,070,614 | ---- | C] () -- D:\Meus Documentos\PDVD_000.BMP
[2010/05/13 22:25:49 | 000,020,480 | ---- | C] () -- D:\Meus Documentos\vampiro.doc
[2010/05/02 21:33:33 | 000,076,007 | ---- | C] () -- D:\Meus Documentos\Cópia de churrasco no pai do marcelo 021.jpg
[2010/05/02 21:33:08 | 000,728,293 | ---- | C] () -- D:\Meus Documentos\Cópia de m1.JPG
[2010/05/02 21:27:35 | 002,002,873 | ---- | C] () -- D:\Meus Documentos\DSC02496.JPG
[2010/05/02 21:27:35 | 001,669,158 | ---- | C] () -- D:\Meus Documentos\DSC02445.JPG
[2010/05/02 21:27:35 | 001,440,103 | ---- | C] () -- D:\Meus Documentos\DSC02532.JPG
[2010/05/02 21:27:35 | 001,337,567 | ---- | C] () -- D:\Meus Documentos\DSC02533.JPG
[2010/05/02 21:27:35 | 000,940,594 | ---- | C] () -- D:\Meus Documentos\DSC02536.JPG
[2010/05/02 21:21:41 | 002,127,651 | ---- | C] () -- D:\Meus Documentos\DSC02492.JPG
[2010/02/27 21:32:06 | 000,087,800 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/02/25 06:49:31 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/02/25 06:49:30 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/02/25 06:49:26 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/02/25 06:49:26 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/02/25 06:49:25 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/02/25 06:49:21 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/02/25 06:49:20 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/02/24 10:16:12 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/24 08:47:21 | 003,088,384 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-4.dll
[2010/02/24 08:47:19 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\smd.dll
[2010/02/24 08:40:01 | 000,000,043 | ---- | C] () -- C:\WINDOWS\Aurora Media Workshop.INI
[2010/02/23 05:17:44 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2007/12/19 11:53:30 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/04/14 09:00:00 | 020,099,802 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 09:00:00 | 020,099,802 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 09:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 09:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 09:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 09:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 09:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 09:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 09:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMPbig_green.pngFC5A2B2
< End of report >

E o Extras:

OTL Extras logfile created on: 30/5/2010 13:06:56 - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Documents and Settings\Daiane\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

1.015,00 Mb Total Physical Memory | 509,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 51,39 Gb Total Space | 41,53 Gb Free Space | 80,82% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 66,84 Gb Free Space | 68,45% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WINDOWS-7045042
Current User Name: Daiane
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Arquivos de programas\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mega] -- "C:\Arquivos de programas\Megacubo\megacubo.exe" "%1" (www.megacubo.net )
Directory [PlayWithVLC] -- C:\Arquivos de programas\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Arquivos de programas\Megacubo\megacubo.exe" = C:\Arquivos de programas\Megacubo\megacubo.exe:*:Enabled:MegaCubo -- (www.megacubo.net )
"C:\Arquivos de programas\Ares\Ares.exe" = C:\Arquivos de programas\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"C:\Arquivos de programas\MSN BackUp\MSNBackup.exe" = C:\Arquivos de programas\MSN BackUp\MSNBackup.exe:*:Enabled:MSN BackUp -- (Leonardo Bai)
"C:\Arquivos de programas\eMule\emule.exe" = C:\Arquivos de programas\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live
"{20B05668-C9F0-4469-AEF4-14DF41D6ACB6}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{28DA1AA2-07F2-4451-A28B-A6A01A9CE8E9}" = Assistente de Início de Sessão do Windows Live
"{418001D0-F48E-4910-966C-0DCCC996A87A}" = Windows Live Call
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50CEA963-2745-46A8-BE71-767F2B36FEF2}" = Windows Live Essentials
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{810106DB-A192-47CD-AF67-7BA100BE387C}" = S893v
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.15
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AC76BA86-7AD7-1046-7B44-A90000000001}" = Adobe Reader 9 - Português
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.82
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-Remover" = Ad-Remover By C_XX
"alotToolbar" = Barra de ferramentas ALOT
"Ares" = Ares 2.1.1
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"Aurélio - Século XXI" = Aurélio - Século XXI
"Aurora Media Workshop_is1" = Aurora Media Workshop 3.4.32
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"ClickPic_is1" = ClickPic version 1.7
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CutePDF Writer Installation" = CutePDF Writer 2.7
"eMule" = eMule
"FastDictionary 2007_is1" = FastDictionary 2007
"Free Download Manager_is1" = Free Download Manager 3.0
"HijackThis" = HijackThis 2.0.2
"hp deskjet 656c series" = hp deskjet 656c series (Remover somente)
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Basic)
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Megacubo_is1" = Megacubo 7.3.0
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live Toolbar" = Messenger_Plus_Live Toolbar
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN BackUp" = MSN BackUp 1.3.3
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"PhotoScape" = PhotoScape
"PhotoToolkit_is1" = Photo! Editor 1.1
"RealAlt_is1" = Real Alternative 1.9.0
"Spyware Doctor" = Spyware Doctor 6.0
"VistaMizer" = VistaMizer 2.5.2.0
"VLC media player" = VLC media player 0.9.8a
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = Arquivo do WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Barra de Ferramentas do Yahoo!

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28/4/2010 18:52:04 | Computer Name = WINDOWS-7045042 | Source = Application Hang | ID = 1002
Description = Aplicativo com falha iexplore.exe, versão 8.0.6001.18702, módulo com
falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

Error - 1/5/2010 10:38:53 | Computer Name = WINDOWS-7045042 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 3/5/2010 17:31:24 | Computer Name = WINDOWS-7045042 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80072ee2, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 8/5/2010 19:52:57 | Computer Name = WINDOWS-7045042 | Source = Application Error | ID = 1000
Description = Aplicativo com falha iexplore.exe, versão 8.0.6001.18702, módulo com
falha embd3260.dll, versão 6.0.13.68, endereço com falha 0x0002f11d.

Error - 9/5/2010 08:44:08 | Computer Name = WINDOWS-7045042 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 9/5/2010 17:05:58 | Computer Name = WINDOWS-7045042 | Source = MsiInstaller | ID = 11310
Description = Product: WebFldrs XP -- Error 1310. Error writing to file: C:\Arquivos
de programas\Arquivos comuns\Microsoft Shared\Web Server Extensions\40\bin\FP4AWEC.DLL.
System error 0. Verify that you have access to that directory.

Error - 15/5/2010 13:27:08 | Computer Name = WINDOWS-7045042 | Source = crypt32 | ID = 131080
Description = Falha na recuperação de atualização automática do número de seqüência
de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
com erro: Esta operação foi retornada porque o tempo limite expirou.

Error - 20/5/2010 17:55:55 | Computer Name = WINDOWS-7045042 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80072ee2, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 22/5/2010 14:16:47 | Computer Name = WINDOWS-7045042 | Source = Application Hang | ID = 1002
Description = Aplicativo com falha mpc-hc.exe, versão 1.3.1590.0, módulo com falha
hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

Error - 23/5/2010 10:49:24 | Computer Name = WINDOWS-7045042 | Source = Application Hang | ID = 1002
Description = Aplicativo com falha Ad-Aware.exe, versão 6.2.0.236, módulo com falha
hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

[ System Events ]
Error - 23/5/2010 18:08:14 | Computer Name = WINDOWS-7045042 | Source = Disk | ID = 262151
Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

Error - 23/5/2010 18:08:17 | Computer Name = WINDOWS-7045042 | Source = Disk | ID = 262151
Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

Error - 23/5/2010 18:08:21 | Computer Name = WINDOWS-7045042 | Source = Disk | ID = 262151
Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

Error - 23/5/2010 18:08:24 | Computer Name = WINDOWS-7045042 | Source = Disk | ID = 262151
Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

Error - 23/5/2010 18:08:27 | Computer Name = WINDOWS-7045042 | Source = Disk | ID = 262151
Description = O dispositivo, \Device\Harddisk0\D, possui um bloco defeituoso.

Error - 29/5/2010 12:45:23 | Computer Name = WINDOWS-7045042 | Source = DCOM | ID = 10010
Description = O servidor {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C} não se registrou
com o DCOM dentro do tempo limite requerido.

Error - 30/5/2010 08:56:16 | Computer Name = WINDOWS-7045042 | Source = SRService | ID = 104
Description = Falha no processo de inicialização da restauração do sistema.

Error - 30/5/2010 08:56:20 | Computer Name = WINDOWS-7045042 | Source = Service Control Manager | ID = 7023
Description = O serviço Serviço de restauração do sistema terminou com o erro: %%2

Error - 30/5/2010 12:08:49 | Computer Name = WINDOWS-7045042 | Source = SRService | ID = 104
Description = Falha no processo de inicialização da restauração do sistema.

Error - 30/5/2010 12:08:49 | Computer Name = WINDOWS-7045042 | Source = Service Control Manager | ID = 7023
Description = O serviço Serviço de restauração do sistema terminou com o erro: %%2


< End of report >

wink.png
Wings
Wings Cyber Highlander Registrado
20.3K Mensagens 1.2K Curtidas
#6 Por Wings
30/05/2010 - 14:42
O PC está limpo.

1.
*Execute o OTL novamente e clique em [Limpeza]

2.
*Baixe o ATF Cleaner e salve-o no desktop
*Duplo clique em ATF-Cleaner.exe
*Em Main selecione [Select all]
*Clique em [Empty Selected]
=>Caso use Firefox ou Opera:
*Em "Firefox" ou em "Opera" clique em [Select all]
*Clique em [No]
*Clique [Empty Selected]
*Clique em [No]
*Clique em [Exit] ou no [X] para sair do programa

Um abraço.
© 1999-2025 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal