Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
cobracega

Suspeita de infecção...

Recommended Posts

Boa noite, estou precisando de ajuda urgente pois meu computador que está rodando com windows 7 x64 está travando muito, e preciso acessar alguns sites e estou com medo de que a senha seja roubada.

Meu pc tem 4 gb de memoria e quando começa a travar (so o mouse fica mexendo) o uso da memória beira os 100%. Uma vez eu fiquei observando no gerenciador de tarefas e, quando começa a travar o processo explorer.exe passa dos 100.000 K.

Segue abaixo o log apenas do gmer, pois quando executo o dds aparece uma janela preta e rapidamente desaparece, e mesmo sem eu mexer em nada os logs não aparecem...

GMER 1.0.15.15640 - http://www.gmer.net

Rootkit scan 2011-06-25 21:15:53

Windows 6.1.7601 Service Pack 1

Running: gmer.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x9A 0xB6 0x5D 0xB3 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x91 0xD8 0x1F 0x5A ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDC 0x39 0xEA 0x62 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x5C 0xD6 0x46 0x99 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x2F 0xE8 0x55 0xB6 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12 0xF0 0xF1 0x90 0xF4 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x9A 0xB6 0x5D 0xB3 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x91 0xD8 0x1F 0x5A ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDC 0x39 0xEA 0x62 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x5C 0xD6 0x46 0x99 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x2F 0xE8 0x55 0xB6 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12 0xF0 0xF1 0x90 0xF4 ...

---- EOF - GMER 1.0.15 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Desculpe a demora :)

Postes os logs de acordo com Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Desculpa a demora, é que agora esse windows em questão não está logando.

    Quando eu coloco a senha (tanto dando boot normal quanto no modo de segurança) aparece Bem-vindo mas depois de alguns segundos aparece esse erro:

    O servidor RPC não está disponível.

    E agora? Qual seria a área mais indicada para mim postar esse problema?

    Obrigado.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Você tem o CD de instalação do Windows?

    Sim, possuo, mas esse problema eu resolvi com a restauracao do sistema atraves do cd.

    Mas o problema com os travamentos continua, ja nao sei o que eu faço.

    Grato.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro cobracega

    Faça o donwload do OTL by OldTimer e salve em seu Desktop.

    • Clique duas vezes no ícone 3984478580_7ed4cabc45_o.gif
    • Deixe a tela principal configurada conforme figura abaixo:

    5369448421_6bf795eb1a_b.jpg

    • Copie e cole o conteúdo abaixo, no espaço logo após 5369460409_ee749edc8e_m.jpg
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dl
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    /md5stop

    • Clique no botão 5370056362_e3d07d5d8a_m.jpg
    • Não interrompa o scan em hipótese alguma;
    • Quando terminar será gerado dois logs: OTL.txt e Extras.txt;
    • Reinicie o computador;
    • Poste os dois logs em sua próxima resposta.
    • Não exclua o OTL

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Segue abaixo logs OTL.txt e Extras.txt conforme solicitado.

    OTL Extras logfile created on: 02/07/2011 20:42:30 - Run 1

    OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\PAUL()\Desktop

    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

    Internet Explorer (Version = 9.0.8112.16421)

    Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

    3,96 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 60,77% Memory free

    11,93 Gb Paging File | 9,81 Gb Available in Paging File | 82,26% Paging File free

    Paging file location(s): c:\pagefile.sys 8155 12232 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

    Drive C: | 195,21 Gb Total Space | 75,07 Gb Free Space | 38,46% Space Free | Partition Type: NTFS

    Drive D: | 78,13 Gb Total Space | 44,12 Gb Free Space | 56,47% Space Free | Partition Type: NTFS

    Drive E: | 78,13 Gb Total Space | 43,99 Gb Free Space | 56,30% Space Free | Partition Type: NTFS

    Drive F: | 309,50 Gb Total Space | 10,76 Gb Free Space | 3,48% Space Free | Partition Type: NTFS

    Drive G: | 736,20 Gb Total Space | 548,07 Gb Free Space | 74,45% Space Free | Partition Type: NTFS

    Drive M: | 100,00 Mb Total Space | 69,98 Mb Free Space | 69,98% Space Free | Partition Type: NTFS

    Computer Name: PAUL0 | User Name: PAUL() | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========

    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

    batfile [open] -- "%1" %* File not found

    cmdfile [open] -- "%1" %* File not found

    comfile [open] -- "%1" %* File not found

    exefile [open] -- "%1" %* File not found

    helpfile [open] -- Reg Error: Key error.

    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)

    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

    piffile [open] -- "%1" %* File not found

    regfile [merge] -- Reg Error: Key error.

    scrfile [config] -- "%1" File not found

    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found

    scrfile [open] -- "%1" /S File not found

    txtfile [edit] -- Reg Error: Key error.

    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    Directory [mega] -- "F:\Programas\MegaCubo\megacubo.exe" "%1" (www.megacubo.net )

    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    Folder [explore] -- Reg Error: Value error.

    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

    batfile [open] -- "%1" %*

    cmdfile [open] -- "%1" %*

    comfile [open] -- "%1" %*

    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

    exefile [open] -- "%1" %*

    helpfile [open] -- Reg Error: Key error.

    piffile [open] -- "%1" %*

    regfile [merge] -- Reg Error: Key error.

    scrfile [config] -- "%1"

    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

    scrfile [open] -- "%1" /S

    txtfile [edit] -- Reg Error: Key error.

    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    Directory [mega] -- "F:\Programas\MegaCubo\megacubo.exe" "%1" (www.megacubo.net )

    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    Folder [explore] -- Reg Error: Value error.

    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    "cval" = 1

    "FirewallDisableNotify" = 0

    "AntiVirusDisableNotify" = 0

    "UpdatesDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

    "AntiVirusOverride" = 0

    "AntiSpywareOverride" = 0

    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    "FirewallDisableNotify" = 0

    "AntiVirusDisableNotify" = 0

    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    "DisableMonitoring" = 1

    "" =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

    "DisableSR" = 0

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    "DisableNotifications" = 0

    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

    "DisableNotifications" = 0

    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

    "DisableNotifications" = 0

    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    "{00045CD3-323F-419D-A7BF-D3E8838E580D}" = Microsoft SQL Server 2008 RsFx Driver

    "{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer

    "{0BCF8A54-3980-4770-AA5D-425ABC427890}" = Microsoft SQL Server 2008 Native Client

    "{0C270C59-8706-42B8-A2AD-6E5EE18BC90B}" = Microsoft SQL Server 2008 Reporting Services

    "{0C6C4C8A-3B96-4681-90BA-0E15CDE96298}" = Microsoft SQL Server 2008 Management Studio

    "{0D3BCE9D-1759-41D0-8083-7B1380E7A87E}" = Microsoft SQL Server 2008 Upgrade Advisor

    "{108C8C1D-DA02-4A6C-94CD-5603F6A6FC72}" = Microsoft SQL Server 2008 Management Studio

    "{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode

    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

    "{2453DBC8-ACC4-4711-BD03-0C15353AA3D8}" = Microsoft SQL Server 2008 Reporting Services

    "{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program

    "{40FE9766-42D5-4A50-8018-7E5C10709D73}" = Microsoft SQL Server 2008 Setup Support Files

    "{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files

    "{53D7A054-4598-4947-A159-E8FCC77720AB}" = Microsoft Sync Framework Runtime v1.0 (x64)

    "{67C816AF-93F0-4C11-A355-AABC5FC00083}" = Microsoft SQL Server 2008 BI Development Studio

    "{6C8EEF0B-C4BE-35A7-BF08-7C3C667EB62A}" = Microsoft .NET Framework 4 Extended PTB Language Pack

    "{6E2EE862-FEF9-408A-90BB-F5B4EC129C8E}" = Microsoft SQL Server 2008 Analysis Services

    "{817BCC2B-76A8-4C8B-8B55-FD916C6969CC}" = Microsoft Sync Services for ADO.NET v2.0 (x64)

    "{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files

    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

    "{90140000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010

    "{910A147A-75D7-4ECD-A00D-727AAC0FD0E7}" = Microsoft SQL Server 2008 Client Tools

    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

    "{9DFA5914-C275-42E0-810E-C88E46A7F9EA}" = Microsoft SQL Server 2008 Full text search

    "{AE479CE0-753F-49C0-B8E6-79A37403999F}" = Microsoft SQL Server 2008 BI Development Studio

    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver do 3D Vision 275.33

    "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Painel de controle da NVIDIA 275.33

    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver de gráficos 275.33

    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver de controle do 3D Vision 275.33

    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software do sistema PhysX 9.10.0514

    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Atualizações da NVIDIA 1.3.5

    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver de áudio HD 1.2.23.3

    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

    "{B702C53B-D809-4DD3-8C77-23EC0C948959}" = Microsoft SQL Server 2008 Integration Services

    "{B7693CDE-074B-301C-9584-FC4343696C8B}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack

    "{BAACB61F-43E0-4E70-BDC9-F81CC3B22970}" = Microsoft SQL Server 2008 Client Tools

    "{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared

    "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector

    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

    "{DDEBB7D6-671C-468D-98EB-EF9F1A1BC524}" = RT 7 Lite x64

    "{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared

    "{F01EC9B9-21B4-441E-958A-1E01098B03BE}" = Microsoft SQL Server 2008 Analysis Services

    "{F4264106-F90E-4076-98CF-1B878DB14513}" = SQL Server System CLR Types

    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

    "{F5FEEB7E-F647-4D18-85BA-096750A15547}" = Microsoft SQL Server 2008 Integration Services

    "{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services

    "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services

    "Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit

    "CPUID CPU-Z_is1" = CPUID CPU-Z 1.58

    "CutePDF Writer Installation" = CutePDF Writer 2.8

    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

    "Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

    "Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)

    "Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)

    "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)

    "Unlocker" = Unlocker 1.9.1-x64

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    "{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd

    "{01C5A10F-AD9B-405B-853A-6659841A1242}" = Microsoft SQL Server 2008 Policies

    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

    "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help

    "{0712667C-A171-49AE-A098-4ACDA28625F8}" = Sony Sound Forge 7.0

    "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode

    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

    "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool

    "{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011

    "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM

    "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights

    "{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool

    "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM

    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

    "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart

    "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax

    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

    "{3431A7A3-6287-46B0-8AF1-BE2452A1FE62}" = Microsoft SQL Server 2008 Books Online (English)

    "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help

    "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3

    "{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials

    "{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources

    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

    "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help

    "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter

    "{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City

    "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap

    "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles

    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

    "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision

    "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help

    "{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help

    "{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City

    "{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}" = Microsoft SQL Server Compact 3.5 SP1 Query Tools English

    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

    "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed

    "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed

    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed

    "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World

    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

    "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime

    "{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1" = RDesc 2.33

    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

    "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components

    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

    "{90140000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2010

    "{90140000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

    "{90140000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

    "{90140000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

    "{90140000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

    "{90140000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2010

    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

    "{90140000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2010

    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

    "{90140000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2010

    "{90140000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010

    "{90140000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

    "{90140000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

    "{90140000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2010

    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

    "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express

    "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime

    "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer

    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter

    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

    "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010

    "{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail

    "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center

    "{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker

    "{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation

    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

    "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress

    "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner

    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

    "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU

    "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool

    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

    "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed

    "{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris

    "{AC76BA86-7AD7-1046-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Português

    "{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k

    "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor

    "{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common

    "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help

    "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

    "{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}" = Microsoft Visual Studio 2008 Shell (integrated mode) - ENU

    "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit

    "{c67ffcd5-58e3-4251-b485-d8014b008ade}" = Nero 9

    "{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser

    "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit

    "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent

    "{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi

    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

    "{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux

    "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game

    "{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn

    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

    "{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger

    "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help

    "{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack

    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

    "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget

    "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English

    "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help

    "{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™

    "{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights

    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

    "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

    "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision

    "{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos

    "{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III

    "{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows

    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

    "ASIO4ALL" = ASIO4ALL

    "EasyBCD" = EasyBCD 2.0

    "FL Studio 9" = FL Studio 9

    "Fraps" = Fraps (remove only)

    "Free FLV Converter_is1" = Free FLV Converter V 6.96.0

    "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3

    "Hardcore" = Hardcore

    "IL Download Manager" = IL Download Manager

    "InstallShield_{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III

    "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010

    "LogMeIn Hamachi" = LogMeIn Hamachi

    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware versão 1.51.0.1200

    "Megacubo_is1" = Megacubo 7.9.0

    "Microsoft SQL Server 7.0" = Microsoft SQL Server 7.0

    "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver

    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010

    "OpenAL" = OpenAL

    "PoiZone" = PoiZone

    "P-Patchs HQ 2.0 ID_mp1" = P-Patchs HQ 2.0 Versão 1.0

    "Precision" = EVGA Precision 2.0.3

    "RollerCoaster Tycoon Setup" = Roll

    "Sawer" = Sawer

    "ST6UNST #1" = Frente

    "TeamViewer 6" = TeamViewer 6

    "Toxic Biohazard" = Toxic Biohazard

    "Ultravnc2_is1" = UltraVNC 1.0.8.2

    "uTorrent" = µTorrent

    "Vendas_is1" = Vendas.1.00

    "VisualReportX_is1" = Visual ReportX

    "VMware_Workstation" = VMware Workstation

    "WinLiveSuite" = Windows Live Essentials

    "XP Codec Pack" = XP Codec Pack

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    "RT 7 Lite x64" = RT 7 Lite (64-Bit)

    ========== Last 10 Event Log Errors ==========

    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

    < End of report >

    Abraços ...

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Cara, desde antes de ontem estou tentando mas não estou conseguindo postar o log, nem pela mensagem nem pelo anexo.

    O problema com os travamentos terminaram. Causa: Kaspersky Internet Security 2010. Quando desativei a sua inicialização junto ao windows não surtiu efeito nenhum, mas foi só eu desinstalar para acabar o problema.

    Agora estou usando o Comodo Internet Security 2011 x64, mas se houver alguma outra forma de eu postar o log do OTL, só para confirmar se o computador está limpo eu agradeceria.

    At+

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Segue log OTL.txt atualizado...

    OTL logfile created on: 08/07/2011 22:52:48 - Run 2

    OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\PAUL()\Desktop

    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

    Internet Explorer (Version = 9.0.8112.16421)

    Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

    3,96 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 59,28% Memory free

    11,93 Gb Paging File | 9,58 Gb Available in Paging File | 80,29% Paging File free

    Paging file location(s): c:\pagefile.sys 8155 12232 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

    Drive C: | 195,21 Gb Total Space | 72,20 Gb Free Space | 36,98% Space Free | Partition Type: NTFS

    Drive D: | 78,13 Gb Total Space | 44,12 Gb Free Space | 56,47% Space Free | Partition Type: NTFS

    Drive E: | 78,13 Gb Total Space | 40,62 Gb Free Space | 51,99% Space Free | Partition Type: NTFS

    Drive F: | 309,50 Gb Total Space | 45,77 Gb Free Space | 14,79% Space Free | Partition Type: NTFS

    Drive G: | 736,20 Gb Total Space | 494,21 Gb Free Space | 67,13% Space Free | Partition Type: NTFS

    Drive M: | 100,00 Mb Total Space | 69,98 Mb Free Space | 69,98% Space Free | Partition Type: NTFS

    Computer Name: PAUL0 | User Name: PAUL() | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/07/02 20:40:03 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\PAUL()\Desktop\OTL.exe

    PRC - [2011/06/01 09:44:54 | 008,003,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe

    PRC - [2011/06/01 09:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

    PRC - [2011/05/25 04:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    PRC - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

    PRC - [2011/05/03 17:37:02 | 000,355,432 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\EVGAPrecision.exe

    PRC - [2010/12/06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

    PRC - [2010/06/14 22:54:22 | 002,320,304 | ---- | M] (Beepa P/L) -- F:\Programas\Fraps\fraps.exe

    PRC - [2009/10/22 05:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe

    PRC - [2009/10/22 04:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe

    PRC - [2009/10/22 04:59:24 | 000,129,584 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe

    PRC - [1998/11/23 23:06:54 | 004,972,816 | ---- | M] (Microsoft Corporation) -- C:\MSSQL7\Binn\sqlservr.exe

    PRC - [1998/11/13 02:06:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\MSSQL7\Binn\sqlmangr.exe

    ========== Modules (SafeList) ==========

    MOD - [2011/07/02 20:40:03 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\PAUL()\Desktop\OTL.exe

    MOD - [2011/06/30 09:37:26 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll

    MOD - [2010/11/20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

    MOD - [2010/06/14 22:54:34 | 000,206,768 | ---- | M] (Beepa P/L) -- F:\Programas\Fraps\fraps32.dll

    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/06/30 09:37:30 | 002,528,096 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)

    SRV:64bit: - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

    SRV - [2011/06/01 09:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)

    SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

    SRV - [2011/05/25 04:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

    SRV - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

    SRV - [2011/05/15 11:12:10 | 000,403,240 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

    SRV - [2010/12/08 13:12:10 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)

    SRV - [2010/12/08 13:12:04 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)

    SRV - [2010/12/06 08:31:50 | 002,101,640 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

    SRV - [2010/11/08 12:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)

    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

    SRV - [2009/12/07 00:19:00 | 001,590,216 | ---- | M] (UltraVNC) [Disabled | Stopped] -- C:\Program Files (x86)\UltraVNC\winvnc.exe -- (uvnc_service)

    SRV - [2009/10/22 05:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)

    SRV - [2009/10/22 04:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)

    SRV - [2009/10/22 04:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)

    SRV - [2009/10/22 03:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)

    SRV - [2009/10/12 14:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)

    SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

    SRV - [2008/09/24 13:32:48 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

    SRV - [1998/11/23 23:06:54 | 004,972,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\MSSQL7\Binn\sqlservr.exe -- (MSSQLServer)

    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/06/30 09:38:08 | 000,016,016 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)

    DRV:64bit: - [2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

    DRV:64bit: - [2011/05/25 04:25:48 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

    DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

    DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

    DRV:64bit: - [2011/02/17 17:21:12 | 000,156,080 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

    DRV:64bit: - [2011/01/20 12:09:26 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

    DRV:64bit: - [2011/01/12 06:42:12 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)

    DRV:64bit: - [2010/12/08 13:12:30 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)

    DRV:64bit: - [2010/11/20 05:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)

    DRV:64bit: - [2010/11/20 05:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)

    DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

    DRV:64bit: - [2010/11/20 03:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)

    DRV:64bit: - [2010/11/20 03:35:26 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)

    DRV:64bit: - [2010/11/20 03:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)

    DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

    DRV:64bit: - [2010/11/20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

    DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)

    DRV:64bit: - [2010/09/17 15:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)

    DRV:64bit: - [2010/09/17 15:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)

    DRV:64bit: - [2010/02/03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

    DRV:64bit: - [2009/10/22 05:01:10 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)

    DRV:64bit: - [2009/10/22 05:01:04 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)

    DRV:64bit: - [2009/10/22 05:00:58 | 000,068,144 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)

    DRV:64bit: - [2009/10/22 05:00:56 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)

    DRV:64bit: - [2009/10/22 03:47:50 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)

    DRV:64bit: - [2009/10/22 00:13:28 | 000,045,104 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)

    DRV:64bit: - [2009/10/22 00:13:28 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)

    DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

    DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

    DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

    DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

    DRV:64bit: - [2009/06/10 17:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

    DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

    DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

    DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

    DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

    DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

    DRV - [2011/05/03 17:36:58 | 000,014,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision\RTCore64.sys -- (RTCore64)

    DRV - [2010/09/17 15:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys -- (LMIInfo)

    DRV - [2009/10/12 14:31:04 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oquefazernainternet.com/

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.oquefazernainternet.com/

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oquefazernainternet.com/

    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.oquefazernainternet.com/

    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/

    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.oquefazernainternet.com/

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = F:\Programas\Programas\Windows 7 e Virtualizacao

    IE - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/

    IE - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:tabs

    IE - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR

    IE - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E8 EF 26 24 35 DC CB 01 [binary data]

    IE - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    O1 HOSTS File: ([2011/07/06 22:48:04 | 000,000,025 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

    O1 - Hosts: 127.0.0.1 localhost

    O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)

    O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)

    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

    O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

    O4 - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000..\Run: [cacaoweb] File not found

    O4 - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O7 - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O7 - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

    O7 - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    O7 - HKU\S-1-5-21-3521487236-4268354664-1027353881-1018\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O9:64bit: - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

    O9:64bit: - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

    O9:64bit: - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

    O9:64bit: - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1

    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

    O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found

    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

    O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

    O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)

    O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)

    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

    O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

    O32 - HKLM CDRom: AutoRun - 1

    O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

    O32 - AutoRun File - [2009/06/27 05:58:43 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]

    O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]

    O34 - HKLM BootExecute: (autocheck autochk *) - File not found

    O35:64bit: - HKLM\..comfile [open] -- "%1" %*

    O35:64bit: - HKLM\..exefile [open] -- "%1" %*

    O35 - HKLM\..comfile [open] -- "%1" %*

    O35 - HKLM\..exefile [open] -- "%1" %*

    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

    O37 - HKLM\...com [@ = comfile] -- "%1" %*

    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

    MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

    MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

    MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)

    MsConfig:64bit - StartUpReg: cacaoweb - hkey= - key= - File not found

    MsConfig:64bit - StartUpReg: LogMeIn GUI - hkey= - key= - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)

    MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

    MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

    MsConfig:64bit - StartUpReg: vmware-tray - hkey= - key= - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)

    MsConfig:64bit - State: "startup" - Reg Error: Key error.

    MsConfig:64bit - State: "services" - Reg Error: Key error.

    MsConfig:64bit - State: "bootini" - Reg Error: Key error.

    SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

    SafeBootMin:64bit: Base - Driver Group

    SafeBootMin:64bit: Boot Bus estender - Driver Group

    SafeBootMin:64bit: Boot file system - Driver Group

    SafeBootMin:64bit: File system - Driver Group

    SafeBootMin:64bit: Filter - Driver Group

    SafeBootMin:64bit: HelpSvc - Service

    SafeBootMin:64bit: PCI Configuration - Driver Group

    SafeBootMin:64bit: PNP Filter - Driver Group

    SafeBootMin:64bit: Primary disk - Driver Group

    SafeBootMin:64bit: sacsvr - Service

    SafeBootMin:64bit: SCSI Class - Driver Group

    SafeBootMin:64bit: System Bus estender - Driver Group

    SafeBootMin:64bit: vmms - Service

    SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

    SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

    SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

    SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

    SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

    SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

    SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

    SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

    SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

    SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

    SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

    SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

    SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

    SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

    SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

    SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    SafeBootMin: Base - Driver Group

    SafeBootMin: Boot Bus estender - Driver Group

    SafeBootMin: Boot file system - Driver Group

    SafeBootMin: File system - Driver Group

    SafeBootMin: Filter - Driver Group

    SafeBootMin: HelpSvc - Service

    SafeBootMin: PCI Configuration - Driver Group

    SafeBootMin: PNP Filter - Driver Group

    SafeBootMin: Primary disk - Driver Group

    SafeBootMin: sacsvr - Service

    SafeBootMin: SCSI Class - Driver Group

    SafeBootMin: System Bus estender - Driver Group

    SafeBootMin: vmms - Service

    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

    SafeBootNet:64bit: Base - Driver Group

    SafeBootNet:64bit: Boot Bus estender - Driver Group

    SafeBootNet:64bit: Boot file system - Driver Group

    SafeBootNet:64bit: File system - Driver Group

    SafeBootNet:64bit: Filter - Driver Group

    SafeBootNet:64bit: HelpSvc - Service

    SafeBootNet:64bit: Messenger - Service

    SafeBootNet:64bit: NDIS Wrapper - Driver Group

    SafeBootNet:64bit: NetBIOSGroup - Driver Group

    SafeBootNet:64bit: NetDDEGroup - Driver Group

    SafeBootNet:64bit: Network - Driver Group

    SafeBootNet:64bit: NetworkProvider - Driver Group

    SafeBootNet:64bit: PCI Configuration - Driver Group

    SafeBootNet:64bit: PNP Filter - Driver Group

    SafeBootNet:64bit: PNP_TDI - Driver Group

    SafeBootNet:64bit: Primary disk - Driver Group

    SafeBootNet:64bit: rdsessmgr - Service

    SafeBootNet:64bit: sacsvr - Service

    SafeBootNet:64bit: SCSI Class - Driver Group

    SafeBootNet:64bit: Streams Drivers - Driver Group

    SafeBootNet:64bit: System Bus estender - Driver Group

    SafeBootNet:64bit: TDI - Driver Group

    SafeBootNet:64bit: vmms - Service

    SafeBootNet:64bit: WudfUsbccidDriver - Driver

    SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

    SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

    SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

    SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

    SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

    SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

    SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

    SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

    SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

    SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

    SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

    SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

    SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

    SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

    SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

    SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

    SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

    SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

    SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

    SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

    SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    SafeBootNet: Base - Driver Group

    SafeBootNet: Boot Bus estender - Driver Group

    SafeBootNet: Boot file system - Driver Group

    SafeBootNet: File system - Driver Group

    SafeBootNet: Filter - Driver Group

    SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)

    SafeBootNet: HelpSvc - Service

    SafeBootNet: Messenger - Service

    SafeBootNet: NDIS Wrapper - Driver Group

    SafeBootNet: NetBIOSGroup - Driver Group

    SafeBootNet: NetDDEGroup - Driver Group

    SafeBootNet: Network - Driver Group

    SafeBootNet: NetworkProvider - Driver Group

    SafeBootNet: PCI Configuration - Driver Group

    SafeBootNet: PNP Filter - Driver Group

    SafeBootNet: PNP_TDI - Driver Group

    SafeBootNet: Primary disk - Driver Group

    SafeBootNet: rdsessmgr - Service

    SafeBootNet: sacsvr - Service

    SafeBootNet: SCSI Class - Driver Group

    SafeBootNet: Streams Drivers - Driver Group

    SafeBootNet: System Bus estender - Driver Group

    SafeBootNet: TDI - Driver Group

    SafeBootNet: vmms - Service

    SafeBootNet: WudfUsbccidDriver - Driver

    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

    ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

    ActiveX: {49C187D7-91E1-459E-9759-2925384BD397} - .NET Framework

    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

    Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)

    Drivers32: msacm.ac3filter - ac3filter.acm File not found

    Drivers32: msacm.iac2 - C:\\Windows\\system32\\iac25_32.ax ()

    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

    Drivers32: msacm.msaudio1 - msaud32.acm File not found

    Drivers32: msacm.msg723 - msg723.acm File not found

    Drivers32: msacm.sl_anet - sl_anet.acm File not found

    Drivers32: msacm.trspch - tssoft32.acm File not found

    Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)

    Drivers32: msacm.voxacm160 - vct3216.acm File not found

    Drivers32: MSVideo - C:\Windows\SysWow64\vfwwdm32.dll (Microsoft Corporation)

    Drivers32: MSVideo8 - C:\Windows\SysWow64\vfwwdm32.dll (Microsoft Corporation)

    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    Drivers32: vidc.DIVX - DivX.dll File not found

    Drivers32: VIDC.DRAW - DVIDEO.DLL File not found

    Drivers32: vidc.ffds - C:\Windows\SysWow64\ffdshow.ax ()

    Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)

    Drivers32: vidc.i420 - i420vfw.dll File not found

    Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel® Corporation)

    Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel® Corporation)

    Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)

    Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)

    Drivers32: vidc.M261 - msh261.drv File not found

    Drivers32: vidc.M263 - msh263.drv File not found

    Drivers32: vidc.mp42 - MPG4C32.dll File not found

    Drivers32: VIDC.MSUD - msulvc05.dll File not found

    Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.)

    Drivers32: VIDC.VP40 - vp4vfw.dll File not found

    Drivers32: vidc.VP60 - vp6vfw.dll File not found

    Drivers32: vidc.VP61 - vp6vfw.dll File not found

    Drivers32: vidc.VP62 - vp6vfw.dll File not found

    Drivers32: vidc.VP70 - vp7vfw.dll File not found

    Drivers32: VIDC.WMV3 - wmv9vcm.dll File not found

    Drivers32: vidc.X264 - x264vfw.dll File not found

    Drivers32: VIDC.YV12 - yv12vfw.dll File not found

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • ========== Files/Folders - Created Within 30 Days ==========

    [2011/07/08 22:21:52 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

    [2011/07/08 22:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

    [2011/07/08 22:01:34 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{FEF35A0E-0105-4DBB-A513-F5D882184779}

    [2011/07/07 20:55:15 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\COMODO

    [2011/07/07 20:52:03 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{5592D8EB-BE9D-4C66-8576-D315A664D868}

    [2011/07/06 22:56:36 | 000,000,000 | -H-D | C] -- C:\VritualRoot

    [2011/07/06 21:53:24 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{2729BFEB-D637-4023-9E8D-82D13E2836A1}

    [2011/07/06 00:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO

    [2011/07/06 00:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO

    [2011/07/06 00:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo

    [2011/07/06 00:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader

    [2011/07/02 20:40:02 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\PAUL()\Desktop\OTL.exe

    [2011/07/01 22:29:58 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys

    [2011/07/01 22:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

    [2011/06/30 13:46:01 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe

    [2011/06/30 13:46:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll

    [2011/06/30 13:45:58 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll

    [2011/06/30 13:45:58 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll

    [2011/06/30 13:45:57 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll

    [2011/06/30 13:45:57 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll

    [2011/06/30 13:45:57 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe

    [2011/06/30 13:45:55 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll

    [2011/06/30 13:45:54 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll

    [2011/06/30 13:45:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe

    [2011/06/30 13:44:49 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll

    [2011/06/30 13:44:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll

    [2011/06/30 13:43:43 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll

    [2011/06/30 13:41:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll

    [2011/06/30 13:40:51 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll

    [2011/06/30 13:32:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll

    [2011/06/30 09:38:08 | 000,016,016 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys

    [2011/06/30 09:37:26 | 000,363,560 | ---- | C] (COMODO) -- C:\Windows\SysNative\guard64.dll

    [2011/06/30 09:37:26 | 000,285,256 | ---- | C] (COMODO) -- C:\Windows\SysWow64\guard32.dll

    [2011/06/26 21:04:51 | 000,000,000 | ---D | C] -- C:\Windows\temp

    [2011/06/23 14:01:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS

    [2011/06/23 14:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters

    [2011/06/22 23:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound

    [2011/06/22 23:58:53 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll

    [2011/06/22 23:58:52 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll

    [2011/06/22 23:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS

    [2011/06/22 23:58:49 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll

    [2011/06/22 23:58:49 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

    [2011/06/22 23:58:49 | 000,122,904 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll

    [2011/06/22 23:58:49 | 000,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll

    [2011/06/22 23:58:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL

    [2011/06/16 00:02:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

    [2011/06/16 00:02:58 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

    [2011/06/16 00:02:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

    [2011/06/16 00:02:57 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

    [2011/06/16 00:02:57 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

    [2011/06/16 00:02:57 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

    [2011/06/16 00:02:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

    [2011/06/16 00:02:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

    [2011/06/15 22:09:05 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

    [2011/06/14 14:05:28 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SupremeDemo

    [2011/06/14 14:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SupremeDemo

    [2004/11/24 16:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\SysWow64\drvc.dll

    [1996/11/18 21:15:46 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\IMPLODE.DLL

    [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/07/08 22:50:39 | 000,913,281 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat

    [2011/07/08 22:11:16 | 000,000,478 | ---- | M] () -- C:\Windows\ODBC.INI

    [2011/07/08 22:08:04 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    [2011/07/08 22:08:04 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    [2011/07/08 22:01:06 | 000,000,431 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics

    [2011/07/08 22:00:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

    [2011/07/08 22:00:45 | 3192,365,056 | -HS- | M] () -- C:\hiberfil.sys

    [2011/07/07 07:25:55 | 315,313,371 | ---- | M] () -- C:\Users\PAUL()\Desktop\diario4.mp3

    [2011/07/06 22:48:04 | 000,000,025 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

    [2011/07/06 07:00:01 | 279,408,518 | ---- | M] () -- C:\Users\PAUL()\Desktop\JP.SP.mp3

    [2011/07/06 01:10:44 | 000,001,213 | ---- | M] () -- C:\Users\PAUL()\Desktop\Everst Ultimate Edition 5.50.lnk

    [2011/07/06 01:10:20 | 000,002,090 | ---- | M] () -- C:\Users\PAUL()\Desktop\Import and Export Data (64-bit).lnk

    [2011/07/06 00:19:56 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk

    [2011/07/05 12:15:47 | 529,500,522 | ---- | M] () -- C:\Windows\MEMORY.DMP

    [2011/07/05 12:01:55 | 000,001,555 | ---- | M] () -- C:\Users\PAUL()\Desktop\SQL Server Management Studio.lnk

    [2011/07/04 22:28:04 | 000,000,836 | ---- | M] () -- C:\Users\PAUL()\Desktop\SQL Server Configuration Manager.lnk

    [2011/07/03 19:19:52 | 000,007,661 | ---- | M] () -- C:\Users\PAUL()\AppData\Local\resmon.resmoncfg

    [2011/07/02 20:40:03 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\PAUL()\Desktop\OTL.exe

    [2011/07/02 02:19:41 | 000,001,242 | ---- | M] () -- C:\Users\PAUL()\Desktop\Resource Monitor.lnk

    [2011/07/01 22:29:59 | 000,000,637 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk

    [2011/06/30 14:38:57 | 000,424,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

    [2011/06/30 09:38:08 | 000,016,016 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys

    [2011/06/30 09:37:26 | 000,363,560 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll

    [2011/06/30 09:37:26 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll

    [2011/06/26 12:21:33 | 001,962,596 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

    [2011/06/26 12:21:33 | 000,817,002 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat

    [2011/06/26 12:21:33 | 000,765,570 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

    [2011/06/26 12:21:33 | 000,196,436 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat

    [2011/06/26 12:21:33 | 000,171,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

    [2011/06/22 23:58:49 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll

    [2011/06/22 23:58:49 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

    [2011/06/22 23:58:49 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll

    [2011/06/22 23:58:49 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll

    [2011/06/22 23:52:25 | 000,001,559 | ---- | M] () -- C:\Users\Public\Desktop\DiRT 3.lnk

    [2011/06/21 12:03:46 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    [2011/06/21 00:15:59 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET

    [2011/06/14 15:24:00 | 000,000,625 | ---- | M] () -- C:\Users\PAUL()\Desktop\GTA Vice City.lnk

    [2011/06/14 14:05:28 | 000,000,759 | ---- | M] () -- C:\Users\PAUL()\Desktop\SUPREME Demo.lnk

    [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/07/07 01:10:32 | 315,313,371 | ---- | C] () -- C:\Users\PAUL()\Desktop\diario4.mp3

    [2011/07/06 01:27:23 | 279,408,518 | ---- | C] () -- C:\Users\PAUL()\Desktop\JP.SP.mp3

    [2011/07/06 00:21:00 | 000,913,281 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat

    [2011/07/06 00:19:56 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk

    [2011/07/02 02:19:41 | 000,001,242 | ---- | C] () -- C:\Users\PAUL()\Desktop\Resource Monitor.lnk

    [2011/07/01 22:29:59 | 000,000,637 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk

    [2011/07/01 01:20:01 | 000,007,661 | ---- | C] () -- C:\Users\PAUL()\AppData\Local\resmon.resmoncfg

    [2011/06/22 23:52:25 | 000,001,559 | ---- | C] () -- C:\Users\Public\Desktop\DiRT 3.lnk

    [2011/06/14 15:24:00 | 000,000,625 | ---- | C] () -- C:\Users\PAUL()\Desktop\GTA Vice City.lnk

    [2011/06/14 14:05:28 | 000,000,759 | ---- | C] () -- C:\Users\PAUL()\Desktop\SUPREME Demo.lnk

    [2011/05/20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

    [2011/05/17 21:54:30 | 000,002,391 | ---- | C] () -- C:\Windows\Dbexplr.INI

    [2011/05/02 00:27:24 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\bcevent.dll

    [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

    [2011/03/10 01:05:59 | 000,000,163 | ---- | C] () -- C:\Users\PAUL()\AppData\Roaming\default.rss

    [2011/03/10 01:05:50 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

    [2011/03/04 10:44:32 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe

    [2011/03/02 00:36:13 | 000,037,888 | ---- | C] () -- C:\Windows\SysWow64\insrepim.exe

    [2011/03/01 21:05:04 | 001,899,570 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

    [2011/03/01 20:39:09 | 000,001,459 | ---- | C] () -- C:\Windows\ODBCINST.INI

    [2011/03/01 20:21:41 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\WINPPLB.dll

    [2011/03/01 20:21:41 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\WinPort.dll

    [2011/03/01 20:21:40 | 001,335,296 | ---- | C] () -- C:\Windows\SysWow64\BemaMFD2.dll

    [2011/03/01 20:21:40 | 000,394,240 | ---- | C] () -- C:\Windows\SysWow64\DllInscE32.dll

    [2011/03/01 20:21:40 | 000,011,900 | ---- | C] () -- C:\Windows\SysWow64\BemaFI32.ini

    [2011/03/01 13:00:22 | 000,000,478 | ---- | C] () -- C:\Windows\ODBC.INI

    [2011/02/23 23:28:12 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL

    [2010/01/25 12:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

    [2009/07/14 02:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

    [2009/07/13 23:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

    [2009/07/13 23:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

    [2009/07/13 21:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

    [2009/07/13 20:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

    [2009/07/13 18:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

    [2009/06/10 18:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

    [2008/12/19 12:15:58 | 004,338,246 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll

    [2008/12/17 14:41:18 | 000,884,237 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll

    [2008/12/17 14:22:58 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll

    [2008/12/17 14:22:48 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

    [2008/12/17 14:17:34 | 000,239,247 | ---- | C] () -- C:\Windows\SysWow64\ff_theora.dll

    [2008/12/17 13:59:54 | 000,560,802 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll

    [2006/11/02 13:10:16 | 000,080,912 | ---- | C] () -- C:\Windows\SysWow64\sherlock2.exe

    [2004/10/03 14:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\ff_mpeg2enc.dll

    ========== LOP Check ==========

    [2011/01/25 15:13:55 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\DAEMON Tools Lite

    [2011/06/30 12:15:38 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\FreeFLVConverter

    [2011/03/13 19:48:53 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\Hardcore

    [2011/03/05 22:09:17 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\IsolatedStorage

    [2011/03/07 15:40:49 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\Need for Speed World

    [2011/02/19 20:02:40 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\New Technology Studio

    [2011/02/09 16:27:10 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\Sony

    [2011/06/30 12:15:41 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\TeamViewer

    [2011/07/06 00:42:00 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\uTorrent

    [2011/05/03 21:02:40 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\Windows Live Writer

    [2011/06/14 12:52:11 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========

    ========== Custom Scans ==========

    < MD5 for: ATAPI.SYS >

    [2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys

    [2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

    [2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

    [2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

    [2009/07/13 22:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

    < MD5 for: CNGAUDIT.DLL >

    [2009/07/13 22:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll

    [2009/07/13 22:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

    [2009/07/13 22:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

    [2009/07/13 22:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll

    [2009/07/13 22:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

    [2009/07/13 22:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

    < MD5 for: NETLOGON.DLL >

    [2009/07/13 22:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

    [2010/11/20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll

    [2010/11/20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

    [2010/11/20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

    [2010/11/20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll

    [2010/11/20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

    [2010/11/20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

    [2009/07/13 22:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

    < MD5 for: NVSTOR.SYS >

    [2009/07/13 22:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

    [2011/03/11 03:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys

    [2011/03/11 03:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys

    [2011/03/11 03:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

    [2011/03/11 03:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

    [2011/03/11 03:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

    [2011/03/11 03:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

    [2010/11/20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

    [2010/11/20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

    < MD5 for: SCECLI.DLL >

    [2009/07/13 22:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

    [2009/07/13 22:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

    [2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll

    [2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

    [2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

    [2010/11/20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll

    [2010/11/20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

    [2010/11/20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

    < End of report >

    Editado por cobracega

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro cobracega

    Novamente com o OTL

    • Clique duas vezes no ícone 3984478580_7ed4cabc45_o.gif
    • Copie e cole o conteúdo abaixo, no espaço logo após 5369460409_ee749edc8e_m.jpg

    :OTL
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oquefazernainternet.com/
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.oquefazernainternet.com/
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oquefazernainternet.com/
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.oquefazernainternet.com/
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.oquefazernainternet.com/
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/
    IE - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/
    O4 - HKU\S-1-5-21-3521487236-4268354664-1027353881-1000..\Run: [cacaoweb] File not found
    MsConfig:64bit - StartUpReg: cacaoweb - hkey= - key= - File not found

    :Reg

    :Commands
    [purity]
    [emptyflash]
    [resethosts]
    [createrestorepoint]
    [emptytemp]

    • Clique no botão 5370056394_358505935a_m.jpg
    • Quando reiniciar vai aparecer uma janela, clique em executar;
    • Salve (arquivo > salvar como) o log no desktop com um nome que desejar;
    • Atenção: se fechar o log sem ter salvo antes ele sumirá.
    • Abra novamente o OTL e clique no botão 5370056476_bf9f840a51_m.jpg
    • Não interrompa o scan em hipótese algum;
    • Quando terminar será gerado o OTL.txt;
    • Poste então em sua próxima resposta o log gerado.

    Observação: Se por acaso perder o log depois do reinício do computador você poderá acessá-lo na pasta C:\_OTL\Moved Files

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa noite, como vai?

    All processes killed

    ========== OTL ==========

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!

    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!

    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

    HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!

    HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

    HKU\S-1-5-21-3521487236-4268354664-1027353881-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

    Registry value HKEY_USERS\S-1-5-21-3521487236-4268354664-1027353881-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cacaoweb deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\cacaoweb\ not found.

    ========== REGISTRY ==========

    ========== COMMANDS ==========

    [EMPTYFLASH]

    User: All Users

    User: Convidado

    User: Default

    User: Default User

    User: LogMeInRemoteUser

    User: PAUL()

    ->Flash cache emptied: 80871 bytes

    User: Public

    User: Todos os Usuários

    User: UpdatusUser

    User: Usuario

    ->Flash cache emptied: 456 bytes

    User: Usuário Padrão

    Total Flash Files Cleaned = 0,00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.

    HOSTS file reset successfully

    Restore point Set: OTL Restore Point

    [EMPTYTEMP]

    User: All Users

    User: Convidado

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 67 bytes

    User: Default

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 67 bytes

    User: Default User

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

    User: LogMeInRemoteUser

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 67 bytes

    User: PAUL()

    ->Temp folder emptied: 685467536 bytes

    ->Temporary Internet Files folder emptied: 16886188 bytes

    ->Flash cache emptied: 0 bytes

    User: Public

    ->Temp folder emptied: 0 bytes

    User: Todos os Usuários

    User: UpdatusUser

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 67 bytes

    User: Usuario

    ->Temp folder emptied: 58279 bytes

    ->Temporary Internet Files folder emptied: 20090512 bytes

    ->Flash cache emptied: 0 bytes

    User: Usuário Padrão

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes

    %systemroot% .tmp files removed: 0 bytes

    %systemroot%\System32 .tmp files removed: 1618992 bytes

    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes

    %systemroot%\System32\drivers .tmp files removed: 0 bytes

    Windows Temp folder emptied: 4362166 bytes

    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85357 bytes

    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 695,00 mb

    OTL by OldTimer - Version 3.2.25.0 log created on 07102011_233210

    Files\Folders moved on Reboot...

    C:\Users\PAUL()\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    C:\Users\PAUL()\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.

    Registry entries deleted on Reboot...

    OTL logfile created on: 10/07/2011 23:36:33 - Run 3

    OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\PAUL()\Desktop

    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

    Internet Explorer (Version = 9.0.8112.16421)

    Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

    3,96 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 65,76% Memory free

    11,93 Gb Paging File | 10,29 Gb Available in Paging File | 86,28% Paging File free

    Paging file location(s): c:\pagefile.sys 8155 12232 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

    Drive C: | 195,21 Gb Total Space | 77,55 Gb Free Space | 39,72% Space Free | Partition Type: NTFS

    Drive D: | 78,13 Gb Total Space | 44,12 Gb Free Space | 56,47% Space Free | Partition Type: NTFS

    Drive E: | 78,13 Gb Total Space | 40,62 Gb Free Space | 51,99% Space Free | Partition Type: NTFS

    Drive F: | 309,50 Gb Total Space | 38,77 Gb Free Space | 12,53% Space Free | Partition Type: NTFS

    Drive G: | 736,20 Gb Total Space | 497,72 Gb Free Space | 67,61% Space Free | Partition Type: NTFS

    Drive M: | 100,00 Mb Total Space | 69,98 Mb Free Space | 69,98% Space Free | Partition Type: NTFS

    Computer Name: PAUL0 | User Name: PAUL() | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/07/02 20:40:03 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\PAUL()\Desktop\OTL.exe

    PRC - [2011/06/01 09:44:54 | 008,003,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe

    PRC - [2011/06/01 09:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

    PRC - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

    PRC - [2011/05/03 17:37:02 | 000,355,432 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\EVGAPrecision.exe

    PRC - [2010/12/06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

    PRC - [2010/06/14 22:54:22 | 002,320,304 | ---- | M] (Beepa P/L) -- F:\Programas\Fraps\fraps.exe

    PRC - [2009/10/22 05:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe

    PRC - [2009/10/22 04:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe

    PRC - [1998/11/13 02:06:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\MSSQL7\Binn\sqlmangr.exe

    ========== Modules (SafeList) ==========

    MOD - [2011/07/02 20:40:03 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\PAUL()\Desktop\OTL.exe

    MOD - [2011/06/30 09:37:26 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll

    MOD - [2010/11/20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

    MOD - [2010/06/14 22:54:34 | 000,206,768 | ---- | M] (Beepa P/L) -- F:\Programas\Fraps\fraps32.dll

    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/06/30 09:37:30 | 002,528,096 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)

    SRV:64bit: - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

    SRV - [2011/06/01 09:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)

    SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

    SRV - [2011/05/25 04:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

    SRV - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

    SRV - [2011/05/15 11:12:10 | 000,403,240 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

    SRV - [2010/12/08 13:12:10 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)

    SRV - [2010/12/08 13:12:04 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)

    SRV - [2010/12/06 08:31:50 | 002,101,640 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

    SRV - [2010/11/08 12:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)

    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

    SRV - [2009/12/07 00:19:00 | 001,590,216 | ---- | M] (UltraVNC) [Disabled | Stopped] -- C:\Program Files (x86)\UltraVNC\winvnc.exe -- (uvnc_service)

    SRV - [2009/10/22 05:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)

    SRV - [2009/10/22 04:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)

    SRV - [2009/10/22 04:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)

    SRV - [2009/10/22 03:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)

    SRV - [2009/10/12 14:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)

    SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

    SRV - [2008/09/24 13:32:48 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

    SRV - [1998/11/23 23:06:54 | 004,972,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\MSSQL7\Binn\sqlservr.exe -- (MSSQLServer)

    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/06/30 09:38:08 | 000,016,016 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)

    DRV:64bit: - [2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

    DRV:64bit: - [2011/05/25 04:25:48 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

    DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

    DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

    DRV:64bit: - [2011/02/17 17:21:12 | 000,156,080 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

    DRV:64bit: - [2011/01/20 12:09:26 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

    DRV:64bit: - [2011/01/12 06:42:12 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)

    DRV:64bit: - [2010/12/08 13:12:30 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)

    DRV:64bit: - [2010/11/20 05:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)

    DRV:64bit: - [2010/11/20 05:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)

    DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

    DRV:64bit: - [2010/11/20 03:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)

    DRV:64bit: - [2010/11/20 03:35:26 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)

    DRV:64bit: - [2010/11/20 03:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)

    DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

    DRV:64bit: - [2010/11/20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

    DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)

    DRV:64bit: - [2010/09/17 15:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)

    DRV:64bit: - [2010/09/17 15:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)

    DRV:64bit: - [2010/02/03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

    DRV:64bit: - [2009/10/22 05:01:10 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)

    DRV:64bit: - [2009/10/22 05:01:04 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)

    DRV:64bit: - [2009/10/22 05:00:58 | 000,068,144 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)

    DRV:64bit: - [2009/10/22 05:00:56 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)

    DRV:64bit: - [2009/10/22 03:47:50 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)

    DRV:64bit: - [2009/10/22 00:13:28 | 000,045,104 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)

    DRV:64bit: - [2009/10/22 00:13:28 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)

    DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

    DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

    DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

    DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

    DRV:64bit: - [2009/06/10 17:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

    DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

    DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

    DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

    DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

    DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

    DRV - [2011/05/03 17:36:58 | 000,014,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision\RTCore64.sys -- (RTCore64)

    DRV - [2010/09/17 15:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys -- (LMIInfo)

    DRV - [2009/10/12 14:31:04 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = F:\Programas\Programas\Windows 7 e Virtualizacao

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:tabs

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E8 EF 26 24 35 DC CB 01 [binary data]

    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    O1 HOSTS File: ([2011/07/10 23:32:17 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

    O1 - Hosts: 127.0.0.1 localhost

    O1 - Hosts: ::1 localhost

    O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)

    O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)

    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

    O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

    O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    O9:64bit: - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

    O9:64bit: - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

    O9:64bit: - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

    O9:64bit: - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

    O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found

    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

    O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

    O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)

    O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)

    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

    O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

    O32 - HKLM CDRom: AutoRun - 1

    O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

    O32 - AutoRun File - [2009/06/27 05:58:43 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]

    O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]

    O34 - HKLM BootExecute: (autocheck autochk *) - File not found

    O35:64bit: - HKLM\..comfile [open] -- "%1" %*

    O35:64bit: - HKLM\..exefile [open] -- "%1" %*

    O35 - HKLM\..comfile [open] -- "%1" %*

    O35 - HKLM\..exefile [open] -- "%1" %*

    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

    O37 - HKLM\...com [@ = comfile] -- "%1" %*

    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/07/10 23:32:10 | 000,000,000 | ---D | C] -- C:\_OTL

    [2011/07/10 23:02:16 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Roaming\cacaoweb

    [2011/07/10 11:38:01 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{C919F0F2-73FB-49E8-AC9A-388856FBE036}

    [2011/07/09 19:05:11 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\Deployment

    [2011/07/09 14:29:16 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{53D90B5A-85B2-43DC-953A-4765FE9866E7}

    [2011/07/08 23:03:52 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{B180AA94-C1F1-417F-A537-D51C49AE6093}

    [2011/07/08 22:21:52 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

    [2011/07/08 22:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

    [2011/07/08 22:01:34 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{FEF35A0E-0105-4DBB-A513-F5D882184779}

    [2011/07/07 20:55:15 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\COMODO

    [2011/07/07 20:52:03 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{5592D8EB-BE9D-4C66-8576-D315A664D868}

    [2011/07/06 22:56:36 | 000,000,000 | -H-D | C] -- C:\VritualRoot

    [2011/07/06 21:53:24 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Local\{2729BFEB-D637-4023-9E8D-82D13E2836A1}

    [2011/07/06 00:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO

    [2011/07/06 00:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO

    [2011/07/06 00:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo

    [2011/07/06 00:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader

    [2011/07/02 20:40:02 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\PAUL()\Desktop\OTL.exe

    [2011/07/01 22:29:58 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys

    [2011/07/01 22:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

    [2011/06/30 09:38:08 | 000,016,016 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys

    [2011/06/30 09:37:26 | 000,363,560 | ---- | C] (COMODO) -- C:\Windows\SysNative\guard64.dll

    [2011/06/30 09:37:26 | 000,285,256 | ---- | C] (COMODO) -- C:\Windows\SysWow64\guard32.dll

    [2011/06/26 21:04:51 | 000,000,000 | ---D | C] -- C:\Windows\temp

    [2011/06/23 14:01:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS

    [2011/06/23 14:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters

    [2011/06/22 23:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound

    [2011/06/22 23:58:52 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll

    [2011/06/22 23:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS

    [2011/06/22 23:58:49 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll

    [2011/06/22 23:58:49 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

    [2011/06/22 23:58:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL

    [2011/06/14 14:05:28 | 000,000,000 | ---D | C] -- C:\Users\PAUL()\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SupremeDemo

    [2011/06/14 14:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SupremeDemo

    [2004/11/24 16:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\SysWow64\drvc.dll

    [1996/11/18 21:15:46 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\IMPLODE.DLL

    ========== Files - Modified Within 30 Days ==========

    [2011/07/10 23:34:39 | 000,000,432 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics

    [2011/07/10 23:34:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

    [2011/07/10 23:34:20 | 3192,365,056 | -HS- | M] () -- C:\hiberfil.sys

    [2011/07/10 23:34:18 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat

    [2011/07/10 23:32:17 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts

    [2011/07/10 22:28:55 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    [2011/07/10 22:28:55 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    [2011/07/10 11:13:02 | 000,000,908 | ---- | M] () -- C:\Users\PAUL()\Desktop\SQL Server Configuration Manager.lnk

    [2011/07/10 11:11:51 | 000,007,661 | ---- | M] () -- C:\Users\PAUL()\AppData\Local\resmon.resmoncfg

    [2011/07/10 00:27:03 | 000,092,468 | ---- | M] () -- C:\Users\PAUL()\Desktop\PQAAAEEz6w3zoZ4T_sYlwTQTR3zPGonRGm0M0_DPsP56qs4rTvwTiibrNuCD-Cy--i3lWlFOQdX37iInTc38-sTS_nkAm1T1UDFdRGjjqPMVnApDmzEg6g3lPdvl.jpg

    [2011/07/09 19:35:16 | 001,962,596 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

    [2011/07/09 19:35:16 | 000,817,002 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat

    [2011/07/09 19:35:16 | 000,765,570 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

    [2011/07/09 19:35:16 | 000,196,436 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat

    [2011/07/09 19:35:16 | 000,171,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

    [2011/07/09 17:02:40 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Pro Evolution Soccer 2011.lnk

    [2011/07/08 22:11:16 | 000,000,478 | ---- | M] () -- C:\Windows\ODBC.INI

    [2011/07/07 07:25:55 | 315,313,371 | ---- | M] () -- C:\Users\PAUL()\Desktop\diario4.mp3

    [2011/07/06 07:00:01 | 279,408,518 | ---- | M] () -- C:\Users\PAUL()\Desktop\JP.SP.mp3

    [2011/07/06 01:10:44 | 000,001,213 | ---- | M] () -- C:\Users\PAUL()\Desktop\Everst Ultimate Edition 5.50.lnk

    [2011/07/06 01:10:20 | 000,002,090 | ---- | M] () -- C:\Users\PAUL()\Desktop\Import and Export Data (64-bit).lnk

    [2011/07/06 00:19:56 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk

    [2011/07/05 12:15:47 | 529,500,522 | ---- | M] () -- C:\Windows\MEMORY.DMP

    [2011/07/05 12:01:55 | 000,001,555 | ---- | M] () -- C:\Users\PAUL()\Desktop\SQL Server Management Studio.lnk

    [2011/07/02 20:40:03 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\PAUL()\Desktop\OTL.exe

    [2011/07/02 02:19:41 | 000,001,242 | ---- | M] () -- C:\Users\PAUL()\Desktop\Resource Monitor.lnk

    [2011/07/01 22:29:59 | 000,000,637 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk

    [2011/06/30 14:38:57 | 000,424,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

    [2011/06/30 09:38:08 | 000,016,016 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys

    [2011/06/30 09:37:26 | 000,363,560 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll

    [2011/06/30 09:37:26 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll

    [2011/06/22 23:58:49 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll

    [2011/06/22 23:58:49 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

    [2011/06/22 23:52:25 | 000,001,559 | ---- | M] () -- C:\Users\Public\Desktop\DiRT 3.lnk

    [2011/06/21 00:15:59 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET

    [2011/06/14 15:24:00 | 000,000,625 | ---- | M] () -- C:\Users\PAUL()\Desktop\GTA Vice City.lnk

    [2011/06/14 14:05:28 | 000,000,759 | ---- | M] () -- C:\Users\PAUL()\Desktop\SUPREME Demo.lnk

    ========== Files Created - No Company Name ==========

    [2011/07/10 00:27:37 | 000,092,468 | ---- | C] () -- C:\Users\PAUL()\Desktop\PQAAAEEz6w3zoZ4T_sYlwTQTR3zPGonRGm0M0_DPsP56qs4rTvwTiibrNuCD-Cy--i3lWlFOQdX37iInTc38-sTS_nkAm1T1UDFdRGjjqPMVnApDmzEg6g3lPdvl.jpg

    [2011/07/07 01:10:32 | 315,313,371 | ---- | C] () -- C:\Users\PAUL()\Desktop\diario4.mp3

    [2011/07/06 01:27:23 | 279,408,518 | ---- | C] () -- C:\Users\PAUL()\Desktop\JP.SP.mp3

    [2011/07/06 00:21:00 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat

    [2011/07/06 00:19:56 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk

    [2011/07/02 02:19:41 | 000,001,242 | ---- | C] () -- C:\Users\PAUL()\Desktop\Resource Monitor.lnk

    [2011/07/01 22:29:59 | 000,000,637 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk

    [2011/07/01 01:20:01 | 000,007,661 | ---- | C] () -- C:\Users\PAUL()\AppData\Local\resmon.resmoncfg

    [2011/06/22 23:52:25 | 000,001,559 | ---- | C] () -- C:\Users\Public\Desktop\DiRT 3.lnk

    [2011/06/14 15:24:00 | 000,000,625 | ---- | C] () -- C:\Users\PAUL()\Desktop\GTA Vice City.lnk

    [2011/06/14 14:05:28 | 000,000,759 | ---- | C] () -- C:\Users\PAUL()\Desktop\SUPREME Demo.lnk

    [2011/05/20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

    [2011/05/17 21:54:30 | 000,002,391 | ---- | C] () -- C:\Windows\Dbexplr.INI

    [2011/05/02 00:27:24 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\bcevent.dll

    [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

    [2011/03/10 01:05:59 | 000,000,163 | ---- | C] () -- C:\Users\PAUL()\AppData\Roaming\default.rss

    [2011/03/10 01:05:50 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

    [2011/03/04 10:44:32 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe

    [2011/03/02 00:36:13 | 000,037,888 | ---- | C] () -- C:\Windows\SysWow64\insrepim.exe

    [2011/03/01 21:05:04 | 001,899,570 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

    [2011/03/01 20:39:09 | 000,001,459 | ---- | C] () -- C:\Windows\ODBCINST.INI

    [2011/03/01 20:21:41 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\WINPPLB.dll

    [2011/03/01 20:21:41 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\WinPort.dll

    [2011/03/01 20:21:40 | 001,335,296 | ---- | C] () -- C:\Windows\SysWow64\BemaMFD2.dll

    [2011/03/01 20:21:40 | 000,394,240 | ---- | C] () -- C:\Windows\SysWow64\DllInscE32.dll

    [2011/03/01 20:21:40 | 000,011,900 | ---- | C] () -- C:\Windows\SysWow64\BemaFI32.ini

    [2011/03/01 13:00:22 | 000,000,478 | ---- | C] () -- C:\Windows\ODBC.INI

    [2011/02/23 23:28:12 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL

    [2010/01/25 12:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

    [2009/07/14 02:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

    [2009/07/13 23:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

    [2009/07/13 23:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

    [2009/07/13 21:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

    [2009/07/13 20:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

    [2009/07/13 18:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

    [2009/06/10 18:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

    [2008/12/19 12:15:58 | 004,338,246 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll

    [2008/12/17 14:41:18 | 000,884,237 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll

    [2008/12/17 14:22:58 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll

    [2008/12/17 14:22:48 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

    [2008/12/17 14:17:34 | 000,239,247 | ---- | C] () -- C:\Windows\SysWow64\ff_theora.dll

    [2008/12/17 13:59:54 | 000,560,802 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll

    [2006/11/02 13:10:16 | 000,080,912 | ---- | C] () -- C:\Windows\SysWow64\sherlock2.exe

    [2004/10/03 14:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\ff_mpeg2enc.dll

    ========== LOP Check ==========

    [2011/07/10 23:04:12 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\cacaoweb

    [2011/01/25 15:13:55 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\DAEMON Tools Lite

    [2011/06/30 12:15:38 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\FreeFLVConverter

    [2011/03/13 19:48:53 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\Hardcore

    [2011/03/05 22:09:17 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\IsolatedStorage

    [2011/03/07 15:40:49 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\Need for Speed World

    [2011/02/19 20:02:40 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\New Technology Studio

    [2011/02/09 16:27:10 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\Sony

    [2011/06/30 12:15:41 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\TeamViewer

    [2011/07/06 00:42:00 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\uTorrent

    [2011/05/03 21:02:40 | 000,000,000 | ---D | M] -- C:\Users\PAUL()\AppData\Roaming\Windows Live Writer

    [2011/06/14 12:52:11 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========

    < End of report >

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro cobracega

    Faça o download do Malwarebytes Anti-Malware:

    • Link1
    • Link alternativo
      • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
      • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
      • Se existirem atualizações, elas serão baixadas e instaladas.
      • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
      • O scan iniciará e poderá ser demorado. Por favor seja paciente.
      • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
      • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
      • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
      • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
      • Copie e cole o conteúdo desse log na sua próxima resposta.

    Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa noite.

    Como eu ja usava o malwarebytes eu apenas atualizei ele e executei a verificação.

    Log.>

    Malwarebytes' Anti-Malware 1.51.1.1800

    www.malwarebytes.org

    Versão da Base de Dados: 7143

    Windows 6.1.7601 Service Pack 1

    Internet Explorer 9.0.8112.16421

    15/07/2011 01:42:21

    mbam-log-2011-07-15 (01-42-21).txt

    Tipo de Verificação: Verificação Rápida

    Objetos escaneados: 221925

    Tempo decorrido: 4 minuto(s), 15 segundo(s)

    Processos de Memória Infectados: 0

    Módulos de Memória Infectados: 0

    Chaves de Registro Infectadas: 0

    Valores de Registro Infectados: 0

    Itens de Dados no Registro Infectados: 0

    Pastas Infectadas: 0

    Arquivos Infectados: 0

    Processos de Memória Infectados:

    (Não foram detectados ítens maliciosos)

    Módulos de Memória Infectados:

    (Não foram detectados ítens maliciosos)

    Chaves de Registro Infectadas:

    (Não foram detectados ítens maliciosos)

    Valores de Registro Infectados:

    (Não foram detectados ítens maliciosos)

    Itens de Dados no Registro Infectados:

    (Não foram detectados ítens maliciosos)

    Pastas Infectadas:

    (Não foram detectados ítens maliciosos)

    Arquivos Infectados:

    (Não foram detectados ítens maliciosos)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    O Diego teve alguns problemas e não poderá dar continuidade ao seu caso.

    Os problemas ainda persistem?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa Noite.

    Então, foi como eu disse a ele, meu computador após algum tempo de estar ligado começava a travar, tendo que reiniciar para ele voltar ao normal, aí só depois de alguns dias que eu tive a ideia de desinstalar o KIS 2010, que era a causa dos meus problemas, aí como ele já estava analisando meu caso, eu pedi a ele que, se tivesse como, confirmasse se meu computador estava realmente limpo, e assim deu continuidade no caso, mas o problema em si não existe mais.

    É isso :D

    At+

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Seus logs estão limpos.

    Podemos dar o caso por resolvido?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Opa! Pode sim, o computador está aparentemente normal.

    Agradeço a você e ao diego_moicano pela atenção e pela paciência.

    valeu..

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×