Opa, gostaria que analisasse o log ;D
Otl.txt:
Extras.txt
Obrigado![Smile :) :)](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Otl.txt:
OTL logfile created on: 31/07/2012 21:48:59 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Flavio\Downloads
Windows Vista Starter Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
893,45 Mb Total Physical Memory | 213,08 Mb Available Physical Memory | 23,85% Memory free
2,00 Gb Paging File | 0,88 Gb Available in Paging File | 43,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 17,77 Gb Free Space | 23,85% Space Free | Partition Type: NTFS
Computer Name: PLINIO-NOTE | User Name: Flavio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/31 21:43:38 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Flavio\Downloads\OTL.exe
PRC - [2012/07/31 12:31:46 | 000,935,008 | ---- | M] () -- C:\Arquivos de programas\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/07/31 12:31:15 | 001,107,552 | ---- | M] () -- C:\Arquivos de programas\AVG Secure Search\vprot.exe
PRC - [2012/01/31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012/01/17 19:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgtray.exe
PRC - [2012/01/03 10:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Arquivos de programas\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de programas\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgemcx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Arquivos de programas\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgwdsvc.exe
PRC - [2009/04/11 03:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Sidebar\sidebar.exe
PRC - [2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2005/11/17 07:32:54 | 000,561,664 | ---- | M] (J.Pajula) -- C:\Arquivos de programas\RamBooster 2.0\Rambooster.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/31 12:31:48 | 000,132,704 | ---- | M] () -- C:\Arquivos de programas\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/31 12:31:15 | 001,107,552 | ---- | M] () -- C:\Arquivos de programas\AVG Secure Search\vprot.exe
MOD - [2012/07/30 14:10:01 | 004,051,456 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.3\libglesv2.dll
MOD - [2012/07/30 14:10:01 | 000,100,864 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.3\libegl.dll
MOD - [2012/07/10 01:09:00 | 000,438,296 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
MOD - [2012/07/10 01:08:59 | 003,972,120 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/10 01:07:22 | 000,140,328 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/10 01:07:21 | 000,262,184 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/10 01:07:19 | 002,386,984 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/09 23:17:27 | 009,255,112 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012/07/09 23:17:27 | 009,255,112 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll
MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Arquivos de programas\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2007/01/18 23:54:48 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/07/31 12:31:46 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/07/31 12:31:06 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Arquivos de Programas\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Arquivos de Programas\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Arquivos de Programas\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012/01/03 10:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/10 10:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Arquivos de Programas\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/10/27 09:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Arquivos de Programas\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/05/13 15:27:02 | 001,492,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Arquivos de Programas\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2008/01/19 04:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011/05/27 19:05:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/03/04 11:14:22 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/01/19 00:03:24 | 002,314,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 04:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = O que fazer na internet?
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = O que fazer na internet?
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = O que fazer na internet?
IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = UOL - O melhor conteúdo
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={1E74DA7D-2015-48EB-90DD-11A249773A26}&mid=7b5d20188ce747d1aeb7d152628df719-06ce4fc639803a2e3563922518183d8e94088cb9&lang=pt-br&ds=AVG&pr=fr&d=2011-11-28 13:57:40&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Flavio\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Flavio\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/02 13:47:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/07/31 12:32:18 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: UOL - O melhor conteúdo
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google
riginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: UOL - O melhor conteúdo
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Flavio\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Pesquisa do Google = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AT_Porsche = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
CHR - Extension: AVG Safe Search = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Gmail = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gravity Guy = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjlflpphgcocgjlmobgjbfneoemlbmlc\1.1_0\
O1 HOSTS File: ([2006/09/18 18:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de Programas\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Arquivos de Programas\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Arquivos de Programas\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Arquivos de Programas\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Arquivos de Programas\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Arquivos de Programas\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 1
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Arquivos de Programas\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E85BC55F-1FBC-4288-BB33-90AAC5A072DC}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de Programas\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Arquivos de Programas\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de Programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Arquivos de Programas\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Flavio\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel de Parede da Galeria de Fotos do Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Flavio\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel de Parede da Galeria de Fotos do Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 18:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5f929e13-9d12-11e0-a8eb-0017c4066d48}\Shell - "" = AutoRun
O33 - MountPoints2\{5f929e13-9d12-11e0-a8eb-0017c4066d48}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5f929e2c-9d12-11e0-a8eb-0017c4066d48}\Shell - "" = AutoRun
O33 - MountPoints2\{5f929e2c-9d12-11e0-a8eb-0017c4066d48}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5f929e36-9d12-11e0-a8eb-001b24691eea}\Shell - "" = AutoRun
O33 - MountPoints2\{5f929e36-9d12-11e0-a8eb-001b24691eea}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{68fae104-a353-11e0-98b7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{68fae104-a353-11e0-98b7-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{7534948c-9c3a-11e0-b4c9-0017c4066d48}\Shell - "" = AutoRun
O33 - MountPoints2\{7534948c-9c3a-11e0-b4c9-0017c4066d48}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{753494ab-9c3a-11e0-b4c9-0017c4066d48}\Shell - "" = AutoRun
O33 - MountPoints2\{753494ab-9c3a-11e0-b4c9-0017c4066d48}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/31 21:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\RamBooster 2.0
[2012/07/31 17:52:36 | 000,000,000 | ---D | C] -- C:\Users\Flavio\AppData\Local\AVG Secure Search
[2012/07/31 14:15:06 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/07/31 13:27:31 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/07/31 13:27:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/07/31 13:27:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/07/31 13:27:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/07/31 13:27:23 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/07/31 13:27:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/07/31 13:27:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/07/31 12:30:52 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/30 17:48:48 | 000,476,976 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012/07/30 17:48:42 | 000,157,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/07/30 17:48:41 | 000,149,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/07/30 17:48:38 | 000,149,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/07/30 17:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/07/30 17:04:00 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/07/30 17:04:00 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/07/30 17:04:00 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/07/30 17:04:00 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/07/30 17:03:59 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/07/30 17:03:20 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/07/30 17:03:19 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/07/30 17:03:13 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/07/30 16:56:08 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/07/30 14:01:27 | 000,000,000 | ---D | C] -- C:\Users\Flavio\AppData\Local\{4D601F4C-E06C-49E5-AB0F-953E5D2FA3E2}
[2012/07/10 11:42:38 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/07/10 11:42:37 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/07/10 11:41:39 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/07/10 11:41:39 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/07/10 11:41:39 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/07/10 11:40:39 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/07/10 11:40:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[1 C:\Users\Flavio\*.tmp files -> C:\Users\Flavio\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/31 21:42:02 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4088666044-1566086876-1659658698-1000UA.job
[2012/07/31 21:30:05 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/31 21:20:40 | 000,002,014 | ---- | M] () -- C:\Users\Flavio\Desktop\Launch Rambooster 2.0.lnk
[2012/07/31 20:44:54 | 000,004,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/31 20:44:54 | 000,004,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/31 14:44:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/31 14:44:30 | 000,230,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/31 14:43:40 | 937,607,168 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/31 14:20:36 | 000,642,298 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2012/07/31 14:20:36 | 000,594,930 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/31 14:20:36 | 000,124,664 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2012/07/31 14:20:36 | 000,103,736 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/31 13:43:08 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4088666044-1566086876-1659658698-1000Core.job
[2012/07/31 12:37:41 | 102,632,164 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/07/31 12:30:52 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/31 12:30:51 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/30 18:49:07 | 000,358,549 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/07/30 17:47:43 | 000,476,976 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012/07/30 17:47:43 | 000,472,880 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/07/30 17:47:43 | 000,157,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/07/30 17:47:43 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/07/30 17:47:43 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/07/30 13:43:51 | 000,002,047 | ---- | M] () -- C:\Users\Flavio\Desktop\Google Chrome.lnk
[1 C:\Users\Flavio\*.tmp files -> C:\Users\Flavio\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/31 21:20:59 | 000,001,960 | ---- | C] () -- C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Launch RamBooster 2.0.lnk
[2012/07/31 21:20:40 | 000,002,014 | ---- | C] () -- C:\Users\Flavio\Desktop\Launch Rambooster 2.0.lnk
[2012/07/31 12:31:21 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/08/06 12:35:26 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/08/06 12:35:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/08/06 12:35:23 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/08/06 12:35:23 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/08/06 12:35:22 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/07/06 13:49:29 | 000,167,980 | ---- | C] () -- C:\Windows\hpoins28.dat
[2011/07/03 15:16:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/07/03 15:16:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/06/24 14:12:05 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/06/22 19:18:05 | 000,111,616 | ---- | C] () -- C:\Users\Flavio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/19 15:52:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
========== LOP Check ==========
[2011/07/26 14:19:09 | 000,000,000 | ---D | M] -- C:\Users\Flavio\AppData\Roaming\Ashampoo
[2011/06/19 22:41:40 | 000,000,000 | ---D | M] -- C:\Users\Flavio\AppData\Roaming\AVG10
[2011/07/12 10:14:54 | 000,000,000 | ---D | M] -- C:\Users\Flavio\AppData\Roaming\Nokia
[2011/07/06 15:16:10 | 000,000,000 | ---D | M] -- C:\Users\Flavio\AppData\Roaming\Windows Live Writer
[2012/07/31 14:41:33 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Flavio\Downloads
Windows Vista Starter Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
893,45 Mb Total Physical Memory | 213,08 Mb Available Physical Memory | 23,85% Memory free
2,00 Gb Paging File | 0,88 Gb Available in Paging File | 43,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 17,77 Gb Free Space | 23,85% Space Free | Partition Type: NTFS
Computer Name: PLINIO-NOTE | User Name: Flavio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/31 21:43:38 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Flavio\Downloads\OTL.exe
PRC - [2012/07/31 12:31:46 | 000,935,008 | ---- | M] () -- C:\Arquivos de programas\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/07/31 12:31:15 | 001,107,552 | ---- | M] () -- C:\Arquivos de programas\AVG Secure Search\vprot.exe
PRC - [2012/01/31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012/01/17 19:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgtray.exe
PRC - [2012/01/03 10:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Arquivos de programas\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de programas\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgemcx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Arquivos de programas\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de programas\AVG\AVG10\avgwdsvc.exe
PRC - [2009/04/11 03:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Sidebar\sidebar.exe
PRC - [2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2005/11/17 07:32:54 | 000,561,664 | ---- | M] (J.Pajula) -- C:\Arquivos de programas\RamBooster 2.0\Rambooster.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/31 12:31:48 | 000,132,704 | ---- | M] () -- C:\Arquivos de programas\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/31 12:31:15 | 001,107,552 | ---- | M] () -- C:\Arquivos de programas\AVG Secure Search\vprot.exe
MOD - [2012/07/30 14:10:01 | 004,051,456 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.3\libglesv2.dll
MOD - [2012/07/30 14:10:01 | 000,100,864 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.3\libegl.dll
MOD - [2012/07/10 01:09:00 | 000,438,296 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
MOD - [2012/07/10 01:08:59 | 003,972,120 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/10 01:07:22 | 000,140,328 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/10 01:07:21 | 000,262,184 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/10 01:07:19 | 002,386,984 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/09 23:17:27 | 009,255,112 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012/07/09 23:17:27 | 009,255,112 | ---- | M] () -- C:\Users\Flavio\AppData\Local\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll
MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Arquivos de programas\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2007/01/18 23:54:48 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/07/31 12:31:46 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/07/31 12:31:06 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Arquivos de Programas\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Arquivos de Programas\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Arquivos de Programas\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012/01/03 10:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/10 10:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Arquivos de Programas\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/10/27 09:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Arquivos de Programas\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/05/13 15:27:02 | 001,492,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Arquivos de Programas\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2008/01/19 04:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011/05/27 19:05:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/03/04 11:14:22 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/01/19 00:03:24 | 002,314,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 04:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = O que fazer na internet?
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = O que fazer na internet?
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = O que fazer na internet?
IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = UOL - O melhor conteúdo
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={1E74DA7D-2015-48EB-90DD-11A249773A26}&mid=7b5d20188ce747d1aeb7d152628df719-06ce4fc639803a2e3563922518183d8e94088cb9&lang=pt-br&ds=AVG&pr=fr&d=2011-11-28 13:57:40&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Flavio\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Flavio\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/02 13:47:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/07/31 12:32:18 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: UOL - O melhor conteúdo
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: UOL - O melhor conteúdo
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Flavio\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Flavio\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Pesquisa do Google = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AT_Porsche = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
CHR - Extension: AVG Safe Search = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Gmail = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gravity Guy = C:\Users\Flavio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjlflpphgcocgjlmobgjbfneoemlbmlc\1.1_0\
O1 HOSTS File: ([2006/09/18 18:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de Programas\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Arquivos de Programas\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Arquivos de Programas\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Arquivos de Programas\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Arquivos de Programas\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Arquivos de Programas\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 1
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Arquivos de Programas\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E85BC55F-1FBC-4288-BB33-90AAC5A072DC}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de Programas\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Arquivos de Programas\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de Programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Arquivos de Programas\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Flavio\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel de Parede da Galeria de Fotos do Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Flavio\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel de Parede da Galeria de Fotos do Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 18:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5f929e13-9d12-11e0-a8eb-0017c4066d48}\Shell - "" = AutoRun
O33 - MountPoints2\{5f929e13-9d12-11e0-a8eb-0017c4066d48}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5f929e2c-9d12-11e0-a8eb-0017c4066d48}\Shell - "" = AutoRun
O33 - MountPoints2\{5f929e2c-9d12-11e0-a8eb-0017c4066d48}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5f929e36-9d12-11e0-a8eb-001b24691eea}\Shell - "" = AutoRun
O33 - MountPoints2\{5f929e36-9d12-11e0-a8eb-001b24691eea}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{68fae104-a353-11e0-98b7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{68fae104-a353-11e0-98b7-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{7534948c-9c3a-11e0-b4c9-0017c4066d48}\Shell - "" = AutoRun
O33 - MountPoints2\{7534948c-9c3a-11e0-b4c9-0017c4066d48}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{753494ab-9c3a-11e0-b4c9-0017c4066d48}\Shell - "" = AutoRun
O33 - MountPoints2\{753494ab-9c3a-11e0-b4c9-0017c4066d48}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/31 21:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\RamBooster 2.0
[2012/07/31 17:52:36 | 000,000,000 | ---D | C] -- C:\Users\Flavio\AppData\Local\AVG Secure Search
[2012/07/31 14:15:06 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/07/31 13:27:31 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/07/31 13:27:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/07/31 13:27:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/07/31 13:27:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/07/31 13:27:23 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/07/31 13:27:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/07/31 13:27:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/07/31 12:30:52 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/30 17:48:48 | 000,476,976 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012/07/30 17:48:42 | 000,157,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/07/30 17:48:41 | 000,149,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/07/30 17:48:38 | 000,149,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/07/30 17:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/07/30 17:04:00 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/07/30 17:04:00 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/07/30 17:04:00 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/07/30 17:04:00 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/07/30 17:03:59 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/07/30 17:03:20 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/07/30 17:03:19 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/07/30 17:03:13 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/07/30 16:56:08 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/07/30 14:01:27 | 000,000,000 | ---D | C] -- C:\Users\Flavio\AppData\Local\{4D601F4C-E06C-49E5-AB0F-953E5D2FA3E2}
[2012/07/10 11:42:38 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/07/10 11:42:37 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/07/10 11:41:39 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/07/10 11:41:39 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/07/10 11:41:39 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/07/10 11:40:39 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/07/10 11:40:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[1 C:\Users\Flavio\*.tmp files -> C:\Users\Flavio\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/31 21:42:02 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4088666044-1566086876-1659658698-1000UA.job
[2012/07/31 21:30:05 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/31 21:20:40 | 000,002,014 | ---- | M] () -- C:\Users\Flavio\Desktop\Launch Rambooster 2.0.lnk
[2012/07/31 20:44:54 | 000,004,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/31 20:44:54 | 000,004,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/31 14:44:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/31 14:44:30 | 000,230,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/31 14:43:40 | 937,607,168 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/31 14:20:36 | 000,642,298 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2012/07/31 14:20:36 | 000,594,930 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/31 14:20:36 | 000,124,664 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2012/07/31 14:20:36 | 000,103,736 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/31 13:43:08 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4088666044-1566086876-1659658698-1000Core.job
[2012/07/31 12:37:41 | 102,632,164 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/07/31 12:30:52 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/31 12:30:51 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/30 18:49:07 | 000,358,549 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/07/30 17:47:43 | 000,476,976 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012/07/30 17:47:43 | 000,472,880 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/07/30 17:47:43 | 000,157,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/07/30 17:47:43 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/07/30 17:47:43 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/07/30 13:43:51 | 000,002,047 | ---- | M] () -- C:\Users\Flavio\Desktop\Google Chrome.lnk
[1 C:\Users\Flavio\*.tmp files -> C:\Users\Flavio\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/31 21:20:59 | 000,001,960 | ---- | C] () -- C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Launch RamBooster 2.0.lnk
[2012/07/31 21:20:40 | 000,002,014 | ---- | C] () -- C:\Users\Flavio\Desktop\Launch Rambooster 2.0.lnk
[2012/07/31 12:31:21 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/08/06 12:35:26 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/08/06 12:35:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/08/06 12:35:23 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/08/06 12:35:23 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/08/06 12:35:22 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/07/06 13:49:29 | 000,167,980 | ---- | C] () -- C:\Windows\hpoins28.dat
[2011/07/03 15:16:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/07/03 15:16:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/06/24 14:12:05 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/06/22 19:18:05 | 000,111,616 | ---- | C] () -- C:\Users\Flavio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/19 15:52:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
========== LOP Check ==========
[2011/07/26 14:19:09 | 000,000,000 | ---D | M] -- C:\Users\Flavio\AppData\Roaming\Ashampoo
[2011/06/19 22:41:40 | 000,000,000 | ---D | M] -- C:\Users\Flavio\AppData\Roaming\AVG10
[2011/07/12 10:14:54 | 000,000,000 | ---D | M] -- C:\Users\Flavio\AppData\Roaming\Nokia
[2011/07/06 15:16:10 | 000,000,000 | ---D | M] -- C:\Users\Flavio\AppData\Roaming\Windows Live Writer
[2012/07/31 14:41:33 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Extras.txt
OTL Extras logfile created on: 31/07/2012 21:48:59 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Flavio\Downloads
Windows Vista Starter Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
893,45 Mb Total Physical Memory | 213,08 Mb Available Physical Memory | 23,85% Memory free
2,00 Gb Paging File | 0,88 Gb Available in Paging File | 43,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 17,77 Gb Free Space | 23,85% Space Free | Partition Type: NTFS
Computer Name: PLINIO-NOTE | User Name: Flavio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mega] -- "C:\Program Files\Megacubo\megacubo.exe" "%1"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C8104B0-4535-4305-9B5D-BA9565CDF5C9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{25D3FDD2-5B84-4716-9C00-3EDB53A123F1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{455A54D6-85D8-46EB-9A02-08E340B74773}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4F50C47F-2E77-49FF-B701-7428612C3BDD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{53600284-7E19-4D39-BD0E-4E400DDD7E22}" = rport=139 | protocol=6 | dir=out | app=system |
"{5C4B439F-FB0D-43EE-98A3-6BB28B42EE22}" = rport=445 | protocol=6 | dir=out | app=system |
"{735B6DAE-417D-40E1-80FA-2769F78A2C6B}" = lport=445 | protocol=6 | dir=in | app=system |
"{817B0CCF-49EE-45EE-899B-C81E2E1A91BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{92419EEF-8068-4EAC-B4DF-34F1D1B3D0C1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A92866BB-E921-45EF-9682-B4050873B5DE}" = rport=138 | protocol=17 | dir=out | app=system |
"{C71F9EBD-A2EA-4728-B6EC-99197F8D8128}" = lport=139 | protocol=6 | dir=in | app=system |
"{CF118DE9-17EB-4C2E-87A8-84D4F1C69D48}" = rport=137 | protocol=17 | dir=out | app=system |
"{D381C67C-2C05-4F28-9507-E1C993B49025}" = lport=137 | protocol=17 | dir=in | app=system |
"{F56F7735-744C-4C00-AB89-DC22626C9D66}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E79816F-CA90-4903-81C3-F22D459D1112}" = protocol=17 | dir=in | app=c:\program files\megacubo\megacubo.exe |
"{1A139EE3-B345-436F-8DC5-FF088E3D3138}" = protocol=6 | dir=in | app=c:\program files\megacubo\megacubo.exe |
"{33541AC3-1D50-42D0-89FD-A82F64F2C304}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{36F09F77-7DD6-4372-A4C9-2395379DC9A7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{3EFE665E-330F-42E0-8BCD-23B726B625C3}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{5127A1C3-6E81-40CB-BE02-EE6F86F6B26B}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{612BA7D5-9F6C-4804-9234-FCC7809F8B69}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{732B169F-44D5-43BD-B65F-87942B892720}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{9300AE76-9526-4496-9F85-E679C9307D5C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{9D40B763-08F5-40E8-8CFC-B64818FE5B30}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B3607BE5-8DD4-4EA5-80C4-496BD91F4B40}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{BBDEB71D-21A0-4B37-A26C-7BCD4CCBEDC3}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{BF85213E-81EC-489D-9C9D-86557A5B32B5}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C29C4561-6B00-482D-809C-BE1E4DFB170D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{C50D08C7-AD4F-46E6-A681-7E7E8CE8A5E7}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{CA972BE4-36C7-44CE-A4BD-DD34AFA7BC93}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{D850CC95-FA42-4ACF-8866-35977A7E390D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{D9D3A2DE-37A7-42CE-9AEA-D716D1AAD008}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DCE9AA16-765E-47C8-B8DB-5D2426C085AA}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{E5610532-1A38-4509-856E-D7F01432CDE4}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{E8BF7B4F-53C9-421C-8E46-BA355CB255A4}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{E935F1A8-4060-4608-830C-E818AAD01EDA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F59132D5-7CED-41E1-BAA6-AF0A7F671247}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FDC949EC-F1B6-4588-ACDD-9BD4872D3745}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2DF215E0-BD3C-4C98-8616-AFEF09747285}" = Windows Live Sync
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3889988F-762B-4B85-AB17-71C9CC3AE445}" = Messenger Companion
"{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41B72CAF-036B-4E0A-8D22-F5DF7C970434}" = Windows Live Remote Client Resources
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1046-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Português
"{ADE3CACC-EC31-480C-83A0-587EE60CE8DF}" = RamBooster
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C8FC7066-4457-4365-9BDF-4E439BF703C8}" = AVG 2011
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E31B6056-1954-423B-9883-451F9F15887B}" = Windows Live Family Safety
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E533E637-FB3E-4F28-8B18-449CC9AB7235}" = AVG 2011
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6617B44-D556-49AC-B2A3-01451E115043}" = Windows Live Remote Service Resources
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"504244733D18C8F63FF584AEB290E3904E791693" = Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG" = AVG 2011
"CCleaner" = CCleaner
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.5.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"VLC media player" = VLC media player 1.1.10
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/07/2012 10:37:01 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:38:04 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:39:26 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:42:08 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:42:08 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:59:14 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 30/07/2012 10:36:00 | Computer Name = PLINIO-NOTE | Source = SideBySide | ID = 16842785
Description = Falha na geração de contexto de ativação para "C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\BrOffice\App\broffice\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error - 30/07/2012 11:28:26 | Computer Name = PLINIO-NOTE | Source = SideBySide | ID = 16842785
Description = Falha na geração de contexto de ativação para "C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\BrOffice\App\broffice\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error - 31/07/2012 11:29:36 | Computer Name = PLINIO-NOTE | Source = SideBySide | ID = 16842785
Description = Falha na geração de contexto de ativação para "C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\BrOffice\App\broffice\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error - 31/07/2012 16:52:01 | Computer Name = PLINIO-NOTE | Source = SideBySide | ID = 16842785
Description = Falha na geração de contexto de ativação para "C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\BrOffice\App\broffice\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
[ System Events ]
Error - 10/07/2012 10:46:10 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 10/07/2012 10:46:10 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 10/07/2012 10:46:10 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 30/07/2012 16:22:23 | Computer Name = PLINIO-NOTE | Source = Dhcp | ID = 1002
Description = A concessão 192.168.1.101 do endereço IP para a Placa de Rede com
endereço de rede 0017C4066D48 foi negada pelo servidor DHCP 192.168.1.254 (O servidor
DHCP enviou uma mensagem DHCPNACK).
Error - 31/07/2012 11:33:29 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7011
Description =
Error - 31/07/2012 11:33:54 | Computer Name = PLINIO-NOTE | Source = DCOM | ID = 10005
Description =
Error - 31/07/2012 11:34:27 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7009
Description =
Error - 31/07/2012 11:34:27 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7000
Description =
Error - 31/07/2012 11:36:03 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7022
Description =
Error - 31/07/2012 13:41:01 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7011
Description =
< End of report >
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Flavio\Downloads
Windows Vista Starter Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
893,45 Mb Total Physical Memory | 213,08 Mb Available Physical Memory | 23,85% Memory free
2,00 Gb Paging File | 0,88 Gb Available in Paging File | 43,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 17,77 Gb Free Space | 23,85% Space Free | Partition Type: NTFS
Computer Name: PLINIO-NOTE | User Name: Flavio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mega] -- "C:\Program Files\Megacubo\megacubo.exe" "%1"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C8104B0-4535-4305-9B5D-BA9565CDF5C9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{25D3FDD2-5B84-4716-9C00-3EDB53A123F1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{455A54D6-85D8-46EB-9A02-08E340B74773}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4F50C47F-2E77-49FF-B701-7428612C3BDD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{53600284-7E19-4D39-BD0E-4E400DDD7E22}" = rport=139 | protocol=6 | dir=out | app=system |
"{5C4B439F-FB0D-43EE-98A3-6BB28B42EE22}" = rport=445 | protocol=6 | dir=out | app=system |
"{735B6DAE-417D-40E1-80FA-2769F78A2C6B}" = lport=445 | protocol=6 | dir=in | app=system |
"{817B0CCF-49EE-45EE-899B-C81E2E1A91BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{92419EEF-8068-4EAC-B4DF-34F1D1B3D0C1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A92866BB-E921-45EF-9682-B4050873B5DE}" = rport=138 | protocol=17 | dir=out | app=system |
"{C71F9EBD-A2EA-4728-B6EC-99197F8D8128}" = lport=139 | protocol=6 | dir=in | app=system |
"{CF118DE9-17EB-4C2E-87A8-84D4F1C69D48}" = rport=137 | protocol=17 | dir=out | app=system |
"{D381C67C-2C05-4F28-9507-E1C993B49025}" = lport=137 | protocol=17 | dir=in | app=system |
"{F56F7735-744C-4C00-AB89-DC22626C9D66}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E79816F-CA90-4903-81C3-F22D459D1112}" = protocol=17 | dir=in | app=c:\program files\megacubo\megacubo.exe |
"{1A139EE3-B345-436F-8DC5-FF088E3D3138}" = protocol=6 | dir=in | app=c:\program files\megacubo\megacubo.exe |
"{33541AC3-1D50-42D0-89FD-A82F64F2C304}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{36F09F77-7DD6-4372-A4C9-2395379DC9A7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{3EFE665E-330F-42E0-8BCD-23B726B625C3}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{5127A1C3-6E81-40CB-BE02-EE6F86F6B26B}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{612BA7D5-9F6C-4804-9234-FCC7809F8B69}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{732B169F-44D5-43BD-B65F-87942B892720}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{9300AE76-9526-4496-9F85-E679C9307D5C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{9D40B763-08F5-40E8-8CFC-B64818FE5B30}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B3607BE5-8DD4-4EA5-80C4-496BD91F4B40}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{BBDEB71D-21A0-4B37-A26C-7BCD4CCBEDC3}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{BF85213E-81EC-489D-9C9D-86557A5B32B5}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C29C4561-6B00-482D-809C-BE1E4DFB170D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{C50D08C7-AD4F-46E6-A681-7E7E8CE8A5E7}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{CA972BE4-36C7-44CE-A4BD-DD34AFA7BC93}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{D850CC95-FA42-4ACF-8866-35977A7E390D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{D9D3A2DE-37A7-42CE-9AEA-D716D1AAD008}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DCE9AA16-765E-47C8-B8DB-5D2426C085AA}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{E5610532-1A38-4509-856E-D7F01432CDE4}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{E8BF7B4F-53C9-421C-8E46-BA355CB255A4}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{E935F1A8-4060-4608-830C-E818AAD01EDA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F59132D5-7CED-41E1-BAA6-AF0A7F671247}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FDC949EC-F1B6-4588-ACDD-9BD4872D3745}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2DF215E0-BD3C-4C98-8616-AFEF09747285}" = Windows Live Sync
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3889988F-762B-4B85-AB17-71C9CC3AE445}" = Messenger Companion
"{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41B72CAF-036B-4E0A-8D22-F5DF7C970434}" = Windows Live Remote Client Resources
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1046-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Português
"{ADE3CACC-EC31-480C-83A0-587EE60CE8DF}" = RamBooster
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C8FC7066-4457-4365-9BDF-4E439BF703C8}" = AVG 2011
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E31B6056-1954-423B-9883-451F9F15887B}" = Windows Live Family Safety
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E533E637-FB3E-4F28-8B18-449CC9AB7235}" = AVG 2011
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6617B44-D556-49AC-B2A3-01451E115043}" = Windows Live Remote Service Resources
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"504244733D18C8F63FF584AEB290E3904E791693" = Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG" = AVG 2011
"CCleaner" = CCleaner
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.5.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"VLC media player" = VLC media player 1.1.10
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/07/2012 10:37:01 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:38:04 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:39:26 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:42:08 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:42:08 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10/07/2012 10:59:14 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 30/07/2012 10:36:00 | Computer Name = PLINIO-NOTE | Source = SideBySide | ID = 16842785
Description = Falha na geração de contexto de ativação para "C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\BrOffice\App\broffice\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error - 30/07/2012 11:28:26 | Computer Name = PLINIO-NOTE | Source = SideBySide | ID = 16842785
Description = Falha na geração de contexto de ativação para "C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\BrOffice\App\broffice\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error - 31/07/2012 11:29:36 | Computer Name = PLINIO-NOTE | Source = SideBySide | ID = 16842785
Description = Falha na geração de contexto de ativação para "C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\BrOffice\App\broffice\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error - 31/07/2012 16:52:01 | Computer Name = PLINIO-NOTE | Source = SideBySide | ID = 16842785
Description = Falha na geração de contexto de ativação para "C:\Users\Flavio\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\BrOffice\App\broffice\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe".
Assembly dependente Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
[ System Events ]
Error - 10/07/2012 10:46:10 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 10/07/2012 10:46:10 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 10/07/2012 10:46:10 | Computer Name = PLINIO-NOTE | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 30/07/2012 16:22:23 | Computer Name = PLINIO-NOTE | Source = Dhcp | ID = 1002
Description = A concessão 192.168.1.101 do endereço IP para a Placa de Rede com
endereço de rede 0017C4066D48 foi negada pelo servidor DHCP 192.168.1.254 (O servidor
DHCP enviou uma mensagem DHCPNACK).
Error - 31/07/2012 11:33:29 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7011
Description =
Error - 31/07/2012 11:33:54 | Computer Name = PLINIO-NOTE | Source = DCOM | ID = 10005
Description =
Error - 31/07/2012 11:34:27 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7009
Description =
Error - 31/07/2012 11:34:27 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7000
Description =
Error - 31/07/2012 11:36:03 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7022
Description =
Error - 31/07/2012 13:41:01 | Computer Name = PLINIO-NOTE | Source = Service Control Manager | ID = 7011
Description =
< End of report >
Obrigado