Entre para seguir isso  
Seguidores 0
Maloid

Provavel Virus

10 posts neste tópico

Olá.

O problema começou ontem. Estava acessando páginas normalmente e começou de repente quando tenntei acessar o YouTube e ocorreu um erro dizendo que precisava de uma atualização do Java Security Defencer e uma janela de download do arquivo jxpiinstall.exe, o qual baixei, mas não executei, passei antivirus e o Ad-Ware o identificou como malicioso e o excluiu. Depois fiz escaneamento no PC com o Avast, Ad-ware, Bankerfix e Malwarebytes e nada foi encontrado. Hoje tentei acessar o Youtube novamente e o erro continua, porém, agora o arquivo que aparece é outro avast_internet_security_setup.exe.

Peço ajuda.

Segue log do Hijackthis

Logfile of HijackThis v1.99.1

Scan saved at 20:12:31, on 13/09/2012

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16448)

Running processes:

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

C:\Users\Marcelo\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.10.254:3128

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O11 - Options group: [iNTERNATIONAL] International

O13 - Gopher Prefix:

O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

Você configurou esse proxy no Internet Explorer?

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.10.254:3128

Faça o download do BankerFix:

http://www.linhadefensiva.org/dl/bankerfix

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em UAC_icon.png Executar como administrador

Importante: A ferramenta irá finalizar o Internet Explorer. Salve qualquer link que você precisa acessar depois antes de executá-la.

Dê dois cliques no bankerfix.exe para executá-lo.

Clique em OK na primeira e [CANCELAR] na segunda tela para impedir a execução do BankerFix.

Feito isso, vá em C:\LinhaDefensiva\ e execute o arquivo Iniciar-Bankerfix.vbs. Confirme que deseja atualizar o software e em [OK] para executar o software.

Quando ele executar, aparecerá uma tela preta pedindo para que aperte qualquer tecla. Tecle Enter e espere ele terminar. Pode levar algum tempo.

Ao terminar, leia a mensagem na tela e aperte Enter novamente. Quando ele terminar, poste o arquivo relatorio.txt localizado em: C:\LinhaDefensiva\relatorio.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá.

Não configurei nenhum proxi.

Não sei como, mas o Youtube voltou a funcionar hoje.

O relatório do bankerfix mostrou apenas isso:

BankerFix 3.5 VALKYRIE - Removedor de Bankers

Linha Defensiva | http://www.linhadefensiva.org

http://www.linhadefensiva.org/bankerfix/

-------------------------------------------------------

Data: 2012-09-14 - 18:48

-------------------------------------------------------

Lista de Definição: 2012-08-22-1 | CORE: 2012-08-22-6

=======================================================

----- Fim -------------------------

Att.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Faça o download do Malwarebytes Anti-Malware

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

  • Faça a instalação dando um duplo clique em mbam-setup.exe.
  • Marque Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em Concluir.
    OBS: Se você tiver problemas ao atualizar o MalwareBytes' Anti-Malware. Baixe a atualização manualmente aqui e de um duplo clique em mbam-rules.exe para instalar.
  • Marque Verificação Completa e depois clique em Verificar.
  • Quando o scan terminar, clique em Ok e em Mostrar Resultados para ver o log.
  • Se algo for detectado, veja se tudo está marcado e clique em Remover.
  • O log é automaticamente gravado e pode ser consultado clicando em Logs do menu principal do programa.
  • Copie e cole o conteúdo desse log na sua próxima resposta.

Em seguida:

Baixe OTL by OldTimer, e salve na sua área de trabalho.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar%20como%20administrador.png

Feche todas as janelas e execute a ferramenta.

Onde diz Saída, marque Padrão

Marque também estas opções:

  • Usar WhiteList para Nomes de Companhias.
  • Verificar Lop
  • Verificar Purity

Selecione estas linhas em vermelho, clique com o direito sobre a seleção, e escolha a opção copiar

drives

netsvcs

%SYSTEMDRIVE%\*.*

%systemdrive%\drivers\*.exe

%systemroot%\system32\drivers\*.* /90

%PROGRAMFILES%(x86)\*.*

%LOCALAPPDATA%\*.exe

%LOCALAPPDATA%\*.txt

%LOCALAPPDATA%\*.ini

%LOCALAPPDATA%\*.dll

%LOCALAPPDATA%\*.dat

%USERPROFILE%\*.exe

%USERPROFILE%\*.txt

%USERPROFILE%\*.ini

%USERPROFILE%\*.dll

%USERPROFILE%\*.dat /30

C:\windows\system32\Tasks\*.* /s /64

%windir%\tasks\*.*

CREATERESTOREPOINT

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments

%systemdrive%\$Recycle.Bin|@;true;true;true

Volte ao programa, clique com o direito em qualquer parte branca da sessão Exames Personalizados/Correções e escolha colar

Clique no botão Verificar

Não modifique nenhuma outra configuração, a menos que tenha sido orientado (a) a fazer isso.

O exame demora um pouco, tenha paciência.

Quando terminar, dois blocos de notas serão exibidos: OTL.txt e Extras.txt

Ambos ficarão salvos dentro do mesmo diretório onde está o OTL.exe, ou seja, na sua área de trabalho.

Copie todo o conteúdo do Extras.txt e cole na sua resposta.

Anexe o arquivo OTL.txt

OBS: Caso os logs fiquem muito grandes e exceda o limite do forum, envie-os para um arquivo .zip ou .rar e anexe-os à sua resposta.

:legal:

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá.

Feito.

  • Segue o log do Anti-Malware:

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org

Versão da Base de Dados: v2012.09.10.04

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Marcelo :: MARCELO-PC [administrador]

15/09/2012 15:33:39

mbam-log-2012-09-15 (15-33-39).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|)

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 413956

Tempo decorrido: 49 minuto(s), 16 segundo(s)

Processos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0

(Não foram detectados ítens maliciosos)

Arquivos Detectados: 0

(Não foram detectados ítens maliciosos)

(fim)

  • Segue log Extras.txt

OTL Extras logfile created on: 15/09/2012 16:43:11 - Run 1

OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Marcelo\Desktop

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,51% Memory free

7,93 Gb Paging File | 6,01 Gb Available in Paging File | 75,75% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 34,08 Gb Total Space | 0,61 Gb Free Space | 1,79% Space Free | Partition Type: NTFS

Drive D: | 239,26 Gb Total Space | 159,72 Gb Free Space | 66,76% Space Free | Partition Type: NTFS

Computer Name: MARCELO-PC | User Name: Marcelo | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{15385136-083A-444B-ABBD-44C2E3D07E10}" = lport=445 | protocol=6 | dir=in | app=system |

"{17FCA197-7EAB-4D05-89B3-124457F92E98}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{21746ADD-5A31-4510-8377-6575B191D5C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2C72ED2D-7D64-4831-BD7F-5C669CF681DC}" = rport=139 | protocol=6 | dir=out | app=system |

"{2D005AB0-1CF0-45BA-967A-72E9FAF857D6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2FD9B15B-08E7-43E6-A1D9-4813A4F68E91}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{34408E38-5538-4D99-A481-1C360CF324B7}" = lport=137 | protocol=17 | dir=in | app=system |

"{3D952DA3-7D62-477F-8570-B2341F38E595}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{3DCEE59F-C9D2-40DE-9B7F-140F7BBD68AE}" = lport=138 | protocol=17 | dir=in | app=system |

"{5AB99898-8B20-4114-A292-8EAFBA7E1BFB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{5E4538C5-ACAF-4C0A-AD13-8B70135AD175}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{6E172356-AFFD-419D-AA7A-64935E47B685}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{7D1D63CE-00C8-4882-B802-3DC8D7B77E92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{7E0AA2A3-2939-4612-992D-E85C402DC087}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{8AA830D6-A2F1-4E1C-83DD-9E4A8BA66BD0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

"{91B89AC9-0D85-4D2E-8D42-0C06E31487F0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{9461C7B7-1229-4A6B-89B6-C82190D357C2}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |

"{B2936F1C-3B0E-4F31-9267-6A651815D0F3}" = lport=139 | protocol=6 | dir=in | app=system |

"{B3F1832D-FAC9-42ED-A57B-44AE87CFCAEE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{B4FD6159-1594-4E54-8071-909038B3789D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{B8A6B4A5-29CE-47B8-8C35-6F1057329705}" = lport=10243 | protocol=6 | dir=in | app=system |

"{BCCBE9D6-126E-4635-9E92-AA9FAF307E0F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{BD1E0858-B0E9-413F-B5DB-9EC1489FAC01}" = rport=10243 | protocol=6 | dir=out | app=system |

"{BF5A12A1-D75C-416C-A485-F291FC004A7E}" = rport=138 | protocol=17 | dir=out | app=system |

"{C0371D72-6D38-4586-8FA0-6521CEE9B41C}" = lport=2869 | protocol=6 | dir=in | app=system |

"{C37D94BA-A1B8-487B-9850-B85BB9DA6E0C}" = rport=445 | protocol=6 | dir=out | app=system |

"{D88A5E88-0AD2-4960-AAFD-FF0A888D55A2}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |

"{E2C33794-1AF5-4D38-920C-21F35519A07F}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{004E3738-CDC0-4B15-AC4B-B6776DB69AA0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |

"{07560F03-301B-4C4B-A1B1-44E0D60F441B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{07DC13AA-347C-404E-A890-540EF6A400CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{0A853B35-D830-4C87-9B07-A8AA461ECFE6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{0B664FDE-B60E-42D6-B67C-75B877072A3D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |

"{108D38D9-7A4C-41C8-803E-5E9A288290BC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{12CC5CA9-0572-4963-A972-A2C29297EF32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{12EE0CF0-519D-487D-9159-CC347EA08260}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |

"{179738E1-A8F9-4D42-AB19-D56DAE76D394}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |

"{2327F8E9-7E0B-4808-9314-5AF8C247E3AB}" = protocol=6 | dir=out | app=system |

"{2A811522-8EFB-434A-926B-20A7D20FF821}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{2AE71CFA-2592-47FD-B0A5-CD780C1C8957}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |

"{2C130403-5A88-4DD1-AA24-62082805B147}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |

"{330C25AA-1DE3-4280-8D8D-9C31B7EA8640}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{33FCE934-57C7-48D1-AD6F-92A6AA629086}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"{34860F51-38C0-4C72-9DA7-3B662B6F7FE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{39DCAE41-EB5C-4774-895E-515B2C55E2E1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{3F4E7B45-C751-4090-949F-A4791BC1465B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |

"{41A85892-5AC5-4DC0-934E-0BFE65BAB57B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |

"{426179E7-44D1-4DB3-86A2-992DD0427CC9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{493123C4-0BD3-4911-A555-C202087A512C}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\nova pasta\src\system\conviction_game.exe |

"{536A0024-2C72-4CB5-9F40-3C8DC87C34CC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{5BFB9EAB-A140-4E41-AE2B-4AEA67353F87}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{5F7C5F5E-90EA-4541-AF92-9F6C7364E87B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{62C9B411-8591-45D0-AB84-BA87559634CC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{62CB59B8-7D58-4EB7-92B7-FE5A63140293}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |

"{64291EA8-D30F-44D7-A06F-81FC408C02CA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |

"{66817132-F83C-4F7E-A72C-E96D2FE22543}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |

"{6FE07353-DD56-4650-A99C-8EE0D80C6439}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{70B579A8-9679-4B03-93F3-B814DAA7347B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |

"{72253ABB-C681-41BB-A639-48F199EE43C6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{730F37B6-D118-405E-B1A7-AFBE7C37625C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{78467AF9-1BBC-4F29-868E-1B8B571E18D8}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\diablo-iii-8370-enus-installer\diablo iii\diablo iii.exe |

"{7C04A92D-2BC4-4461-B528-E154ED968160}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |

"{83744D09-B2D5-494C-AF5E-7FCA2A98335E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{8AB40E52-0B4B-4ED6-B2B4-0A5A964F35CC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |

"{8D625142-660D-462F-8342-3F7D6207CCD7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{90D3403F-3A8A-44EA-9E9D-3B3D5FEF4118}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{911228B1-FF8D-43D7-886E-9C6D7FDDA525}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{970604F1-3E99-429D-BDBD-43E456757FD9}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\diablo beta\diablo iii beta\diablo iii.exe |

"{998A3380-F316-45A7-A97A-3A7D10944B60}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{9B81F710-68A8-45BC-821B-5947AE1136B5}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\diablo beta\diablo iii beta\diablo iii.exe |

"{9DE8E7D9-EF4C-49E6-B3A8-8B042670E0B5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |

"{9E448822-1F92-494A-AC07-AA4CEED5A98A}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\league of legends\game\league of legends.exe |

"{A38374C3-3012-47D8-8979-E24EF0761C79}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{A45071D7-1CA2-427C-95B8-61ABA7BA95A8}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\league of legends\game\league of legends.exe |

"{A5C495F4-23E1-478B-81B5-132E13A639FE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |

"{ACB59C73-7643-468B-B584-3D3C26044FF6}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\nova pasta\src\system\conviction_game.exe |

"{B416FA50-3E3F-4799-90BB-43E156461B5A}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\nova pasta\src\system\gu.exe |

"{B6BC76AA-AB5F-431F-9A06-E19C273312DC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |

"{BB82073C-B920-4904-892A-DAFAAD969E07}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\diablo-iii-8370-enus-installer\diablo iii\diablo iii.exe |

"{BEB14167-12BD-4996-B7BE-02B7D3AEEBFD}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\league of legends\air\lolclient.exe |

"{C2A331BA-38C8-4090-B87F-C5EC8FD067D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{C6AABBFA-79F1-4EF9-8946-505F86F96C2A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{CCE1C8D2-EC38-4DC6-9424-3F476AA7D8A7}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\league of legends\air\lolclient.exe |

"{D0BABD9E-A0AC-4612-ADEB-8FF9B6B5AA11}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |

"{D338F469-EF71-4666-BC05-626215F930C0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |

"{D3BF4EEE-B2CD-498B-A217-6E8EEEB0730B}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |

"{DF907405-0941-40C1-A4C2-3E40571C9D92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{E137860E-FDE3-49A3-B3A2-79A3F64EA5E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{E56F2AA1-20E3-4C33-8D58-301F41093BB1}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\diablo 3 beta\diablo iii beta\diablo iii.exe |

"{E7C2520D-FBEB-4FC3-B112-3BFD1E581BFB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |

"{EA1907D4-33AF-41C6-96F0-67ECBEF6DD98}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\diablo 3 beta\diablo iii beta\diablo iii.exe |

"{EC6C143F-52A2-415C-93C5-D66318418445}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |

"{F720CC36-CF26-4DFF-8E5C-D8BF615F1492}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{F82AF56E-49A9-4235-AC03-C44810FFC1E5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{F993C8B8-738E-4659-8E09-B568CF3E6538}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{FAE0FC5A-00A0-4F8D-9D8C-47E531606D87}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\nova pasta\src\system\gu.exe |

"TCP Query User{060768D2-CBF0-4CA3-8F04-0D8BECF2D07A}D:\mgarrett\jogos\diablo-iii-8370-enus-installer-downloader.exe" = protocol=6 | dir=in | app=d:\mgarrett\jogos\diablo-iii-8370-enus-installer-downloader.exe |

"TCP Query User{0B9CBBB6-BDBB-45CD-8D7D-0DCB1F2CD4A5}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |

"TCP Query User{0CF60F7B-C2AE-4937-8CA6-845F0DB9B0A2}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

"TCP Query User{100C8C69-413B-43EB-BC9E-4E3E4002FC44}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

"TCP Query User{2C830CDC-D614-4A59-A3D5-FE63BEEE23A6}D:\mgarrett\jogos\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=d:\mgarrett\jogos\league of legends\lol.launcher.exe |

"TCP Query User{2D08C10F-18B0-4170-8E80-8FAB6B6EFE34}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |

"TCP Query User{2F978174-C051-4553-A520-14363A1F4FC9}D:\mgarrett\jogos\lineage2\system\l2.bin" = protocol=6 | dir=in | app=d:\mgarrett\jogos\lineage2\system\l2.bin |

"TCP Query User{40921313-F0A1-416A-B93F-67CAEBD836C1}D:\mgarrett\jogos\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=d:\mgarrett\jogos\modern warfare 2\iw4mp.exe |

"TCP Query User{64E66D73-F4AB-436C-8E08-4496CD1DE65F}C:\users\marcelo\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\marcelo\appdata\local\google\chrome\application\chrome.exe |

"TCP Query User{77E15D08-C33A-4A6E-A92D-65EB05082A6F}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |

"TCP Query User{784E8E24-7C9E-49B3-A680-816EB670F203}D:\mgarrett\jogos\cs\hl.exe" = protocol=6 | dir=in | app=d:\mgarrett\jogos\cs\hl.exe |

"TCP Query User{AC258BA3-43A4-4E18-B722-85A922B69888}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

"TCP Query User{C7EDF148-64E5-4F74-AAEE-3D5AEB2539B4}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |

"TCP Query User{F2076596-7292-4477-9E51-5C04CE13969A}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |

"TCP Query User{F63A7CA7-A1C9-44AE-99E9-38E3166C1E6F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

"UDP Query User{04DB6AB3-6718-41ED-B586-0F7836EFD9EF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

"UDP Query User{188031BB-7D50-4048-8BA9-3FE5CC974629}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |

"UDP Query User{1B4BCC10-A819-4521-A93F-19553F60FE84}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

"UDP Query User{39342DF8-BED2-47B8-8D7C-C7B73DE84E93}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

"UDP Query User{5082E0CE-8872-4802-ACCF-9BFF511BCB4F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

"UDP Query User{7151F61D-6F36-4A23-AF4A-209B219A62D3}D:\mgarrett\jogos\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=d:\mgarrett\jogos\modern warfare 2\iw4mp.exe |

"UDP Query User{71535260-B318-47A5-A08B-7D78917E7A4C}D:\mgarrett\jogos\lineage2\system\l2.bin" = protocol=17 | dir=in | app=d:\mgarrett\jogos\lineage2\system\l2.bin |

"UDP Query User{7E5B10C5-9705-4C3E-8426-EB0DDDC6C2A8}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |

"UDP Query User{9EC639F8-39EF-4718-8861-CF113632A1B9}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |

"UDP Query User{B85EB727-A2C6-460D-A484-27A492EB83EA}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |

"UDP Query User{B8FF0281-5A36-4E6A-BCDD-2E318851FD67}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |

"UDP Query User{C12096E1-D008-470C-A162-FE578D95BD9E}D:\mgarrett\jogos\cs\hl.exe" = protocol=17 | dir=in | app=d:\mgarrett\jogos\cs\hl.exe |

"UDP Query User{CB8CAE3A-9BC5-4E8C-9C1B-11CA0C61847F}D:\mgarrett\jogos\diablo-iii-8370-enus-installer-downloader.exe" = protocol=17 | dir=in | app=d:\mgarrett\jogos\diablo-iii-8370-enus-installer-downloader.exe |

"UDP Query User{E9DA462E-ADDA-4EAC-92ED-75FCA8A81536}D:\mgarrett\jogos\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=d:\mgarrett\jogos\league of legends\lol.launcher.exe |

"UDP Query User{F08601BD-1FC8-4F92-8A9F-3A622E708B39}C:\users\marcelo\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\marcelo\appdata\local\google\chrome\application\chrome.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{42CC891B-454A-AB88-3E31-5703A4CAA5C5}" = ATI Catalyst Install Manager

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO

"{B7693CDE-074B-301C-9584-FC4343696C8B}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack

"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support

"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center

"{DD6A6B0A-7F7D-7748-43B4-BF42CC779F0B}" = ccc-utility64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.8.0

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

"USB_AUDIO_DEusb-audio.deBehringer2902" = BEHRINGER USB AUDIO DRIVER

"WinRAR archiver" = Arquivo do WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{202F2838-156B-FC76-013F-9241B9673F39}" = CCC Help Thai

"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 26

"{325ED81A-EC15-7CE8-729B-0392A1DD3854}" = CCC Help Czech

"{3A9D04F7-80CA-4755-97EC-6025B515A6B8}" = League of Legends

"{3CCA23DD-CEDA-CC7F-C74C-4D1EDAE919AA}" = Catalyst Control Center Graphics Full New

"{42DD2173-B7CA-8AB3-8AC2-40DFE2CA6FBC}" = CCC Help German

"{430DD2C5-65FD-9781-F9F2-693CAF05CD10}" = Catalyst Control Center InstallProxy

"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials

"{49B8916D-1DEA-F18A-731F-BF0FE209C63B}" = CCC Help Chinese Standard

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4EEAF8D8-CB79-06CA-A566-EAC1726DAABB}" = CCC Help Finnish

"{540DB82A-EE11-BBC1-8BD8-BB7D937A53A4}" = CCC Help Hungarian

"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5882396B-9FB3-37AC-1AE1-5EA344BD7705}" = Catalyst Control Center Graphics Previews Vista

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5BA149D9-D5FA-5AB3-400B-9F1BF424B7CE}" = CCC Help Chinese Traditional

"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher

"{642F96CC-1D3B-20DE-8673-44EE15B3DC2F}" = CCC Help Portuguese

"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6D26ACF9-4919-0744-C509-28EAF53112D4}" = CCC Help Dutch

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71256374-2053-CF0F-BD54-20082980B95C}" = Catalyst Control Center Graphics Full Existing

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{737D8F4D-24D4-D626-DEC0-9E39A6166890}" = CCC Help Danish

"{74B705C2-173A-FFD1-98BC-AD5FB647AB38}" = CCC Help Polish

"{784BDC03-2D22-BCAE-5CAC-84AFA799FBDE}" = CCC Help Turkish

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8572CE7D-46B0-70B3-96CD-534F07B35F5D}" = CCC Help Italian

"{87544F2E-CCA5-01BC-AEBC-D8C1D759EE61}" = CCC Help English

"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0416-1000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90B38901-52C8-85A7-D6C8-9A5592C9FCAA}" = CCC Help Greek

"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends

"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware

"{9582DC6C-2038-00B3-CC1A-41500CEEE8F5}" = Desafio Sebrae 2012

"{9648D00F-0589-619B-6114-BF2A0620168B}" = CCC Help Korean

"{9805E4EE-9B66-CABD-AF6B-4B84F2A8EF46}" = Skins

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9AC34FA1-BCDE-1D09-5DB7-EB6A064FDEA9}" = CCC Help Spanish

"{9B973FC0-E71F-6F89-10D6-1BFD063D1707}" = CCC Help Swedish

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding

"{A3979A05-6834-D0A7-75CD-71B5A9E5F4C0}" = Catalyst Control Center Localization All

"{A6F21795-E629-35B2-9487-00A8363B28AA}" = Catalyst Control Center Graphics Light

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AC76BA86-7AD7-1046-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Português

"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{C0AD2831-3398-A078-CBEB-39A6B381BB56}" = CCC Help Japanese

"{C18A02EC-966B-E7A7-9AC9-082F770ABF9B}" = CCC Help Russian

"{C7E636D6-835D-4EBA-87B5-412F857D7470}" = Creative Docs .NET

"{C9C390CC-F9B9-EFE8-27DF-6EB7FF8F8760}" = CCC Help Norwegian

"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger

"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime

"{CD431A7B-88D8-0823-E66F-CCFAEA6DA7B4}" = ccc-core-static

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D6DA6836-77C2-5338-10E3-D7A6CD65681D}" = Catalyst Control Center Core Implementation

"{DA8F979E-43B9-3EEC-721C-F297D9509992}" = Catalyst Control Center Graphics Previews Common

"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =

"{FE0782BC-7AB0-CF6A-6E38-D3040462C7EC}" = CCC Help French

"8461-7759-5462-8226" = Vuze

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"avast" = avast! Free Antivirus

"CCleaner" = CCleaner (remove only)

"Diablo III" = Diablo III

"Ds" = Desafio Sebrae 2012

"ENTERPRISE" = Microsoft Office Enterprise 2007

"GT-6FxFloorboard" = GT-6FxFloorboard 20120215

"Guitar Pro 5_is1" = Guitar Pro 5.2

"JDownloader" = JDownloader

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.65.0.1400

"Mozilla Firefox 15.0.1 (x86 pt-BR)" = Mozilla Firefox 15.0.1 (x86 pt-BR)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"USB_AUDIO_DEusb-audio.deBehringer2902" = BEHRINGER USB AUDIO DRIVER

"Winamp" = Winamp (remove only)

"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Counter-Strike" = Counter-Strike

"Google Chrome" = Google Chrome

"NCsoft-Lineage2" = Lineage II

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 10/09/2012 16:38:19 | Computer Name = Marcelo-PC | Source = Lavasoft Ad-Aware Service | ID = 0

Description =

Error - 11/09/2012 01:16:37 | Computer Name = Marcelo-PC | Source = EventSystem | ID = 4621

Description =

Error - 11/09/2012 20:40:08 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot

- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva

c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor

"*" do atributo language no elemento assemblyIdentity é inválido.

Error - 12/09/2012 17:54:19 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot

- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva

c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor

"*" do atributo language no elemento assemblyIdentity é inválido.

Error - 12/09/2012 19:53:07 | Computer Name = Marcelo-PC | Source = Application Hang | ID = 1002

Description = O programa LolClient.exe versão 2.0.2.12610 parou de interagir com

o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema,

verifique o histórico de problemas no painel de controle da Central de Ações. ID

de Processo: dc0 Hora de Início: 01cd9138c5eb2500 Hora de Término: 20 Caminho do Aplicativo:

D:\MGarrett\Jogos\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.198\deploy\LolClient.exe

Id

do Relatório: fda73d7c-fd34-11e1-9380-00214fbf826d

Error - 13/09/2012 00:25:03 | Computer Name = Marcelo-PC | Source = EventSystem | ID = 4621

Description =

Error - 13/09/2012 04:30:10 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot

- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva

c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor

"*" do atributo language no elemento assemblyIdentity é inválido.

Error - 13/09/2012 06:40:04 | Computer Name = Marcelo-PC | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: ThreatWork.exe, versão: 9.0.0.0, carimbo

de hora: 0x4ea67fc0 Nome do módulo de falhas: MSVCR90.dll, versão: 9.0.30729.6161,

carimbo de hora: 0x4dace5b9 Código de exceção: 0x40000015 Deslocamento com falha:

0x0005beae Identificação do processo com falha: 0x8e4 Hora de início do aplicativo

com falha: 0x01cd9186d38ce92b Caminho do aplicativo com falha: C:\Program Files

(x86)\Lavasoft\Ad-Aware\ThreatWork.exe FCaminho do módulo de falhas: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll

Identificação

do Relatório: 6060decc-fd8f-11e1-9ec4-00214fbf826d

Error - 13/09/2012 23:49:08 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot

- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva

c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor

"*" do atributo language no elemento assemblyIdentity é inválido.

Error - 14/09/2012 23:32:02 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot

- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva

c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor

"*" do atributo language no elemento assemblyIdentity é inválido.

[ System Events ]

Error - 13/09/2012 00:26:12 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: DMICall

Error - 13/09/2012 18:28:19 | Computer Name = Marcelo-PC | Source = Application Popup | ID = 1060

Description = \SystemRoot\SysWow64\DRIVERS\DMICall.sys foi impedido de carregar

devido a uma incompatibilidade com este sistema. Contate o fornecedor do software

para obter uma versão compatível do driver.

Error - 13/09/2012 18:28:32 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço eamonm devido ao seguinte erro:

%%2

Error - 13/09/2012 18:28:45 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: DMICall

Error - 13/09/2012 18:29:36 | Computer Name = Marcelo-PC | Source = DCOM | ID = 10010

Description =

Error - 14/09/2012 17:43:13 | Computer Name = Marcelo-PC | Source = Application Popup | ID = 1060

Description = \SystemRoot\SysWow64\DRIVERS\DMICall.sys foi impedido de carregar

devido a uma incompatibilidade com este sistema. Contate o fornecedor do software

para obter uma versão compatível do driver.

Error - 14/09/2012 17:43:24 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço eamonm devido ao seguinte erro:

%%2

Error - 14/09/2012 17:44:04 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7009

Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão

do serviço Apple Mobile Device.

Error - 14/09/2012 17:44:04 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Apple Mobile Device devido ao seguinte

erro: %%1053

Error - 14/09/2012 17:44:16 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: DMICall

< End of report >

  • E em anexo segue o log OTL.txt

Obrigado.

OTL.Txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Como está o seu computador?

Faça o download do Security Check by screen317 clicando aqui ou aqui.

  • Salve no seu Desktop.
  • De um duplo clique no arquivo Securitycheck.exe e siga as instruções da tela.
  • Um bloco de notas será aberto automaticamente com o nome de checkup.txt; Poste o resultado deste documento.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Meu computador tem funcionado normalmente.

Tenho evitado usá-lo mas os sites que estavam com aquele problema relatado no início voltaram a funcionar normalmente, inexplicavelmente.

segue o log:

Results of screen317's Security Check version 0.99.50

Windows 7 x64 (UAC is enabled)

Out of date service pack!!

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Lavasoft Ad-Watch Live! Anti-Virus

avast! Antivirus

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Ad-Aware

Spybot - Search & Destroy

Malwarebytes Anti-Malware versão 1.65.0.1400

CCleaner (remove only)

Java 6 Update 26

Java version out of Date!

Adobe Flash Player 11.3.300.271 Flash Player out of Date!

Adobe Reader X 10.1.0 Adobe Reader out of Date!

Mozilla Firefox (15.0.1)

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

````````Process Check: objlist.exe by Laurent````````

Ad-Aware AAWService.exe

Ad-Aware AAWTray.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes Anti-Malware mbam.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

AVAST Software Avast AvastSvc.exe

AVAST Software Avast AvastUI.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: =

````````````````````End of Log``````````````````````

Att.

Compartilhar este post


Link para o post
Compartilhar em outros sites

  • Abra o OTL e clique no botão UQC5f.png
    Feche o OTL.
  • Faça o Download do Ccleaner Slim
    Se desejar, leia o tutorial do programa:
    http://linhadefensiv...showtopic=12395
    • Instale o programa
    • Clique em Registro > procurar erros > corrigir erros selecionados.
    • Depois, clique em Limpador > analisar > executar limpeza.

    [*]AdobeReader.png Atualize o Adobe Reader. Versões antigas têm vulnerabilidades que são exploradas por malwares.

    Remova a versão mais antiga do Adobe Reader e clique aqui para instalar a mais nova versão.

    [*]java2.png Versões antigas do Java, têm vulnerabilidades que alguns malwares podem usar para infectar seu sistema. Verifique se o seu sistema tem a última versão instalada:

    • Acesse o site Java.com/Download. Clique na opção Tenho o java?
    • Aguarde o site analisar qual é a sua versão do Java.
    • Se a versão for antiga, será oferecido o download da mais nova versão.
    • Clique em Faça o download do Java agora e instale a nova versão do Java.

    [*]Atualize o Flash Player:

    http://get.adobe.com/br/flashplayer/

    [*]Execute o Windows update para atualizar o seu sistema operacional:

    http://www.update.mi...r&&thankspage=5

    [*]Leia o artigo Proteja seu PC para maiores informações sobre como evitar infecções;

    [*]Se não há mais nenhum problema relacionado a malwares, clique no botão xQn5I.png e diga que o seu caso foi resolvido

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá.

O PC não apresenta mais aqueles sintomas do início, apenas percebo que o browser está mais lento que o de costume.

Executei todas as ações.

Agradeço pela atenção dispendida.

Um abraço!

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO


Caso queira solicitar a reabertura do tópico, utilize o botão Denunciar para entrar em contato com a moderação.

Nota: Somente o autor pode realizar essa solicitação na área Remoção de Malware.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  
Seguidores 0

  • Quem Está Navegando   0 membros estão online

    Nenhum usuário registrado visualizando esta página.