Ir para conteúdo

Foto

Provavel Virus


Este tópico foi arquivado. Isto significa que você não pode mais responder ao tópico.
9 respostas neste tópico

#1
Maloid

Maloid

    Novato

  • Novato
  • Pip
  • 10 posts
Olá.

O problema começou ontem. Estava acessando páginas normalmente e começou de repente quando tenntei acessar o YouTube e ocorreu um erro dizendo que precisava de uma atualização do Java Security Defencer e uma janela de download do arquivo jxpiinstall.exe, o qual baixei, mas não executei, passei antivirus e o Ad-Ware o identificou como malicioso e o excluiu. Depois fiz escaneamento no PC com o Avast, Ad-ware, Bankerfix e Malwarebytes e nada foi encontrado. Hoje tentei acessar o Youtube novamente e o erro continua, porém, agora o arquivo que aparece é outro avast_internet_security_setup.exe.

Peço ajuda.

Segue log do Hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 20:12:31, on 13/09/2012
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\Users\Marcelo\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.10.254:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

#2
killer

killer

    Assistente Emérito

  • Emérito
  • 11.382 posts
Olá,

Você configurou esse proxy no Internet Explorer?

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.10.254:3128


Faça o download do BankerFix:
http://www.linhadefe...rg/dl/bankerfix

** Usuários do Windows Vista e Windows 7:
Clique com o direito sobre o arquivo, depois clique em Imagem Postada Executar como administrador


Importante: A ferramenta irá finalizar o Internet Explorer. Salve qualquer link que você precisa acessar depois antes de executá-la.

Dê dois cliques no bankerfix.exe para executá-lo.

Clique em OK na primeira e [CANCELAR] na segunda tela para impedir a execução do BankerFix.

Feito isso, vá em C:\LinhaDefensiva\ e execute o arquivo Iniciar-Bankerfix.vbs. Confirme que deseja atualizar o software e em [OK] para executar o software.

Quando ele executar, aparecerá uma tela preta pedindo para que aperte qualquer tecla. Tecle Enter e espere ele terminar. Pode levar algum tempo.

Ao terminar, leia a mensagem na tela e aperte Enter novamente. Quando ele terminar, poste o arquivo relatorio.txt localizado em: C:\LinhaDefensiva\relatorio.txt

- Linha Defensiva no FaceBook
Twitter Linha Defensiva Khan Academy

st-cs.jpg
Não abandone o seu tópico, alguém dedicou parte do seu tempo para ajudá-lo!


#3
Maloid

Maloid

    Novato

  • Novato
  • Pip
  • 10 posts
Olá.

Não configurei nenhum proxi.

Não sei como, mas o Youtube voltou a funcionar hoje.

O relatório do bankerfix mostrou apenas isso:

BankerFix 3.5 VALKYRIE - Removedor de Bankers
Linha Defensiva | http://www.linhadefensiva.org
http://www.linhadefe....org/bankerfix/
-------------------------------------------------------
Data: 2012-09-14 - 18:48
-------------------------------------------------------
Lista de Definição: 2012-08-22-1 | CORE: 2012-08-22-6
=======================================================



----- Fim -------------------------


Att.

#4
killer

killer

    Assistente Emérito

  • Emérito
  • 11.382 posts
Faça o download do Malwarebytes Anti-Malware
http://download.cnet...4-10804572.html

  • Faça a instalação dando um duplo clique em mbam-setup.exe.
  • Marque Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em Concluir.
    OBS: Se você tiver problemas ao atualizar o MalwareBytes' Anti-Malware. Baixe a atualização manualmente aqui e de um duplo clique em mbam-rules.exe para instalar.
  • Marque Verificação Completa e depois clique em Verificar.
  • Quando o scan terminar, clique em Ok e em Mostrar Resultados para ver o log.
  • Se algo for detectado, veja se tudo está marcado e clique em Remover.
  • O log é automaticamente gravado e pode ser consultado clicando em Logs do menu principal do programa.
  • Copie e cole o conteúdo desse log na sua próxima resposta.

Em seguida:

Baixe OTL by OldTimer, e salve na sua área de trabalho.

** Usuários do Windows Vista e Windows 7:
Clique com o direito sobre o arquivo, depois clique em Imagem Postada


Feche todas as janelas e execute a ferramenta.
Onde diz Saída, marque Padrão
Marque também estas opções:
  • Usar WhiteList para Nomes de Companhias.
  • Verificar Lop
  • Verificar Purity

Selecione estas linhas em vermelho, clique com o direito sobre a seleção, e escolha a opção copiar

drives
netsvcs
%SYSTEMDRIVE%\*.*
%systemdrive%\drivers\*.exe
%systemroot%\system32\drivers\*.* /90
%PROGRAMFILES%(x86)\*.*
%LOCALAPPDATA%\*.exe
%LOCALAPPDATA%\*.txt
%LOCALAPPDATA%\*.ini
%LOCALAPPDATA%\*.dll
%LOCALAPPDATA%\*.dat
%USERPROFILE%\*.exe
%USERPROFILE%\*.txt
%USERPROFILE%\*.ini
%USERPROFILE%\*.dll
%USERPROFILE%\*.dat /30
C:\windows\system32\Tasks\*.* /s /64
%windir%\tasks\*.*
CREATERESTOREPOINT
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
%systemdrive%\$Recycle.Bin|@;true;true;true



Volte ao programa, clique com o direito em qualquer parte branca da sessão Exames Personalizados/Correções e escolha colar

Clique no botão Verificar

Não modifique nenhuma outra configuração, a menos que tenha sido orientado (a) a fazer isso.

O exame demora um pouco, tenha paciência.

Quando terminar, dois blocos de notas serão exibidos: OTL.txt e Extras.txt
Ambos ficarão salvos dentro do mesmo diretório onde está o OTL.exe, ou seja, na sua área de trabalho.

Copie todo o conteúdo do Extras.txt e cole na sua resposta.
Anexe o arquivo OTL.txt

OBS: Caso os logs fiquem muito grandes e exceda o limite do forum, envie-os para um arquivo .zip ou .rar e anexe-os à sua resposta.

:legal:

- Linha Defensiva no FaceBook
Twitter Linha Defensiva Khan Academy

st-cs.jpg
Não abandone o seu tópico, alguém dedicou parte do seu tempo para ajudá-lo!


#5
Maloid

Maloid

    Novato

  • Novato
  • Pip
  • 10 posts
Olá.

Feito.
  • Segue o log do Anti-Malware:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Versão da Base de Dados: v2012.09.10.04

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Marcelo :: MARCELO-PC [administrador]

15/09/2012 15:33:39
mbam-log-2012-09-15 (15-33-39).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 413956
Tempo decorrido: 49 minuto(s), 16 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)

(fim)
  • Segue log Extras.txt
OTL Extras logfile created on: 15/09/2012 16:43:11 - Run 1
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Marcelo\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,51% Memory free
7,93 Gb Paging File | 6,01 Gb Available in Paging File | 75,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,08 Gb Total Space | 0,61 Gb Free Space | 1,79% Space Free | Partition Type: NTFS
Drive D: | 239,26 Gb Total Space | 159,72 Gb Free Space | 66,76% Space Free | Partition Type: NTFS

Computer Name: MARCELO-PC | User Name: Marcelo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15385136-083A-444B-ABBD-44C2E3D07E10}" = lport=445 | protocol=6 | dir=in | app=system |
"{17FCA197-7EAB-4D05-89B3-124457F92E98}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21746ADD-5A31-4510-8377-6575B191D5C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2C72ED2D-7D64-4831-BD7F-5C669CF681DC}" = rport=139 | protocol=6 | dir=out | app=system |
"{2D005AB0-1CF0-45BA-967A-72E9FAF857D6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FD9B15B-08E7-43E6-A1D9-4813A4F68E91}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{34408E38-5538-4D99-A481-1C360CF324B7}" = lport=137 | protocol=17 | dir=in | app=system |
"{3D952DA3-7D62-477F-8570-B2341F38E595}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3DCEE59F-C9D2-40DE-9B7F-140F7BBD68AE}" = lport=138 | protocol=17 | dir=in | app=system |
"{5AB99898-8B20-4114-A292-8EAFBA7E1BFB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5E4538C5-ACAF-4C0A-AD13-8B70135AD175}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6E172356-AFFD-419D-AA7A-64935E47B685}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D1D63CE-00C8-4882-B802-3DC8D7B77E92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7E0AA2A3-2939-4612-992D-E85C402DC087}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8AA830D6-A2F1-4E1C-83DD-9E4A8BA66BD0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{91B89AC9-0D85-4D2E-8D42-0C06E31487F0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9461C7B7-1229-4A6B-89B6-C82190D357C2}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |
"{B2936F1C-3B0E-4F31-9267-6A651815D0F3}" = lport=139 | protocol=6 | dir=in | app=system |
"{B3F1832D-FAC9-42ED-A57B-44AE87CFCAEE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B4FD6159-1594-4E54-8071-909038B3789D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B8A6B4A5-29CE-47B8-8C35-6F1057329705}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BCCBE9D6-126E-4635-9E92-AA9FAF307E0F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BD1E0858-B0E9-413F-B5DB-9EC1489FAC01}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BF5A12A1-D75C-416C-A485-F291FC004A7E}" = rport=138 | protocol=17 | dir=out | app=system |
"{C0371D72-6D38-4586-8FA0-6521CEE9B41C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C37D94BA-A1B8-487B-9850-B85BB9DA6E0C}" = rport=445 | protocol=6 | dir=out | app=system |
"{D88A5E88-0AD2-4960-AAFD-FF0A888D55A2}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |
"{E2C33794-1AF5-4D38-920C-21F35519A07F}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004E3738-CDC0-4B15-AC4B-B6776DB69AA0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{07560F03-301B-4C4B-A1B1-44E0D60F441B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{07DC13AA-347C-404E-A890-540EF6A400CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0A853B35-D830-4C87-9B07-A8AA461ECFE6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0B664FDE-B60E-42D6-B67C-75B877072A3D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{108D38D9-7A4C-41C8-803E-5E9A288290BC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12CC5CA9-0572-4963-A972-A2C29297EF32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12EE0CF0-519D-487D-9159-CC347EA08260}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{179738E1-A8F9-4D42-AB19-D56DAE76D394}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{2327F8E9-7E0B-4808-9314-5AF8C247E3AB}" = protocol=6 | dir=out | app=system |
"{2A811522-8EFB-434A-926B-20A7D20FF821}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2AE71CFA-2592-47FD-B0A5-CD780C1C8957}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{2C130403-5A88-4DD1-AA24-62082805B147}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{330C25AA-1DE3-4280-8D8D-9C31B7EA8640}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{33FCE934-57C7-48D1-AD6F-92A6AA629086}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{34860F51-38C0-4C72-9DA7-3B662B6F7FE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{39DCAE41-EB5C-4774-895E-515B2C55E2E1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3F4E7B45-C751-4090-949F-A4791BC1465B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{41A85892-5AC5-4DC0-934E-0BFE65BAB57B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{426179E7-44D1-4DB3-86A2-992DD0427CC9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{493123C4-0BD3-4911-A555-C202087A512C}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\nova pasta\src\system\conviction_game.exe |
"{536A0024-2C72-4CB5-9F40-3C8DC87C34CC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5BFB9EAB-A140-4E41-AE2B-4AEA67353F87}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5F7C5F5E-90EA-4541-AF92-9F6C7364E87B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{62C9B411-8591-45D0-AB84-BA87559634CC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{62CB59B8-7D58-4EB7-92B7-FE5A63140293}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{64291EA8-D30F-44D7-A06F-81FC408C02CA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{66817132-F83C-4F7E-A72C-E96D2FE22543}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{6FE07353-DD56-4650-A99C-8EE0D80C6439}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{70B579A8-9679-4B03-93F3-B814DAA7347B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{72253ABB-C681-41BB-A639-48F199EE43C6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{730F37B6-D118-405E-B1A7-AFBE7C37625C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{78467AF9-1BBC-4F29-868E-1B8B571E18D8}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\diablo-iii-8370-enus-installer\diablo iii\diablo iii.exe |
"{7C04A92D-2BC4-4461-B528-E154ED968160}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{83744D09-B2D5-494C-AF5E-7FCA2A98335E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8AB40E52-0B4B-4ED6-B2B4-0A5A964F35CC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{8D625142-660D-462F-8342-3F7D6207CCD7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{90D3403F-3A8A-44EA-9E9D-3B3D5FEF4118}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{911228B1-FF8D-43D7-886E-9C6D7FDDA525}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{970604F1-3E99-429D-BDBD-43E456757FD9}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\diablo beta\diablo iii beta\diablo iii.exe |
"{998A3380-F316-45A7-A97A-3A7D10944B60}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B81F710-68A8-45BC-821B-5947AE1136B5}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\diablo beta\diablo iii beta\diablo iii.exe |
"{9DE8E7D9-EF4C-49E6-B3A8-8B042670E0B5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{9E448822-1F92-494A-AC07-AA4CEED5A98A}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\league of legends\game\league of legends.exe |
"{A38374C3-3012-47D8-8979-E24EF0761C79}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A45071D7-1CA2-427C-95B8-61ABA7BA95A8}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\league of legends\game\league of legends.exe |
"{A5C495F4-23E1-478B-81B5-132E13A639FE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{ACB59C73-7643-468B-B584-3D3C26044FF6}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\nova pasta\src\system\conviction_game.exe |
"{B416FA50-3E3F-4799-90BB-43E156461B5A}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\nova pasta\src\system\gu.exe |
"{B6BC76AA-AB5F-431F-9A06-E19C273312DC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{BB82073C-B920-4904-892A-DAFAAD969E07}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\diablo-iii-8370-enus-installer\diablo iii\diablo iii.exe |
"{BEB14167-12BD-4996-B7BE-02B7D3AEEBFD}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\league of legends\air\lolclient.exe |
"{C2A331BA-38C8-4090-B87F-C5EC8FD067D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C6AABBFA-79F1-4EF9-8946-505F86F96C2A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CCE1C8D2-EC38-4DC6-9424-3F476AA7D8A7}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\league of legends\air\lolclient.exe |
"{D0BABD9E-A0AC-4612-ADEB-8FF9B6B5AA11}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{D338F469-EF71-4666-BC05-626215F930C0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{D3BF4EEE-B2CD-498B-A217-6E8EEEB0730B}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{DF907405-0941-40C1-A4C2-3E40571C9D92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E137860E-FDE3-49A3-B3A2-79A3F64EA5E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E56F2AA1-20E3-4C33-8D58-301F41093BB1}" = protocol=17 | dir=in | app=d:\mgarrett\jogos\diablo 3 beta\diablo iii beta\diablo iii.exe |
"{E7C2520D-FBEB-4FC3-B112-3BFD1E581BFB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{EA1907D4-33AF-41C6-96F0-67ECBEF6DD98}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\diablo 3 beta\diablo iii beta\diablo iii.exe |
"{EC6C143F-52A2-415C-93C5-D66318418445}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{F720CC36-CF26-4DFF-8E5C-D8BF615F1492}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F82AF56E-49A9-4235-AC03-C44810FFC1E5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F993C8B8-738E-4659-8E09-B568CF3E6538}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FAE0FC5A-00A0-4F8D-9D8C-47E531606D87}" = protocol=6 | dir=in | app=d:\mgarrett\jogos\nova pasta\src\system\gu.exe |
"TCP Query User{060768D2-CBF0-4CA3-8F04-0D8BECF2D07A}D:\mgarrett\jogos\diablo-iii-8370-enus-installer-downloader.exe" = protocol=6 | dir=in | app=d:\mgarrett\jogos\diablo-iii-8370-enus-installer-downloader.exe |
"TCP Query User{0B9CBBB6-BDBB-45CD-8D7D-0DCB1F2CD4A5}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{0CF60F7B-C2AE-4937-8CA6-845F0DB9B0A2}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{100C8C69-413B-43EB-BC9E-4E3E4002FC44}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{2C830CDC-D614-4A59-A3D5-FE63BEEE23A6}D:\mgarrett\jogos\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=d:\mgarrett\jogos\league of legends\lol.launcher.exe |
"TCP Query User{2D08C10F-18B0-4170-8E80-8FAB6B6EFE34}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{2F978174-C051-4553-A520-14363A1F4FC9}D:\mgarrett\jogos\lineage2\system\l2.bin" = protocol=6 | dir=in | app=d:\mgarrett\jogos\lineage2\system\l2.bin |
"TCP Query User{40921313-F0A1-416A-B93F-67CAEBD836C1}D:\mgarrett\jogos\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=d:\mgarrett\jogos\modern warfare 2\iw4mp.exe |
"TCP Query User{64E66D73-F4AB-436C-8E08-4496CD1DE65F}C:\users\marcelo\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\marcelo\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{77E15D08-C33A-4A6E-A92D-65EB05082A6F}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{784E8E24-7C9E-49B3-A680-816EB670F203}D:\mgarrett\jogos\cs\hl.exe" = protocol=6 | dir=in | app=d:\mgarrett\jogos\cs\hl.exe |
"TCP Query User{AC258BA3-43A4-4E18-B722-85A922B69888}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{C7EDF148-64E5-4F74-AAEE-3D5AEB2539B4}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{F2076596-7292-4477-9E51-5C04CE13969A}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{F63A7CA7-A1C9-44AE-99E9-38E3166C1E6F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{04DB6AB3-6718-41ED-B586-0F7836EFD9EF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{188031BB-7D50-4048-8BA9-3FE5CC974629}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{1B4BCC10-A819-4521-A93F-19553F60FE84}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{39342DF8-BED2-47B8-8D7C-C7B73DE84E93}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{5082E0CE-8872-4802-ACCF-9BFF511BCB4F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{7151F61D-6F36-4A23-AF4A-209B219A62D3}D:\mgarrett\jogos\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=d:\mgarrett\jogos\modern warfare 2\iw4mp.exe |
"UDP Query User{71535260-B318-47A5-A08B-7D78917E7A4C}D:\mgarrett\jogos\lineage2\system\l2.bin" = protocol=17 | dir=in | app=d:\mgarrett\jogos\lineage2\system\l2.bin |
"UDP Query User{7E5B10C5-9705-4C3E-8426-EB0DDDC6C2A8}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{9EC639F8-39EF-4718-8861-CF113632A1B9}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{B85EB727-A2C6-460D-A484-27A492EB83EA}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{B8FF0281-5A36-4E6A-BCDD-2E318851FD67}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{C12096E1-D008-470C-A162-FE578D95BD9E}D:\mgarrett\jogos\cs\hl.exe" = protocol=17 | dir=in | app=d:\mgarrett\jogos\cs\hl.exe |
"UDP Query User{CB8CAE3A-9BC5-4E8C-9C1B-11CA0C61847F}D:\mgarrett\jogos\diablo-iii-8370-enus-installer-downloader.exe" = protocol=17 | dir=in | app=d:\mgarrett\jogos\diablo-iii-8370-enus-installer-downloader.exe |
"UDP Query User{E9DA462E-ADDA-4EAC-92ED-75FCA8A81536}D:\mgarrett\jogos\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=d:\mgarrett\jogos\league of legends\lol.launcher.exe |
"UDP Query User{F08601BD-1FC8-4F92-8A9F-3A622E708B39}C:\users\marcelo\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\marcelo\appdata\local\google\chrome\application\chrome.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{42CC891B-454A-AB88-3E31-5703A4CAA5C5}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{B7693CDE-074B-301C-9584-FC4343696C8B}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{DD6A6B0A-7F7D-7748-43B4-BF42CC779F0B}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"USB_AUDIO_DEusb-audio.deBehringer2902" = BEHRINGER USB AUDIO DRIVER
"WinRAR archiver" = Arquivo do WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{202F2838-156B-FC76-013F-9241B9673F39}" = CCC Help Thai
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 26
"{325ED81A-EC15-7CE8-729B-0392A1DD3854}" = CCC Help Czech
"{3A9D04F7-80CA-4755-97EC-6025B515A6B8}" = League of Legends
"{3CCA23DD-CEDA-CC7F-C74C-4D1EDAE919AA}" = Catalyst Control Center Graphics Full New
"{42DD2173-B7CA-8AB3-8AC2-40DFE2CA6FBC}" = CCC Help German
"{430DD2C5-65FD-9781-F9F2-693CAF05CD10}" = Catalyst Control Center InstallProxy
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{49B8916D-1DEA-F18A-731F-BF0FE209C63B}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EEAF8D8-CB79-06CA-A566-EAC1726DAABB}" = CCC Help Finnish
"{540DB82A-EE11-BBC1-8BD8-BB7D937A53A4}" = CCC Help Hungarian
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5882396B-9FB3-37AC-1AE1-5EA344BD7705}" = Catalyst Control Center Graphics Previews Vista
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BA149D9-D5FA-5AB3-400B-9F1BF424B7CE}" = CCC Help Chinese Traditional
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{642F96CC-1D3B-20DE-8673-44EE15B3DC2F}" = CCC Help Portuguese
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D26ACF9-4919-0744-C509-28EAF53112D4}" = CCC Help Dutch
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71256374-2053-CF0F-BD54-20082980B95C}" = Catalyst Control Center Graphics Full Existing
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{737D8F4D-24D4-D626-DEC0-9E39A6166890}" = CCC Help Danish
"{74B705C2-173A-FFD1-98BC-AD5FB647AB38}" = CCC Help Polish
"{784BDC03-2D22-BCAE-5CAC-84AFA799FBDE}" = CCC Help Turkish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8572CE7D-46B0-70B3-96CD-534F07B35F5D}" = CCC Help Italian
"{87544F2E-CCA5-01BC-AEBC-D8C1D759EE61}" = CCC Help English
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007
"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0416-1000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90B38901-52C8-85A7-D6C8-9A5592C9FCAA}" = CCC Help Greek
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware
"{9582DC6C-2038-00B3-CC1A-41500CEEE8F5}" = Desafio Sebrae 2012
"{9648D00F-0589-619B-6114-BF2A0620168B}" = CCC Help Korean
"{9805E4EE-9B66-CABD-AF6B-4B84F2A8EF46}" = Skins
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AC34FA1-BCDE-1D09-5DB7-EB6A064FDEA9}" = CCC Help Spanish
"{9B973FC0-E71F-6F89-10D6-1BFD063D1707}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A3979A05-6834-D0A7-75CD-71B5A9E5F4C0}" = Catalyst Control Center Localization All
"{A6F21795-E629-35B2-9487-00A8363B28AA}" = Catalyst Control Center Graphics Light
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1046-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Português
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C0AD2831-3398-A078-CBEB-39A6B381BB56}" = CCC Help Japanese
"{C18A02EC-966B-E7A7-9AC9-082F770ABF9B}" = CCC Help Russian
"{C7E636D6-835D-4EBA-87B5-412F857D7470}" = Creative Docs .NET
"{C9C390CC-F9B9-EFE8-27DF-6EB7FF8F8760}" = CCC Help Norwegian
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CD431A7B-88D8-0823-E66F-CCFAEA6DA7B4}" = ccc-core-static
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6DA6836-77C2-5338-10E3-D7A6CD65681D}" = Catalyst Control Center Core Implementation
"{DA8F979E-43B9-3EEC-721C-F297D9509992}" = Catalyst Control Center Graphics Previews Common
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FE0782BC-7AB0-CF6A-6E38-D3040462C7EC}" = CCC Help French
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner (remove only)
"Diablo III" = Diablo III
"Ds" = Desafio Sebrae 2012
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GT-6FxFloorboard" = GT-6FxFloorboard 20120215
"Guitar Pro 5_is1" = Guitar Pro 5.2
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.65.0.1400
"Mozilla Firefox 15.0.1 (x86 pt-BR)" = Mozilla Firefox 15.0.1 (x86 pt-BR)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"USB_AUDIO_DEusb-audio.deBehringer2902" = BEHRINGER USB AUDIO DRIVER
"Winamp" = Winamp (remove only)
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike" = Counter-Strike
"Google Chrome" = Google Chrome
"NCsoft-Lineage2" = Lineage II

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/09/2012 16:38:19 | Computer Name = Marcelo-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 11/09/2012 01:16:37 | Computer Name = Marcelo-PC | Source = EventSystem | ID = 4621
Description =

Error - 11/09/2012 20:40:08 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815
Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva
c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor
"*" do atributo language no elemento assemblyIdentity é inválido.

Error - 12/09/2012 17:54:19 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815
Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva
c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor
"*" do atributo language no elemento assemblyIdentity é inválido.

Error - 12/09/2012 19:53:07 | Computer Name = Marcelo-PC | Source = Application Hang | ID = 1002
Description = O programa LolClient.exe versão 2.0.2.12610 parou de interagir com
o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema,
verifique o histórico de problemas no painel de controle da Central de Ações. ID
de Processo: dc0 Hora de Início: 01cd9138c5eb2500 Hora de Término: 20 Caminho do Aplicativo:
D:\MGarrett\Jogos\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.198\deploy\LolClient.exe

Id
do Relatório: fda73d7c-fd34-11e1-9380-00214fbf826d

Error - 13/09/2012 00:25:03 | Computer Name = Marcelo-PC | Source = EventSystem | ID = 4621
Description =

Error - 13/09/2012 04:30:10 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815
Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva
c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor
"*" do atributo language no elemento assemblyIdentity é inválido.

Error - 13/09/2012 06:40:04 | Computer Name = Marcelo-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: ThreatWork.exe, versão: 9.0.0.0, carimbo
de hora: 0x4ea67fc0 Nome do módulo de falhas: MSVCR90.dll, versão: 9.0.30729.6161,
carimbo de hora: 0x4dace5b9 Código de exceção: 0x40000015 Deslocamento com falha:
0x0005beae Identificação do processo com falha: 0x8e4 Hora de início do aplicativo
com falha: 0x01cd9186d38ce92b Caminho do aplicativo com falha: C:\Program Files
(x86)\Lavasoft\Ad-Aware\ThreatWork.exe FCaminho do módulo de falhas: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Identificação
do Relatório: 6060decc-fd8f-11e1-9ec4-00214fbf826d

Error - 13/09/2012 23:49:08 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815
Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva
c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor
"*" do atributo language no elemento assemblyIdentity é inválido.

Error - 14/09/2012 23:32:02 | Computer Name = Marcelo-PC | Source = SideBySide | ID = 16842815
Description = Falha na geração de contexto de ativação para "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll". Erro no arquivo de manifesto ou de diretiva
c:\program files (x86)\spybot - search & destroy\DelZip179.dll", na linha 8. O valor
"*" do atributo language no elemento assemblyIdentity é inválido.

[ System Events ]
Error - 13/09/2012 00:26:12 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: DMICall

Error - 13/09/2012 18:28:19 | Computer Name = Marcelo-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\DMICall.sys foi impedido de carregar
devido a uma incompatibilidade com este sistema. Contate o fornecedor do software
para obter uma versão compatível do driver.

Error - 13/09/2012 18:28:32 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço eamonm devido ao seguinte erro:
%%2

Error - 13/09/2012 18:28:45 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: DMICall

Error - 13/09/2012 18:29:36 | Computer Name = Marcelo-PC | Source = DCOM | ID = 10010
Description =

Error - 14/09/2012 17:43:13 | Computer Name = Marcelo-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\DMICall.sys foi impedido de carregar
devido a uma incompatibilidade com este sistema. Contate o fornecedor do software
para obter uma versão compatível do driver.

Error - 14/09/2012 17:43:24 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço eamonm devido ao seguinte erro:
%%2

Error - 14/09/2012 17:44:04 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7009
Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão
do serviço Apple Mobile Device.

Error - 14/09/2012 17:44:04 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Apple Mobile Device devido ao seguinte
erro: %%1053

Error - 14/09/2012 17:44:16 | Computer Name = Marcelo-PC | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: DMICall


< End of report >
  • E em anexo segue o log OTL.txt

Obrigado.

Arquivo(s) anexado(s)

  • Arquivo anexado  OTL.Txt   113,57K   1 Downloads


#6
killer

killer

    Assistente Emérito

  • Emérito
  • 11.382 posts
Como está o seu computador?

Faça o download do Security Check by screen317 clicando aqui ou aqui.
  • Salve no seu Desktop.
  • De um duplo clique no arquivo Securitycheck.exe e siga as instruções da tela.
  • Um bloco de notas será aberto automaticamente com o nome de checkup.txt; Poste o resultado deste documento.

- Linha Defensiva no FaceBook
Twitter Linha Defensiva Khan Academy

st-cs.jpg
Não abandone o seu tópico, alguém dedicou parte do seu tempo para ajudá-lo!


#7
Maloid

Maloid

    Novato

  • Novato
  • Pip
  • 10 posts
Meu computador tem funcionado normalmente.

Tenho evitado usá-lo mas os sites que estavam com aquele problema relatado no início voltaram a funcionar normalmente, inexplicavelmente.

segue o log:

Results of screen317's Security Check version 0.99.50
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Lavasoft Ad-Watch Live! Anti-Virus
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Spybot - Search & Destroy
Malwarebytes Anti-Malware versão 1.65.0.1400
CCleaner (remove only)
Java™ 6 Update 26
Java version out of Date!
Adobe Flash Player 11.3.300.271 Flash Player out of Date!
Adobe Reader X 10.1.0 Adobe Reader out of Date!
Mozilla Firefox (15.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````


Att.

#8
killer

killer

    Assistente Emérito

  • Emérito
  • 11.382 posts
  • Abra o OTL e clique no botão Imagem Postada
    Feche o OTL.
  • Faça o Download do Ccleaner Slim
    Se desejar, leia o tutorial do programa:
    http://linhadefensiv...showtopic=12395
    • Instale o programa
    • Clique em Registro > procurar erros > corrigir erros selecionados.
    • Depois, clique em Limpador > analisar > executar limpeza.
  • Imagem Postada Atualize o Adobe Reader. Versões antigas têm vulnerabilidades que são exploradas por malwares.
    Remova a versão mais antiga do Adobe Reader e clique aqui para instalar a mais nova versão.
  • Imagem Postada Versões antigas do Java, têm vulnerabilidades que alguns malwares podem usar para infectar seu sistema. Verifique se o seu sistema tem a última versão instalada:
    • Acesse o site Java.com/Download. Clique na opção Tenho o java?
    • Aguarde o site analisar qual é a sua versão do Java.
    • Se a versão for antiga, será oferecido o download da mais nova versão.
    • Clique em Faça o download do Java agora e instale a nova versão do Java.
  • Atualize o Flash Player:
    http://get.adobe.com/br/flashplayer/
  • Execute o Windows update para atualizar o seu sistema operacional:
    http://www.update.mi...r&&thankspage=5
  • Leia o artigo Proteja seu PC para maiores informações sobre como evitar infecções;
  • Se não há mais nenhum problema relacionado a malwares, clique no botão Imagem Postada e diga que o seu caso foi resolvido

- Linha Defensiva no FaceBook
Twitter Linha Defensiva Khan Academy

st-cs.jpg
Não abandone o seu tópico, alguém dedicou parte do seu tempo para ajudá-lo!


#9
Maloid

Maloid

    Novato

  • Novato
  • Pip
  • 10 posts
Olá.

O PC não apresenta mais aqueles sintomas do início, apenas percebo que o browser está mais lento que o de costume.

Executei todas as ações.

Agradeço pela atenção dispendida.

Um abraço!

#10
killer

killer

    Assistente Emérito

  • Emérito
  • 11.382 posts
PROBLEMA RESOLVIDO
 
Caso queira solicitar a reabertura do tópico, utilize o botão Denunciar para entrar em contato com a moderação.

Nota: Somente o autor pode realizar essa solicitação na área Remoção de Malware.

- Linha Defensiva no FaceBook
Twitter Linha Defensiva Khan Academy

st-cs.jpg
Não abandone o seu tópico, alguém dedicou parte do seu tempo para ajudá-lo!