Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infected with various stuff, says AVG

Started by Gnitrops , Mar 10 2008 04:49 AM

  • Please log in to reply

#1
Gnitrops
Posted 10 March 2008 - 04:49 AM

Gnitrops

    Member

  • Member
  • PipPip
  • 29 posts
Hi all,

I'm running a PC using Windows XP and AVG Free (7.5.518) and I honestly don't know what is happening with my PC today. I must confess I never felt safe enough with AVG (I'm used to having Kaspersky at work), but it was the one I was advised to go for.

On to the problem - As the computer started, AVG found a Trojan Generic9.BJGK on C:\Programas\SopCast\uninst.exe . I "healed" it, but it got me suspicious so I started trying to find out what is this and where this could come from. To note, SopCast has been on my PC for some time now, and it even hasn't been used lately. Also, the last thing I installed was precisely TVAnts, yesterday night.

I promptly started the ESET Online Scanner. While the scan is running, I'm browsing on other window looking for answers. In this time, AVG found Obfustat.RRL on another exe I had sitting on my external drive (FAR, a Sony Ericsson program), and Generic5.HNX on Foxit PDF installer, also sitting on the same external drive. This only got me wondering more, since these files have been there for months. ESET online scanner, on the other hand, found nothing. I updated and ran Spybot S&D, and found nothing aswell. I'm not sure now if these results were false-positives, and/or I might have something more in the machine. I've messed with some suspicious files a few days ago, but scanned them through AVG and it gave me the OK.

Here are the DSS/HJT logs:

Deckard's System Scanner v20071014.68
Run by Thiago on 2008-03-10 10:41:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-03-10 10:41:32 UTC - RP1 - Ponto de verificação do sistema


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Thiago.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:42, on 10-03-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programas\Java\jre1.6.0_03\bin\jusched.exe
C:\Programas\Windows Live\Messenger\MsnMsgr.Exe
C:\Programas\RK Launcher\RKLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\Deckard System Scanner\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Thiago.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 202.84.17.42:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RK Launcher] C:\Programas\RK Launcher\RKLauncher.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/b...lineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1202053288859
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 5946 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S3 IRENUM (Serviço enumerador IR) - c:\windows\system32\drivers\irenum.sys (file missing)
S3 Revolution1 - c:\documents and settings\thiago\ambiente de trabalho\nova pasta\shak3.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {6BDD1FC5-810F-11D0-BEC7-08002BE2092F}
Description: Porta de infravermelhos IrDA Fast
Device ID: ACPI\NSC6001\2
Manufacturer: National Semiconductor
Name: Porta de infravermelhos IrDA Fast
PNP Device ID: ACPI\NSC6001\2
Service: NSCIRDA


-- Files created between 2008-02-10 and 2008-03-10 -----------------------------

2008-03-10 10:42:34 0 d-------- C:\Programas\Trend Micro
2008-03-10 09:40:18 0 d-------- C:\Programas\EsetOnlineScanner
2008-03-09 20:34:28 0 d-------- C:\Programas\TVAnts
2008-03-08 21:57:11 0 d-------- C:\Programas\Metin2_Portugal
2008-03-05 13:27:43 0 d-------- C:\Programas\Real Alternative
2008-03-05 13:27:43 0 d-------- C:\Documents and Settings\Thiago\Application Data\Real
2008-03-05 13:27:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Real
2008-03-05 12:15:01 0 d-------- C:\Programas\DreMule
2008-03-02 20:51:45 0 d-------- C:\Programas\Windows Media Connect 2
2008-03-02 20:50:42 0 d-------- C:\WINDOWS\system32\LogFiles
2008-03-02 20:50:42 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-03-02 20:41:26 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-03-02 20:41:25 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-03-02 20:41:24 159839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-03-02 20:41:24 755027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-03-02 20:41:24 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-03-02 20:41:24 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-03-02 20:41:24 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-03-02 20:41:23 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-03-02 20:41:22 0 d-------- C:\Programas\K-Lite Codec Pack
2008-03-02 20:36:01 0 d-------- C:\Programas\SopCast
2008-02-24 20:16:38 0 dr-h----- C:\$VAULT$.AVG
2008-02-22 11:57:35 0 d-------- C:\Program Files
2008-02-19 10:43:54 0 d-------- C:\Documents and Settings\Thiago\Application Data\Opera
2008-02-19 10:43:22 0 d-------- C:\Programas\Opera
2008-02-18 02:24:35 0 dr-h----- C:\Documents and Settings\Administrador\SendTo
2008-02-18 02:24:35 0 d--h----- C:\Documents and Settings\Administrador\Recent
2008-02-18 02:24:35 0 d--h----- C:\Documents and Settings\Administrador\PrintHood
2008-02-18 02:24:35 0 d-------- C:\Documents and Settings\Administrador\Os meus documentos
2008-02-18 02:24:35 1572864 --ah----- C:\Documents and Settings\Administrador\NTUSER.DAT
2008-02-18 02:24:35 0 d--h----- C:\Documents and Settings\Administrador\NetHood
2008-02-18 02:24:35 0 d--h----- C:\Documents and Settings\Administrador\Modelos
2008-02-18 02:24:35 0 dr------- C:\Documents and Settings\Administrador\Menu Iniciar
2008-02-18 02:24:35 0 d-------- C:\Documents and Settings\Administrador\Favoritos
2008-02-18 02:24:35 0 d--h----- C:\Documents and Settings\Administrador\Definições locais
2008-02-18 02:24:35 0 d---s---- C:\Documents and Settings\Administrador\Cookies
2008-02-18 02:24:35 0 dr-h----- C:\Documents and Settings\Administrador\Application Data
2008-02-18 02:24:35 0 d---s---- C:\Documents and Settings\Administrador\Application Data\Microsoft
2008-02-18 02:24:35 0 d-------- C:\Documents and Settings\Administrador\Ambiente de trabalho
2008-02-18 02:24:35 0 d-------- C:\Documents and Settings\Administrador\7zS96C.tmp
2008-02-17 22:27:49 0 d-------- C:\WINDOWS\system32\appmgmt
2008-02-17 21:40:36 0 d-------- C:\Documents and Settings\Thiago\Application Data\Help
2008-02-17 20:56:37 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-02-15 22:15:30 0 dr-h----- C:\Documents and Settings\Thiago\Recent
2008-02-14 11:06:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-02-12 21:24:19 0 d-------- C:\Programas\Microsoft Works
2008-02-12 21:23:54 0 d-------- C:\Programas\Microsoft.NET
2008-02-12 21:20:31 0 d-------- C:\WINDOWS\SHELLNEW
2008-02-12 21:20:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-02-12 21:19:45 0 dr-h----- C:\MSOCache
2008-02-11 09:39:26 253952 --a------ C:\WINDOWS\system32\OnlineScannerDLLA.dll <Not Verified; ; OnlineScanner Dynamic Link Library>
2008-02-11 09:39:18 237568 --a------ C:\WINDOWS\system32\OnlineScannerDLLW.dll <Not Verified; ; OnlineScanner Dynamic Link Library>


-- Find3M Report ---------------------------------------------------------------

2008-03-02 20:52:54 453706 --a------ C:\WINDOWS\system32\perfh016.dat
2008-03-02 20:52:54 74488 --a------ C:\WINDOWS\system32\perfc016.dat
2008-02-08 13:53:46 110592 --a------ C:\WINDOWS\system32\OnlineScannerLang.dll <Not Verified; ; OnlineScanner Language Library>
2008-02-08 10:24:50 0 d-------- C:\Documents and Settings\Thiago\Application Data\PCF-VLC
2008-02-08 10:22:12 0 d-------- C:\Documents and Settings\Thiago\Application Data\Participatory Culture Foundation
2008-02-07 13:25:54 0 d-------- C:\Programas\mIRC
2008-02-07 13:03:02 0 d-------- C:\Documents and Settings\Thiago\Application Data\mIRC
2008-02-06 14:08:34 0 d-------- C:\Documents and Settings\Thiago\Application Data\vlc
2008-02-06 13:53:36 0 d-------- C:\Programas\VideoLAN
2008-02-05 21:11:04 0 d-------- C:\Documents and Settings\Thiago\Application Data\Sun
2008-02-05 08:48:04 77824 --a------ C:\WINDOWS\system32\OnlineScannerUninstaller.exe <Not Verified; ; OnlineScannerUninstaller>
2008-02-04 20:34:00 0 d-------- C:\Documents and Settings\Thiago\Application Data\foobar2000
2008-02-04 20:19:20 0 d-------- C:\Programas\DominateGame
2008-02-03 21:29:06 1263 --a------ C:\WINDOWS\mozver.dat
2008-02-03 21:12:02 0 d-------- C:\Programas\Java
2008-02-03 21:11:22 0 d-------- C:\Programas\Ficheiros comuns\Java
2008-02-03 21:01:36 0 d-------- C:\Documents and Settings\Thiago\Application Data\Skype
2008-02-03 20:14:04 0 d-------- C:\Programas\Nero
2008-02-03 20:14:04 0 d-------- C:\Programas\Ficheiros comuns\Nero
2008-02-03 19:26:44 0 d-------- C:\Programas\RK Launcher
2008-02-03 19:01:38 0 d-------- C:\Documents and Settings\Thiago\Application Data\AVG7
2008-02-03 18:47:48 0 d-------- C:\Documents and Settings\Thiago\Application Data\uTorrent
2008-02-03 18:43:56 0 d-------- C:\Programas\eMule
2008-02-03 18:43:48 0 d--hs---- C:\Programas\Ficheiros comuns\WindowsLiveInstaller
2008-02-03 18:43:38 0 d-------- C:\Programas\uTorrent
2008-02-03 18:43:30 0 d-------- C:\Programas\Windows Live
2008-02-03 18:43:06 0 d-------- C:\Documents and Settings\Thiago\Application Data\Talkback
2008-02-03 18:43:02 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-03 18:42:58 0 d-------- C:\Documents and Settings\Thiago\Application Data\Mozilla
2008-02-03 18:42:56 0 d-------- C:\Programas\Skype
2008-02-03 18:42:56 0 d-------- C:\Programas\Ficheiros comuns\Skype
2008-02-03 18:27:04 0 d-------- C:\Programas\Deckard System Scanner
2008-02-03 18:25:46 0 d-------- C:\Documents and Settings\Thiago\Application Data\Media Player Classic
2008-02-03 18:24:28 0 d-------- C:\Documents and Settings\Thiago\Application Data\TuneUp Software
2008-02-03 18:24:20 0 d-------- C:\Programas\TuneUp Utilities 2008
2008-02-03 18:24:04 0 d-------- C:\Programas\Ficheiros comuns\Wise Installation Wizard
2008-02-03 18:22:48 0 d-------- C:\Documents and Settings\Thiago\Application Data\Adobe
2008-02-03 18:22:06 0 d-------- C:\Programas\Google
2008-02-03 18:22:06 0 d-------- C:\Documents and Settings\Thiago\Application Data\Google
2008-02-03 18:22:04 0 d-------- C:\Documents and Settings\Thiago\Application Data\Macromedia
2008-02-03 18:21:20 0 d-------- C:\Programas\foobar2000
2008-02-03 18:18:04 0 d-------- C:\Programas\Foxit Software
2008-02-03 18:09:14 0 d-------- C:\Documents and Settings\Thiago\Application Data\ATI
2008-02-03 18:08:46 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-02-03 15:52:44 0 d-------- C:\Programas\ATI Technologies
2008-02-03 15:46:52 0 d-------- C:\Programas\Realtek Sound Manager
2008-02-03 15:46:48 0 d-------- C:\Programas\AvRack
2008-02-03 15:44:48 0 d-------- C:\Programas\Intel
2008-02-03 15:36:32 0 d--h----- C:\Programas\InstallShield Installation Information
2008-02-03 15:36:28 0 d-------- C:\Programas\Ficheiros comuns\InstallShield
2008-02-03 15:29:20 0 d-------- C:\Documents and Settings\Thiago\Application Data\Identities
2008-02-03 15:06:04 0 d-------- C:\Programas\microsoft frontpage
2008-02-03 15:01:16 0 -rahs---- C:\MSDOS.SYS
2008-02-03 15:01:16 0 -rahs---- C:\IO.SYS
2008-02-03 15:01:16 0 --a------ C:\CONFIG.SYS
2008-02-03 15:01:16 0 --a------ C:\AUTOEXEC.BAT
2008-02-03 15:00:00 0 d--h----- C:\Programas\WindowsUpdate
2008-02-03 14:59:56 0 d-------- C:\Programas\Serviços online
2008-02-03 14:58:52 0 d-------- C:\Programas\Ficheiros comuns\MSSoap
2008-02-03 14:58:36 0 d-------- C:\Programas\Movie Maker
2008-02-03 14:57:38 21924 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-02-03 14:57:04 0 d-------- C:\Programas\Messenger
2008-02-03 14:56:58 0 d-------- C:\Programas\MSN Gaming Zone
2008-02-03 14:56:26 0 d-------- C:\Programas\Windows NT
2008-02-03 14:20:10 0 d-------- C:\Programas\Ficheiros comuns\ODBC
2008-02-03 14:20:06 0 d-------- C:\Programas\Ficheiros comuns
2008-02-03 14:20:06 0 d-------- C:\Programas\Ficheiros comuns\SpeechEngines
2008-02-03 14:19:36 62 --ahs---- C:\Documents and Settings\Thiago\Application Data\desktop.ini
2007-12-20 21:05:00 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [10-11-2006 12:35]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [03-02-2008 19:02]
"SunJavaUpdateSched"="C:\Programas\Java\jre1.6.0_03\bin\jusched.exe" [25-09-2007 01:11]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Programas\Windows Live\Messenger\MsnMsgr.exe" [18-10-2007 11:34]
"RK Launcher"="C:\Programas\RK Launcher\RKLauncher.exe" [14-09-2005 19:23]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04-08-2004 00:56]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide3"=cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"=11 (0xb)

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp




-- Hosts -----------------------------------------------------------------------

127.0.0.1 nprotect.acclaimdownloads.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com

8005 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-03-10 10:43:21 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Portuguese

CPU 0: Intel® Pentium® 4 CPU 3.40GHz
CPU 1: Intel® Pentium® 4 CPU 3.40GHz
Percentage of Memory in Use: 40%
Physical Memory (total/avail): 1022.98 MiB / 611.48 MiB
Pagefile Memory (total/avail): 2460.39 MiB / 2039.8 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1912.65 MiB

C: is Fixed (FAT32) - 8 GiB total, 2.02 GiB free.
D: is Fixed (FAT32) - 19.74 GiB total, 1.79 GiB free.
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is CDROM (No Media)
J: is Fixed (NTFS) - 465.75 GiB total, 316.76 GiB free.
K: is Removable (FAT)

\\.\PHYSICALDRIVE0 - SAMSUNG MP0402H - 37.31 GiB - 4 partitions
\PARTITION0 (bootable) - Unknown - 8.01 GiB - C:
\PARTITION1 - Unknown - 1953.22 MiB
\PARTITION2 - Partição expandida - 7.64 GiB
\PARTITION3 - Unknown - 19.76 GiB - D:

\\.\PHYSICALDRIVE4 - GENERIC USB Storage-CFC USB Device

\\.\PHYSICALDRIVE5 - GENERIC USB Storage-MMC USB Device

\\.\PHYSICALDRIVE6 - GENERIC USB Storage-MSC USB Device

\\.\PHYSICALDRIVE3 - GENERIC USB Storage-SMC USB Device

\\.\PHYSICALDRIVE2 - takeMS USB Mini USB Device - 1929.68 MiB - 1 partition
\PARTITION0 (bootable) - MS-DOS V4 Huge - 1935.48 MiB - K:

\\.\PHYSICALDRIVE1 - WD 5000AAK External USB Device - 465.76 GiB - 1 partition
\PARTITION0 - Sistema de ficheiros instalável - 465.75 GiB - J:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: AVG 7.5.518 v7.5.518 (Grisoft)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programas\\Windows Live\\Messenger\\livecall.exe"="C:\\Programas\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programas\\uTorrent\\utorrent.exe"="C:\\Programas\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Programas\\eMule\\emule.exe"="C:\\Programas\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Programas\\Grisoft\\AVG7\\avginet.exe"="C:\\Programas\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Programas\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Programas\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Programas\\Grisoft\\AVG7\\avgcc.exe"="C:\\Programas\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Programas\\Grisoft\\AVG7\\avgemc.exe"="C:\\Programas\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programas\\Windows Live\\Messenger\\livecall.exe"="C:\\Programas\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Programas\\mIRC\\mirc.exe"="C:\\Programas\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Programas\\SopCast\\SopCast.exe"="C:\\Programas\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Programas\\SopCast\\adv\\SopAdver.exe"="C:\\Programas\\SopCast\\adv\\SopAdver.exe:*:Disabled:SopCast Adver"
"C:\\Programas\\Metin2_Portugal\\metin2.bin"="C:\\Programas\\Metin2_Portugal\\metin2.bin:*:Enabled:metin2"
"C:\\Programas\\DreMule\\emule.exe"="C:\\Programas\\DreMule\\emule.exe:*:Enabled:Dreamule"
"C:\\Programas\\Mozilla Firefox\\firefox.exe"="C:\\Programas\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Programas\\Internet Explorer\\iexplore.exe"="C:\\Programas\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Thiago\Application Data
CommonProgramFiles=C:\Programas\Ficheiros comuns
COMPUTERNAME=BLASTED
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Thiago
LOGONSERVER=\\BLASTED
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Programas\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Programas
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Thiago\DEFINI~1\Temp
TMP=C:\DOCUME~1\Thiago\DEFINI~1\Temp
USERDOMAIN=BLASTED
USERNAME=Thiago
USERPROFILE=C:\Documents and Settings\Thiago
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Thiago (admin)
Administrador (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Actualização de segurança para Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Actualização de segurança para Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB937894) --> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Actualização de Segurança para Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Actualização para Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Actualização para Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Actualização para Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Actualização para Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Actualização para Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Actualização para Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Actualização para Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Assistente de Início de Sessão do Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI - Software Uninstall Utility --> C:\Programas\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG 7.5 --> C:\Programas\Grisoft\AVG7\setup.exe /UNINSTALL
Compressor WinRAR --> C:\Programas\WinRAR\uninstall.exe
DominateGame 20050929 (dominate) --> C:\PROGRA~1\DOMINA~1\Setup.exe /remove
Dreamule 3.1 --> "C:\Programas\DreMule\unins000.exe"
ESET Online Scanner --> C:\WINDOWS\system32\OnlineScannerUninstaller.exe
foobar2000 v0.9.5 --> "C:\Programas\foobar2000\uninstall.exe"
Foxit Reader --> C:\Programas\Foxit Software\Foxit Reader\Uninstall.exe
GMail Drive Shell Extension --> rundll32.exe C:\WINDOWS\system32\ShellExt\GMailFS.dll,Uninstall C:\WINDOWS\system32\ShellExt\GMailFS.inf
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
K-Lite Codec Pack 3.8.0 Full --> "C:\Programas\K-Lite Codec Pack\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIRC --> C:\Programas\mIRC\uninstall.exe _?=C:\Programas\mIRC
Mozilla Firefox (2.0.0.12) --> C:\Programas\Mozilla Firefox\uninstall\helper.exe
Nero 8 Micro 8.1.1.4 --> "C:\Programas\Nero\unins000.exe"
Opera 9.25 --> MsiExec.exe /X{C619B312-19F3-460A-9F7B-443248379F18}
Real Alternative 1.7.5 --> "C:\Programas\Real Alternative\unins000.exe"
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
REALTEK Gigabit Ethenet NIC Driver Setup --> RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x816 REMOVE
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Smart Link 56K Modem --> C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove
SopCast 2.0.4 --> C:\Programas\SopCast\uninst.exe
Spybot - Search & Destroy --> "C:\Programas\Spybot - Search & Destroy\unins000.exe"
TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
TVAnts 1.0 --> C:\PROGRA~1\TVANTS\UNWISE.EXE C:\PROGRA~1\TVANTS\INSTALL.LOG
Update for Outlook 2007 Junk Email Filter (kb944965) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA8C80AA-31D6-43F0-8CD8-CA85479A34F1}
VideoLAN VLC media player 0.8.6d --> C:\Programas\VideoLAN\VLC\uninstall.exe
Windows Live installer --> MsiExec.exe /X{0C69F74B-DA6A-4C56-8017-988B7D63993A}
Windows Live Messenger --> MsiExec.exe /X{B98023FD-EC2A-404B-BFC3-49E7ECE4490E}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type398 / Error
Event Submitted/Written: 03/09/2008 01:32:54 PM
Event ID/Source: 1002 / Application Hang
Event Description:
A desligar a aplicação metin2.bin, versão 0.0.0.0, modulo de desligar hungapp, versão 0.0.0.0, endereço de desligar 0x00000000.

Event Record #/Type386 / Error
Event Submitted/Written: 03/07/2008 06:59:07 PM
Event ID/Source: 1002 / Application Hang
Event Description:
A desligar a aplicação firefox.exe, versão 1.8.20080.20121, modulo de desligar hungapp, versão 0.0.0.0, endereço de desligar 0x00000000.

Event Record #/Type385 / Error
Event Submitted/Written: 03/07/2008 06:58:57 PM
Event ID/Source: 1000 / Application Error
Event Description:
Aplicação em falha firefox.exe, versão 1.8.20080.20121, módulo em falha msvcrt.dll, versão 7.0.2600.2180, endereço em falha 0x00037740.
A processar o evento especifico de suporte de dados para [firefox.exe!ws!]

Event Record #/Type384 / Error
Event Submitted/Written: 03/07/2008 06:57:51 PM
Event ID/Source: 1000 / Application Error
Event Description:
Aplicação em falha firefox.exe, versão 1.8.20080.20121, módulo em falha msvcrt.dll, versão 7.0.2600.2180, endereço em falha 0x00037740.
A processar o evento especifico de suporte de dados para [firefox.exe!ws!]

Event Record #/Type383 / Error
Event Submitted/Written: 03/07/2008 06:57:49 PM
Event ID/Source: 1000 / Application Error
Event Description:
Aplicação em falha firefox.exe, versão 1.8.20080.20121, módulo em falha msvcrt.dll, versão 7.0.2600.2180, endereço em falha 0x00037740.
A processar o evento especifico de suporte de dados para [firefox.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type1974 / Error
Event Submitted/Written: 03/10/2008 10:42:50 AM
Event ID/Source: 7016 / Service Control Manager
Event Description:
O serviço SmartLinkService reportou um estado actual 0 inválido.

Event Record #/Type1954 / Warning
Event Submitted/Written: 03/10/2008 00:14:01 AM
Event ID/Source: 4226 / Tcpip
Event Description:
O TCP/IP atingiu o limite de segurança imposto pelo número de tentativas de ligação TCP simultâneas.

Event Record #/Type1953 / Error
Event Submitted/Written: 03/09/2008 11:12:21 PM
Event ID/Source: 10005 / DCOM
Event Description:
O DCOM obteve o erro "%%1058" ao tentar iniciar o serviço upnphost com os argumentos ""
de forma a executar o servidor:
{204810B9-73B2-11D4-BF42-00B0D0118B56}

Event Record #/Type1934 / Warning
Event Submitted/Written: 03/09/2008 01:33:35 AM
Event ID/Source: 36 / W32Time
Event Description:
O serviço de hora não conseguiu sincronizar a hora do sistema
por 49152 segundos, porque nenhum dos dispositivos de hora conseguiu
fornecer uma carimbo de hora utilizável. O relógio do sistema não está sincronizado.

Event Record #/Type1933 / Warning
Event Submitted/Written: 03/08/2008 11:15:04 PM
Event ID/Source: 4226 / Tcpip
Event Description:
O TCP/IP atingiu o limite de segurança imposto pelo número de tentativas de ligação TCP simultâneas.



-- End of Deckard's System Scanner: finished at 2008-03-10 10:43:21 ------------
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP