Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Firefox doesn't save my history :/


  • Please log in to reply

#1
FrankJR

FrankJR

    New Member

  • Member
  • Pip
  • 2 posts
My problem: My PC seems to be working fine, but my firefox history isn't been saved. Yes, I have already changed the configs, but when I come back to the browser all my changes had rolleback to the previous config. I already tried to reinstall it aswell.

Well, or its a virus or something like that or... It's something that is right in my face and I'm not seeing it xD

here is my OTL log:

OTL logfile created on: 30/8/2012 21:57:19 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Administrador\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

2,00 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 54,91% Memory free
3,85 Gb Paging File | 3,11 Gb Available in Paging File | 80,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 298,08 Gb Total Space | 18,19 Gb Free Space | 6,10% Space Free | Partition Type: NTFS

Computer Name: USER-3820A0E53B | User Name: Administrador | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/30 21:57:08 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Desktop\OTL.exe
PRC - [2012/08/24 22:59:03 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe
PRC - [2012/05/15 07:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de programas\Microsoft Security Client\MsMpEng.exe
PRC - [2009/09/08 04:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Arquivos de programas\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2009/09/08 04:47:07 | 004,513,792 | ---- | M] (PostgreSQL Global Development Group) -- C:\Arquivos de programas\PostgreSQL\8.4\bin\postgres.exe
PRC - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/04/13 16:21:00 | 001,554,432 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/31 08:33:50 | 000,036,864 | ---- | M] (VisualTaskTips.com) -- C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe
PRC - [2005/10/28 16:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
PRC - [2005/01/05 15:45:36 | 001,015,808 | ---- | M] (Thomas Ascher) -- C:\Arquivos de programas\ATnotes\ATnotes.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE


========== Modules (No Company Name) ==========

MOD - [2012/08/24 22:59:17 | 002,242,528 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\mozjs.dll
MOD - [2012/08/14 23:22:56 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2009/11/03 21:14:04 | 000,054,272 | ---- | M] () -- C:\Arquivos de programas\Notepad++\NppShell_01.dll
MOD - [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll
MOD - [2006/07/31 08:33:45 | 000,007,680 | ---- | M] () -- C:\Arquivos de programas\VisualTaskTips\VttHooks.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/08/24 22:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/14 23:22:57 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/27 14:01:50 | 000,529,232 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/15 07:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/04/13 10:28:24 | 001,529,152 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Arquivos de programas\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Arquivos de programas\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/12/31 08:39:54 | 008,133,120 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe -- (wampmysqld)
SRV - [2010/12/31 08:39:42 | 000,020,549 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\Apache2.2.17\bin\httpd.exe -- (wampapache)
SRV - [2010/03/21 16:41:00 | 003,532,120 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2009/09/08 04:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Arquivos de programas\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva399.sys -- (XDva399)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva398.sys -- (XDva398)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva386.sys -- (XDva386)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\catchme.sys -- (catchme)
DRV - [2012/08/30 12:19:03 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Microsoft Antimalware\Definition Updates\{DA81831C-E8BE-44FA-8C00-8D5744C59662}\MpKsl9eb7bb32.sys -- (MpKsl9eb7bb32)
DRV - [2012/03/29 16:32:12 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Arquivos de programas\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/11/25 01:02:55 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\78975193.sys -- (78975193)
DRV - [2011/07/14 20:55:24 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/11/01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Arquivos de programas\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010/06/14 21:33:47 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/04/06 12:19:46 | 000,023,064 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2008/12/10 15:56:26 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV - [2008/04/17 11:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/01/03 23:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/10/24 10:47:26 | 000,023,288 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2007/02/13 15:35:26 | 000,025,896 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\scramby.sys -- (scramby)
DRV - [2006/02/26 12:02:49 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2851643
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...box_im2_test_v2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bleepingc...er.com/forums/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.autoconfig_url: "http://www.mobseguro...1308201202.win"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.type: 2

FF - user.js..network.proxy.autoconfig_url: "http://www.mobseguro...1308201202.win"
FF - user.js..network.proxy.socks_port: 80
FF - user.js..network.proxy.type: 2

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Arquivos de programas\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Dados de aplicativos\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Arquivos de programas\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Arquivos de programas\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Arquivos de programas\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Arquivos de programas\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2012/08/28 22:22:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2012/05/06 18:11:53 | 000,000,000 | ---D | M]

[2009/09/09 14:38:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Extensions
[2012/08/04 00:34:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\extensions
[2012/03/30 13:38:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/02/11 13:16:04 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/02/11 13:32:06 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2012/08/12 11:40:17 | 000,001,920 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\searchplugins\interfilmes.xml
[2010/03/29 22:41:45 | 000,002,149 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\searchplugins\MyStart Search.xml
[2012/08/28 22:22:47 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions
[2012/05/18 19:10:54 | 000,080,872 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRADOR\DADOS DE APLICATIVOS\MOZILLA\FIREFOX\PROFILES\AHFB6OGQ.DEFAULT\EXTENSIONS\{9C51BD27-6ED8-4000-A2BF-36CB95C0C947}.XPI
[2011/08/25 15:44:37 | 000,011,510 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRADOR\DADOS DE APLICATIVOS\MOZILLA\FIREFOX\PROFILES\AHFB6OGQ.DEFAULT\EXTENSIONS\[email protected]
[2012/08/24 23:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browsercomps.dll
[2010/01/13 19:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Arquivos de programas\mozilla firefox\plugins\npwachk.dll
[2012/08/25 00:56:03 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml
[2012/08/25 00:56:02 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml
[2012/08/25 00:56:02 | 000,002,253 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\twitter.xml
[2012/08/25 00:56:02 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/08/25 00:56:02 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Iminent (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\npIminent.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Picasa (Enabled) = C:\Arquivos de programas\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java™ Platform SE 7 U2 (Enabled) = C:\Arquivos de programas\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.20.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Arquivos de programas\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrador\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\Documents and Settings\All Users\Dados de aplicativos\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Pesquisa do Google = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: uTorrentBar_PT = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda\2.3.7.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/25 02:12:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [MSC] c:\Arquivos de programas\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKCU..\Run: [ATnotes.exe] C:\Arquivos de programas\ATnotes\ATnotes.exe (Thomas Ascher)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [TaskCounter] C:\Arquivos de programas\Nine Vectors\Task Counter\TaskCounter.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Arquivos de programas\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/...he.cab79352.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{406B8789-CA90-4EAF-BEE9-1294A2DA258D}: NameServer = 200.175.5.139,200.175.189.139
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/08 20:50:49 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/30 21:57:11 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Desktop\OTL.exe
[2012/08/30 12:17:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrador\Recent
[2012/08/26 15:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\World of Warcraft
[2012/08/26 15:22:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\World of Warcraft
[2012/08/26 14:04:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Free Metronome
[2012/08/26 14:04:53 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Free Metronome
[2012/08/25 21:06:57 | 000,000,000 | ---D | C] -- C:\CFLog
[2012/08/25 19:51:33 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/08/25 00:14:35 | 004,739,802 | R--- | C] (Swearware) -- C:\Documents and Settings\Administrador\Desktop\ComboFix.exe
[2012/08/24 12:05:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Diablo III
[2012/08/24 12:05:26 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Diablo III
[2012/08/24 00:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\com.rpgonline.rpg2ic
[2012/08/24 00:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\RPG Online
[2012/08/24 00:06:14 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\rpg2ic
[2012/08/22 21:09:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Nine Vectors
[2012/08/22 21:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\com.focusboosterapp.focusbooster.8E5F79C899747AD22E21DB62AA496926DA6BBC64.1
[2012/08/22 21:07:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\focus booster
[2012/08/22 21:06:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Adobe
[2012/08/15 13:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop\Gmer
[2012/08/15 13:24:21 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Administrador\Desktop\dds.scr
[2012/08/14 09:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight
[2012/08/14 09:26:26 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2012/08/14 09:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe
[2012/08/13 03:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Realteks
[2012/08/12 20:24:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\StarCraft II
[2012/08/12 20:08:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\StarCraft II
[2012/08/12 19:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\StarCraft II
[2012/08/12 19:47:07 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\StarCraft II
[2012/08/10 21:49:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Cliente Faster Tunnel
[2012/08/10 21:49:54 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Cliente Faster Tunnel
[2012/08/01 03:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Urautog_soluções_em_Tecno
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/30 21:57:08 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Desktop\OTL.exe
[2012/08/30 21:22:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/30 06:15:37 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/08/30 06:05:37 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2012/08/30 06:05:29 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/08/30 06:05:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/30 06:05:21 | 2146,619,392 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/29 22:27:54 | 000,000,116 | -H-- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/08/28 22:23:04 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/08/28 20:48:08 | 000,255,742 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\Exercicios_Vetores.pdf
[2012/08/28 06:38:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/27 21:56:20 | 000,209,920 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/27 12:20:29 | 001,629,052 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\gotes.jpg
[2012/08/27 06:12:42 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/08/26 22:26:44 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/08/26 14:05:57 | 000,000,150 | ---- | M] () -- C:\WINDOWS\MetroTimer.ini
[2012/08/25 02:12:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/08/25 01:56:37 | 004,739,802 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrador\Desktop\ComboFix.exe
[2012/08/24 20:28:01 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/08/24 12:06:02 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Diablo III.lnk
[2012/08/16 11:35:22 | 000,297,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/15 13:24:25 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrador\Desktop\dds.scr
[2012/08/13 21:03:38 | 000,547,860 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2012/08/13 21:03:38 | 000,511,880 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/08/13 21:03:38 | 000,103,406 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2012/08/13 21:03:38 | 000,091,494 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/08/13 12:48:33 | 000,000,840 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/12 20:39:15 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2012/08/03 14:31:23 | 000,010,536 | ---- | M] () -- C:\WINDOWS\System32\drivers\hmonitor45.sys
[2012/08/02 17:24:54 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\CrossFire.lnk
[2012/08/01 21:58:45 | 000,008,848 | ---- | M] () -- C:\WINDOWS\System32\DirectIP.ini
[2012/08/01 21:58:45 | 000,004,840 | ---- | M] () -- C:\WINDOWS\System32\DirectIPOff.ini
[2012/07/31 22:41:24 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\GamezAion.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/28 20:59:04 | 000,255,742 | ---- | C] () -- C:\Documents and Settings\Administrador\Desktop\Exercicios_Vetores.pdf
[2012/08/27 12:20:28 | 001,629,052 | ---- | C] () -- C:\Documents and Settings\Administrador\Desktop\gotes.jpg
[2012/08/26 15:22:07 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/08/26 14:05:57 | 000,000,150 | ---- | C] () -- C:\WINDOWS\MetroTimer.ini
[2012/08/24 12:05:26 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Diablo III.lnk
[2012/08/22 21:07:04 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\focus booster.lnk
[2012/08/15 19:16:02 | 2146,619,392 | -HS- | C] () -- C:\hiberfil.sys
[2012/08/12 19:47:07 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2012/08/03 16:52:59 | 000,000,908 | ---- | C] () -- C:\Documents and Settings\Administrador\Desktop\CrossFire.lnk
[2012/08/02 02:09:47 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\PUTTY.RND
[2012/08/01 21:58:45 | 000,008,848 | ---- | C] () -- C:\WINDOWS\System32\DirectIP.ini
[2012/08/01 21:58:45 | 000,004,840 | ---- | C] () -- C:\WINDOWS\System32\DirectIPOff.ini
[2012/07/16 04:58:04 | 000,010,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hmonitor45.sys
[2012/05/29 13:47:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012/05/27 17:00:23 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\PnkBstrK.sys
[2012/05/27 16:59:59 | 003,130,440 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_blr.exe
[2012/03/23 23:33:36 | 000,000,020 | ---- | C] () -- C:\WINDOWS\wp.ini
[2012/03/23 23:33:35 | 000,002,992 | ---- | C] () -- C:\WINDOWS\wp2.ini
[2012/02/15 08:25:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/09 13:55:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/02/09 13:55:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/02/09 13:55:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/02/09 13:55:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/02/09 13:55:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/26 22:45:51 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2011/12/24 14:49:08 | 000,058,208 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/11/23 18:55:12 | 000,000,232 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\~vZD90hcsTotaqcr
[2011/11/23 18:55:11 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\~vZD90hcsTotaqc
[2011/11/23 18:42:24 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\vZD90hcsTotaqc
[2011/10/05 19:19:56 | 000,482,152 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-S-1-5-21-448539723-1757981266-1801674531-500-0.dat
[2011/10/05 19:19:56 | 000,288,342 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-System.dat
[2011/09/12 18:43:43 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/09/12 18:43:43 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/09/12 18:43:43 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/09/12 18:43:19 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010/11/22 10:56:43 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2010/10/11 08:56:02 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/10/11 08:56:02 | 000,000,038 | -H-- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/10/11 08:56:01 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/10/11 08:56:01 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/10/11 08:56:01 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/09/09 14:46:37 | 000,209,920 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/13 16:20:08 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{b7bbff73-7622-f626-eef3-33ca3306213e}\@
[2008/04/13 16:20:08 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\{b7bbff73-7622-f626-eef3-33ca3306213e}\@

========== LOP Check ==========

[2010/03/31 19:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\AnvSoft
[2012/04/03 16:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Auslogics
[2012/06/28 21:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\BitTorrent
[2012/08/12 02:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Call Graph
[2010/03/31 14:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\CocoonSoftware
[2011/12/24 14:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/08/22 21:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\com.focusboosterapp.focusbooster.8E5F79C899747AD22E21DB62AA496926DA6BBC64.1
[2012/08/24 00:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\com.rpgonline.rpg2ic
[2010/01/21 23:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\DAEMON Tools Lite
[2012/06/28 21:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Dev-Cpp
[2012/01/03 22:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\DriverCure
[2012/05/01 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\driveridentifier
[2011/12/14 17:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Dropbox
[2010/01/19 15:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\EssentialPIM
[2012/03/02 14:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Foxit Software
[2012/02/11 13:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\GetRightToGo
[2010/12/31 09:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\HEM Data
[2009/09/09 14:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\id Software
[2011/11/25 05:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mekek
[2009/12/13 11:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\NetMedia Providers
[2010/03/07 10:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Notepad++
[2011/12/29 09:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Oracle
[2012/01/03 22:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\ParetoLogic
[2009/12/13 11:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Publish Providers
[2011/07/04 12:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\runic games
[2009/11/05 21:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Screaming Bee
[2011/07/12 22:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Sony
[2009/11/05 20:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Steinberg
[2009/09/09 15:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Styler
[2012/04/04 21:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\SumatraPDF
[2012/01/03 21:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Thinstall
[2012/07/03 00:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\TS3Client
[2012/05/01 14:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\TuneUp Software
[2012/06/26 15:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Unity
[2012/08/29 14:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\uTorrent
[2012/07/31 21:26:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\wyUpdate AU
[2012/05/20 01:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Battle.net
[2012/05/01 13:55:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Common Files
[2009/12/05 14:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite
[2011/07/14 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\EA Core
[2011/11/26 09:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Electronic Arts
[2012/05/10 21:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\F4D55F3B212C27CD6A43996DD151FC4E
[2009/09/09 14:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\id Software
[2010/03/29 22:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IM
[2010/03/29 22:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IncrediMail
[2012/07/14 03:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IObit
[2010/07/19 21:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!
[2012/01/03 23:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ParetoLogic
[2012/07/30 21:05:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PMB Files
[2009/11/05 21:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Screaming Bee
[2009/12/13 11:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony
[2009/11/05 20:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Syncrosoft
[2012/05/01 13:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TuneUp Software
[2012/05/01 13:55:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010/01/11 21:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2012/06/16 16:03:30 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\classCron.job
[2012/08/30 06:05:37 | 000,000,310 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
[2012/08/30 06:05:29 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012/06/15 18:39:01 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\WavePadReminder.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 522 bytes -> C:\WINDOWS\System32\drivers\teugbsnr.sys:changelist
@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:احتضان

< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2851643
    IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...box_im2_test_v2
    FF - prefs.js..network.proxy.autoconfig_url: "http://www.mobseguroatualiza.com/kbr1308201202.win"
    FF - prefs.js..network.proxy.socks_port: 80
    FF - prefs.js..network.proxy.type: 2
    FF - user.js..network.proxy.autoconfig_url: "http://www.mobseguroatualiza.com/kbr1308201202.win"
    FF - user.js..network.proxy.socks_port: 80
    FF - user.js..network.proxy.type: 2
    [2012/02/11 13:16:04 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
    [2012/02/11 13:32:06 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
    [2012/08/12 11:40:17 | 000,001,920 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\searchplugins\interfilmes.xml
    [2010/03/29 22:41:45 | 000,002,149 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ahfb6ogq.default\searchplugins\MyStart Search.xml
    [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [2011/11/23 18:55:12 | 000,000,232 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\~vZD90hcsTotaqcr
    [2011/11/23 18:55:11 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\~vZD90hcsTotaqc
    [2011/11/23 18:42:24 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\vZD90hcsTotaqc
    [2012/05/10 21:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\F4D55F3B212C27CD6A43996DD151FC4E
    
    :Services
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    C:\WINDOWS\Installer\{b7bbff73-7622-f626-eef3-33ca3306213e}\
    C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\{b7bbff73-7622-f626-eef3-33ca3306213e}\
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done



Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP