Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Computer "freezing"


  • This topic is locked This topic is locked
No replies to this topic

#1 billbrazil

billbrazil

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 07 May 2007 - 07:57 PM

Within the past 2 days, occasional freezing occurs that requires reboot. Sure hope someone can find the pest.

My normal antivirus is Antivir

Spyware/malware protection: Zone Alarm Pro, Spyware Guard, Spyware Blaster.

Regularly use Ad-Aware and Spybot S&D

Have just run again, Ad-Aware full scan and Spybot, followed by AVG and ATF Cleaner

Spybot detected two items: Cookie "hitbox" and 3b Registry Repair.

Hitbox removed. 3B retained since I have been using this tool for more than 2 years without any evident problem. Never appeared before on Spybot.

Ad-Aware detected nothing. Log follows

Ad-Aware SE Build 1.06r1
Logfile Created on:segunda-feira, 7 de maio de 2007 17:50:24
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R168 30.04.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):27 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


7-5-2007 17:50:24 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Bill\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\frontpage\explorer\frontpage explorer\recent file list
Description : list of recently used files in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\frontpage\explorer\frontpage explorer\recent page list
Description : list of recently used pages in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\frontpage\explorer\frontpage explorer\recent web list
Description : list of recently used webs in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\office\11.0\powerpoint\recent typeface list
Description : list of recently used typefaces in microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\office\11.0\powerpoint\recentfolderlist
Description : list of recent folders used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1645522239-842925246-1343024091-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 576
ThreadCreationTime : 7-5-2007 19:19:59
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 644
ThreadCreationTime : 7-5-2007 19:20:01
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\System32\
ProcessID : 672
ThreadCreationTime : 7-5-2007 19:20:03
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 7-5-2007 19:20:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operacional Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Aplicativo de serviços e controle
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 728
ThreadCreationTime : 7-5-2007 19:20:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 880
ThreadCreationTime : 7-5-2007 19:20:05
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 956
ThreadCreationTime : 7-5-2007 19:20:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1056
ThreadCreationTime : 7-5-2007 19:20:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1140
ThreadCreationTime : 7-5-2007 19:20:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1240
ThreadCreationTime : 7-5-2007 19:20:08
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZoneLabs\
ProcessID : 1352
ThreadCreationTime : 7-5-2007 19:20:09
BasePriority : Normal
FileVersion : 7.0.337.000
ProductVersion : 7.0.337.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1424
ThreadCreationTime : 7-5-2007 19:20:09
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operacional Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : EXPLORER.EXE

#:13 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1756
ThreadCreationTime : 7-5-2007 19:20:23
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:14 [sched.exe]
FilePath : C:\Arquivos de programas\AntiVir PersonalEdition Classic\
ProcessID : 548
ThreadCreationTime : 7-5-2007 19:21:16
BasePriority : Normal
FileVersion : 7.00.00.46
ProductVersion : 7.00.00.46
ProductName : Scheduler
CompanyName : Avira GmbH
FileDescription : Antivirus Scheduler
InternalName : avschd
LegalCopyright : Copyright © 2007 Avira GmbH. All rights reserved.
LegalTrademarks : AntiVir® is a registered trademark of Avira GmbH, Germany.
OriginalFilename : sched.exe

#:15 [avguard.exe]
FilePath : C:\Arquivos de programas\AntiVir PersonalEdition Classic\
ProcessID : 560
ThreadCreationTime : 7-5-2007 19:21:16
BasePriority : Normal
FileVersion : 7.00.00.52
ProductVersion : 7.00.00.00
ProductName : AntiVir Workstation
CompanyName : Avira GmbH
FileDescription : Antivirus On-Access Service
InternalName : AVGuard
LegalCopyright : Copyright © 2007 Avira GmbH. All rights reserved.
LegalTrademarks : AntiVir® is a registered trademark of Avira GmbH, Germany.
OriginalFilename : avguard.exe

#:16 [mdm.exe]
FilePath : C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\
ProcessID : 692
ThreadCreationTime : 7-5-2007 19:21:17
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:17 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1100
ThreadCreationTime : 7-5-2007 19:21:20
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:18 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 764
ThreadCreationTime : 7-5-2007 19:21:21
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:19 [wros.exe]
FilePath : C:\Arquivos de programas\Speedy\
ProcessID : 1208
ThreadCreationTime : 7-5-2007 19:21:22
BasePriority : Normal
FileVersion : 1, 1, 2, 0
ProductVersion : 1, 1, 2, 0
ProductName : WinRouter Operating System
CompanyName : iVasion, a Routerware Company
FileDescription : WrOS
InternalName : WrOS
LegalCopyright : Copyright © 1997-1999
LegalTrademarks : WinRouter
OriginalFilename : WrOS.exe

#:20 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1952
ThreadCreationTime : 7-5-2007 19:21:35
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:21 [s3tray2.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1264
ThreadCreationTime : 7-5-2007 19:21:46
BasePriority : Normal
FileVersion : 1.00.17-1217
ProductVersion : 1.00.17-1217
ProductName : S3 Graphics Utilities
CompanyName : S3 Graphics, Inc.
FileDescription : s3contrl
InternalName : s3contrl
LegalCopyright : Copyright © 2001 S3 Graphics, Inc.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated
OriginalFilename : s3contrl.exe

#:22 [avgnt.exe]
FilePath : C:\Arquivos de programas\AntiVir PersonalEdition Classic\
ProcessID : 1180
ThreadCreationTime : 7-5-2007 19:22:26
BasePriority : Normal
FileVersion : 7.00.04.05
ProductVersion : 7.00.04.05
ProductName : AntiVir Workstation
CompanyName : Avira GmbH
FileDescription : Antivirus System Tray Tool
LegalCopyright : Copyright © 2007 Avira GmbH. All rights reserved.
LegalTrademarks : AntiVir® is a registered trademark of Avira GmbH, Germany.
OriginalFilename : avgnt.exe

#:23 [jusched.exe]
FilePath : C:\Arquivos de programas\Java\jre1.6.0_01\bin\
ProcessID : 1652
ThreadCreationTime : 7-5-2007 19:22:27
BasePriority : Normal


#:24 [zlclient.exe]
FilePath : C:\Arquivos de programas\Zone Labs\ZoneAlarm\
ProcessID : 1788
ThreadCreationTime : 7-5-2007 19:22:30
BasePriority : Normal
FileVersion : 7.0.337.000
ProductVersion : 7.0.337.000
ProductName : ZoneAlarm Client
CompanyName : Zone Labs, LLC
FileDescription : ZoneAlarm Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:25 [dwintrsl.exe]
FilePath : C:\ARQUIV~1\MICROP~1\DELTAT~1.0\
ProcessID : 1412
ThreadCreationTime : 7-5-2007 19:22:32
BasePriority : Normal
FileVersion : 3.0.0.28
ProductVersion : 3.0
CompanyName : MicroPower Software
Comments : Criação e Desenvolvimento: Denis R. Costa

#:26 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1936
ThreadCreationTime : 7-5-2007 19:22:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:27 [skype.exe]
FilePath : C:\Arquivos de programas\Skype\Phone\
ProcessID : 2484
ThreadCreationTime : 7-5-2007 19:23:44
BasePriority : Normal


#:28 [ditto.exe]
FilePath : C:\Arquivos de programas\Ditto\
ProcessID : 2332
ThreadCreationTime : 7-5-2007 19:23:46
BasePriority : Normal
FileVersion : 3, 9, 0, 0
ProductVersion : 3, 9, 0, 0
ProductName : Ditto
FileDescription : Ditto
InternalName : CP_Main
LegalCopyright : Copyright © 2003
OriginalFilename : Ditto

#:29 [windates.exe]
FilePath : C:\Arquivos de programas\WinDates\
ProcessID : 2948
ThreadCreationTime : 7-5-2007 19:23:56
BasePriority : Normal
FileVersion : 5, 1, 0, 0
ProductVersion : 5, 1, 0, 0
ProductName : WinDates
CompanyName : Rockin' Software
FileDescription : WinDates
InternalName : WinDates
LegalCopyright : Copyright © 2004
OriginalFilename : WinDates.exe

#:30 [sgmain.exe]
FilePath : C:\Arquivos de programas\SpywareGuard\
ProcessID : 1024
ThreadCreationTime : 7-5-2007 19:23:58
BasePriority : Normal
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
ProductName : SpywareGuard
FileDescription : SpywareGuard
InternalName : sgmain
LegalCopyright : Copyright © 2002-2003 Javacool Software LLC
OriginalFilename : sgmain.exe
Comments : SpywareGuard

#:31 [sgbhp.exe]
FilePath : C:\Arquivos de programas\SpywareGuard\
ProcessID : 3560
ThreadCreationTime : 7-5-2007 19:24:08
BasePriority : Normal
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
ProductName : SG Browser Hijacking Protection
FileDescription : SG Browser Hijacking Protection
InternalName : sgbhp
LegalCopyright : Copyright © 2002-2003 Javacool Software LLC.
OriginalFilename : sgbhp.exe
Comments : SG Browser Hijacking Protection

#:32 [spybotsd.exe]
FilePath : C:\Arquivos de programas\Spybot - Search & Destroy\
ProcessID : 2924
ThreadCreationTime : 7-5-2007 20:13:08
BasePriority : Normal
FileVersion : 1.4.0.3
ProductVersion : 1, 4, 0, 3
ProductName : SpyBot-S&D
CompanyName : Safer Networking Limited
FileDescription : Spybot - Search & Destroy
InternalName : SpybotSD
LegalCopyright : © 2000-2005 Patrick M. Kolla / Safer Networking Limited. Alle Rechte vorbehalten.
LegalTrademarks : "Spybot" und "Spybot - Search & Destroy" sind registrierte Warenzeichen.
OriginalFilename : SpyBotSD.exe
Comments : Software zum Entfernen von Spyware und ähnlichen Bedrohungen.

#:33 [opera.exe]
FilePath : C:\Arquivos de programas\Opera\
ProcessID : 3880
ThreadCreationTime : 7-5-2007 20:37:33
BasePriority : Normal
FileVersion : 8771
ProductVersion : 9.20
ProductName : Opera Internet Browser
CompanyName : Opera Software
FileDescription : Opera Internet Browser
InternalName : Opera
LegalCopyright : Copyright © Opera Software 1995-2007
OriginalFilename : Opera.exe

#:34 [ad-aware.exe]
FilePath : C:\Arquivos de programas\Lavasoft\Ad-Aware SE Personal\
ProcessID : 400
ThreadCreationTime : 7-5-2007 20:49:43
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 27




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27

18:27:40 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:37:15.544
Objects scanned:184103
Objects identified:0
Objects ignored:0
New critical objects:0



HiJackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 22:25:43, on 7/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\AntiVir PersonalEdition Classic\sched.exe
C:\Arquivos de programas\AntiVir PersonalEdition Classic\avguard.exe
C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Speedy\WrOS.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\S3tray2.exe
C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe
C:\Arquivos de programas\Zone Labs\ZoneAlarm\zlclient.exe
C:\ARQUIV~1\MICROP~1\DELTAT~1.0\DWinTrsl.exe
C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\Ditto\Ditto.exe
C:\Arquivos de programas\WinDates\WinDates.exe
C:\Arquivos de programas\SpywareGuard\sgmain.exe
C:\Arquivos de programas\SpywareGuard\sgbhp.exe
C:\Arquivos de programas\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: (no name) - {4A241D35-F7EB-401b-8C5B-A904A50F280E} - (no file)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Arquivos de programas\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Arquivos de programas\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Arquivos de programas\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [z-WrDialer] C:\Arquivos de programas\Speedy\WrDialer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Arquivos de programas\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WindowsTranslator] C:\ARQUIV~1\MICROP~1\DELTAT~1.0\DWinTrsl.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Ditto] C:\Arquivos de programas\Ditto\Ditto.exe
O4 - Startup: SpywareGuard.lnk = C:\Arquivos de programas\SpywareGuard\sgmain.exe
O4 - Global Startup: WinDates.lnk = C:\Arquivos de programas\WinDates\WinDates.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akama...ex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1164013927883
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A140CD3-FE56-4FFD-834E-18842971D66B}: NameServer = 200.204.0.10 200.204.0.138
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Arquivos de programas\Speedy\WrOS.EXE

    Advertisements

Register to Remove

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users