flpbig 0 Denunciar post Postado Abril 12, 2010 Ja tentei usar o Internet Explorer... o FireFox o Opera... mais nenhum pega... qndu pega vai muito lento mais a maioria das vezes nao pega... alguns sites: www.google.com.br, www.orkut.com.br, www.terra.com.br... Eu vi em um outro tópico que usaram um ComboFix mas resolvi naum usar porque poderia ser diferente então alguem sabe ocmo me ajudarrr?? Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 13, 2010 Boa tarde.... Lei a regra 2 do fórum. Compartilhar este post Link para o post Compartilhar em outros sites
flpbig 0 Denunciar post Postado Abril 13, 2010 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:00:03, on 13/04/2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\FixCamera.exe C:\Windows\tsnp325.exe C:\Windows\vsnp325.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\DAP\DAP.exe C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\conime.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Hijack\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe O4 - HKLM\..\Run: [snp325] C:\Windows\vsnp325.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKCU\..\Run: [speedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE') O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O13 - Gopher Prefix: O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{803B7A0B-90E7-4947-A53C-84CFA55BC6B4}: NameServer = 200.204.0.10 200.204.0.138 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -- End of file - 6676 bytes Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 14, 2010 *Baixe o MalwareBytes Anti-malware e salve-o no desktop *Instale o programa *Se alguma atualização existir,o download será automático. Aguarde... *O programa será aberto automaticamente. *Na aba [Verificação], selecione a opção [Verificação completa] *Clique em [Verificar] e selecione as unidades a serem examinadas *Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados] *Clique em [Remover Selecionados] *Um relatório (mbam-log-ano-mês-data.txt) será apresentado. *Cole-o na sua próxima resposta Compartilhar este post Link para o post Compartilhar em outros sites
flpbig 0 Denunciar post Postado Abril 14, 2010 Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Versão da Base de Dados: 3986 Windows 6.0.6000 Internet Explorer 8.0.6001.18904 14/04/2010 10:14:23 mbam-log-2010-04-14 (10-14-23).txt Tipo de Verificação: Verificação Completa (C:\|) Objetos escaneados: 196291 Tempo decorrido: 43 minuto(s), 40 segundo(s) Processos de Memória Infectados: 0 Módulos de Memória Infectados: 0 Chaves de Registro Infectadas: 0 Valores de Registro Infectados: 0 Itens de Dados no Registro Infectados: 0 Pastas Infectadas: 0 Arquivos Infectados: 1 Processos de Memória Infectados: (Não foram detectados ítens maliciosos) Módulos de Memória Infectados: (Não foram detectados ítens maliciosos) Chaves de Registro Infectadas: (Não foram detectados ítens maliciosos) Valores de Registro Infectados: (Não foram detectados ítens maliciosos) Itens de Dados no Registro Infectados: (Não foram detectados ítens maliciosos) Pastas Infectadas: (Não foram detectados ítens maliciosos) Arquivos Infectados: C:\Users\Lukas\Pictures\AVICodecPackLite3.exe (Adware.Webdir) -> Quarantined and deleted successfully. Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 14, 2010 *Baixe o Kaspersky Virus Removal Tool e salve-o no desktop *Siga este tutorial e cole o relatório Compartilhar este post Link para o post Compartilhar em outros sites
flpbig 0 Denunciar post Postado Abril 15, 2010 Não achou nada... Autoscan: completed <1 minute ago (events: 2, objects: 447920, time: 01:56:56) 14/04/2010 19:12:06 Task started 14/04/2010 21:09:02 Task completed Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 15, 2010 *Baixe o HostsXpert e salve-o no desktop *Extraia para o desktop e execute-o. *Clique em [Editing] > [Copy to Clipboard] > [Copy Host File] *Abra o bloco de notas e cole (Ctrl+v) *Copie e cole aqui no fórum o relatório Compartilhar este post Link para o post Compartilhar em outros sites
flpbig 0 Denunciar post Postado Abril 15, 2010 # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 15, 2010 Até o presente momento, não há nenhum indício de malware. Este PC é seu ou é de empresa? 1. *Delete o HostsXpert 2. *Baixe o RSIT e salve-o no desktop *Duplo clique em RSIT *Clique em [Continue] *Ao término do processo, cole o relatório criado em C:\rsit\log.txt Compartilhar este post Link para o post Compartilhar em outros sites
flpbig 0 Denunciar post Postado Abril 15, 2010 É meu ... e o download não tá pegando.. nao existe Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 15, 2010 *Baixe o OTL e salve-o no desktop *Duplo clique em OTL.exe *Selecione as opções abaixo: [x] Scan All Users [x[ Minimal Output [x] Use Company Name WhiteList [x] Skip Microsoft Files [x] LOP Check [x] Purity Check *Em Custom Scans/Fixes cole o código abaixo: safebootminimal safebootnetwork drivers32 %SYSTEMDRIVE%\*.exe /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll /md5stop %systemroot%\*. /mp /s HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs netsvcs *Clique em [Run Scan] e aguarde o término do processo *Dois relatórios serão criados no desktop chamados: OTL.txt e Extras.txt *Cole o relatório OTL.txt Compartilhar este post Link para o post Compartilhar em outros sites
flpbig 0 Denunciar post Postado Abril 15, 2010 Essa versão não tinha nada dessas opções... estava em português e eu não consegui a opção "Minimal Output" o resto eu coloquei.. o relatório: OTL logfile created on: 15/04/2010 18:33:04 - Run 1 OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Lukas\Desktop Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 1.015,00 Mb Total Physical Memory | 418,00 Mb Available Physical Memory | 41,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 64,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 94,79 Gb Free Space | 63,60% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LUKAS-PC Current User Name: Lukas Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/04/15 17:54:32 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas\Desktop\OTL.exe PRC - [2010/04/10 23:39:14 | 001,607,272 | ---- | M] (Speedbit Ltd.) -- C:\Arquivos de programas\SpeedBit Video Accelerator\VideoAccelerator.exe PRC - [2010/04/10 23:39:14 | 000,300,656 | ---- | M] (Speedbit Ltd.) -- C:\Arquivos de programas\SpeedBit Video Accelerator\VideoAcceleratorService.exe PRC - [2010/04/10 23:39:14 | 000,140,920 | ---- | M] (Speedbit Ltd.) -- C:\Arquivos de programas\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe PRC - [2010/04/10 22:45:48 | 002,815,488 | ---- | M] (SpeedBit Ltd.) -- C:\Arquivos de programas\DAP\DAP.exe PRC - [2010/04/05 19:25:44 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/03/26 18:02:56 | 008,546,848 | ---- | M] (Realtek Semiconductor) -- C:\Arquivos de programas\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2010/03/09 08:24:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe PRC - [2010/03/09 08:24:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/11/04 22:01:18 | 000,682,496 | ---- | M] (Matt Holwood) -- C:\Arquivos de programas\MessengerDiscovery 2\MessengerDiscovery 2.exe PRC - [2009/07/26 16:44:26 | 003,883,840 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe PRC - [2007/07/11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe PRC - [2007/05/10 13:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe PRC - [2007/04/21 09:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe PRC - [2006/11/02 09:32:25 | 001,004,136 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Defender\MSASCui.exe PRC - [2006/11/02 06:45:59 | 000,116,736 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE ========== Modules (SafeList) ========== MOD - [2010/04/15 17:54:32 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas\Desktop\OTL.exe MOD - [2006/11/02 06:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/04/10 23:39:14 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Arquivos de Programas\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService) SRV - [2010/03/09 08:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/03/09 08:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/03/09 08:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/02/25 12:47:00 | 003,489,788 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2006/11/02 09:32:25 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2010/03/26 18:24:58 | 003,048,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010/03/09 08:12:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/03/09 08:12:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/03/09 08:09:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/03/09 08:08:52 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/03/09 08:08:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2008/01/02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008/01/02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) DRV - [2007/11/22 14:47:56 | 010,406,016 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325) DRV - [2007/06/12 13:43:14 | 000,027,648 | ---- | M] (Atheros Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l260x86.sys -- (Atc002) DRV - [2006/11/02 06:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 06:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 06:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 06:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 06:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 06:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 06:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 06:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 06:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 06:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 06:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 06:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 06:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 06:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 06:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 06:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 06:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 06:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 06:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 06:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 06:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 06:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 06:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 06:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 06:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 06:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 06:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 06:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 06:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 06:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 06:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 06:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 06:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006/11/02 06:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006/11/02 06:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 05:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 05:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 05:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 05:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 05:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 05:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 04:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2006/11/02 04:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 04:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2143093803-4128249935-2639853166-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2143093803-4128249935-2639853166-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://pt-BR.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pt-BR:official" FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.4.0.5 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/12 18:06:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/12 18:06:00 | 000,000,000 | ---D | M] [2010/03/31 17:26:30 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\mozilla\Extensions [2010/04/14 18:09:34 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\mozilla\Firefox\Profiles\gid9f3ti.default\extensions [2010/04/12 18:17:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lukas\AppData\Roaming\mozilla\Firefox\Profiles\gid9f3ti.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/04/02 21:35:21 | 000,002,251 | ---- | M] () -- C:\Users\Lukas\AppData\Roaming\Mozilla\FireFox\Profiles\gid9f3ti.default\searchplugins\askcom.xml [2010/03/31 17:24:25 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Mozilla Firefox\extensions [2010/03/16 16:50:41 | 000,001,027 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\buscape.xml [2010/03/16 16:50:41 | 000,001,212 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\mercadolivre.xml [2010/03/16 16:50:41 | 000,001,168 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\wikipedia-br.xml [2010/03/16 16:50:41 | 000,000,952 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\yahoo-br.xml O1 HOSTS File: ([2010/04/13 22:38:59 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de Programas\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Arquivos de Programas\DAP\dapieloader.dll (SpeedBit Ltd.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-2143093803-4128249935-2639853166-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de Programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [avast5] C:\Arquivos de Programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe () O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2143093803-4128249935-2639853166-1000..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (SpeedBit Ltd.) O4 - HKU\S-1-5-21-2143093803-4128249935-2639853166-1000..\Run: [speedBitVideoAccelerator] C:\Arquivos de Programas\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: &Clean Traces - C:\Arquivos de Programas\DAP\Privacy Package\dapcleanerie.htm () O8 - Extra context menu item: &Download with &DAP - C:\Arquivos de Programas\DAP\dapextie.htm () O8 - Extra context menu item: Download &all with DAP - C:\Arquivos de Programas\DAP\dapextie2.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Arquivos de Programas\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O13 - gopher Prefix: missing O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 200.204.0.10 200.204.0.138 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 18:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{7ff960d2-4757-11df-be73-001a92ef14fc}\Shell\AutoRun\command - "" = texar/texar32.exe O33 - MountPoints2\{7ff960d2-4757-11df-be73-001a92ef14fc}\Shell\explore\command - "" = texar/texar32.exe O33 - MountPoints2\{7ff960d2-4757-11df-be73-001a92ef14fc}\Shell\open\command - "" = .\texar/texar32.exe O33 - MountPoints2\{c44635fa-3cca-11df-9001-83508b3af14c}\Shell\AutoRun\command - "" = F:\se11.cmd -- File not found O33 - MountPoints2\{c44635fa-3cca-11df-9001-83508b3af14c}\Shell\open\Command - "" = F:\se11.cmd -- File not found O33 - MountPoints2\{c823fe4b-489b-11df-9dee-001a92ef14fc}\Shell\AutoRun\command - "" = texar/texar32.exe O33 - MountPoints2\{c823fe4b-489b-11df-9dee-001a92ef14fc}\Shell\explore\command - "" = texar/texar32.exe O33 - MountPoints2\{c823fe4b-489b-11df-9dee-001a92ef14fc}\Shell\open\command - "" = .\texar/texar32.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Arquivos de programas\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Arquivos de programas\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 08:18:47 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found ========== Files/Folders - Created Within 30 Days ========== [2010/04/15 18:18:05 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Lukas\Desktop\OTL.exe [2010/04/14 18:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2010/04/14 09:22:32 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Malwarebytes [2010/04/14 09:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/04/13 21:01:00 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Editeur Handling GTA-SA [2010/04/13 17:49:40 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Rockstar Games [2010/04/13 17:48:38 | 000,000,000 | ---D | C] -- C:\Hijack [2010/04/12 22:09:42 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\CCleaner [2010/04/12 19:51:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/04/11 22:41:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\AppData\Local\.# [2010/04/11 21:22:56 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Jogando.net [2010/04/11 19:04:04 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\GTA San Andreas User Files [2010/04/10 23:39:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit [2010/04/10 23:39:11 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\SpeedBit Video Accelerator [2010/04/10 22:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010/04/10 22:45:56 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\My DAP Downloads [2010/04/10 22:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit [2010/04/10 22:45:49 | 000,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx [2010/04/10 22:45:45 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\DAP [2010/04/09 21:59:10 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Project64 1.6 [2010/04/07 19:24:50 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\3d [2010/04/07 19:01:49 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\KONAMI [2010/04/06 18:31:26 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\PesLauncher [2010/04/06 14:09:24 | 003,489,788 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2010/04/06 14:08:46 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2010/04/06 14:06:28 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\INCA Shared [2010/04/06 13:51:43 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\OnGame [2010/04/06 08:44:22 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\Minhas gravacões de webcam [2010/04/05 19:45:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64 [2010/04/04 18:50:12 | 010,406,016 | ---- | C] (Sonix Co. Ltd.) -- C:\Windows\System32\drivers\snp325.sys [2010/04/04 18:50:11 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll [2010/04/04 18:50:11 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnpx32.dll [2010/04/04 18:50:11 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\snp325 [2010/04/04 18:49:56 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\InstallShield [2010/04/04 17:01:41 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Media Player Classic [2010/04/04 14:12:54 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll [2010/04/04 14:12:54 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll [2010/04/04 13:19:29 | 000,000,000 | ---D | C] -- C:\Windows\EffectResources [2010/04/04 13:19:28 | 000,102,400 | ---- | C] (www.zsmc.com.cn) -- C:\Windows\ZS211Cap.exe [2010/04/04 13:19:28 | 000,081,920 | ---- | C] (zsmc) -- C:\Windows\System32\ZS211sti.dll [2010/04/04 13:19:28 | 000,057,344 | ---- | C] (ZSMC) -- C:\Windows\Sti211.exe [2010/04/04 13:19:28 | 000,049,152 | ---- | C] (ZSMCSNAP) -- C:\Windows\ZSSnp211.exe [2010/04/04 13:19:27 | 000,391,836 | ---- | C] (ZSMC Corporation) -- C:\Windows\System32\drivers\ZS211.sys [2010/04/04 13:19:27 | 000,172,115 | ---- | C] (ZSMC) -- C:\Windows\System32\ZS211Prp.Ax [2010/04/04 13:19:27 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Vimicro [2010/04/04 13:19:27 | 000,000,000 | ---D | C] -- C:\Windows\CatRoot [2010/04/04 11:32:37 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\NFS Carbon [2010/04/04 10:36:13 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\GameVicio [2010/04/04 10:14:31 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\NFSC [2010/04/03 18:46:50 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Real [2010/04/03 18:26:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2010/04/03 18:25:46 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2010/04/03 18:25:45 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2010/04/03 18:25:45 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2010/04/03 18:25:45 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2010/04/03 18:25:45 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2010/04/03 18:25:38 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2010/04/03 18:25:38 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2010/04/03 18:25:38 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2010/04/03 18:25:38 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2010/04/03 18:25:38 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2010/04/03 18:25:38 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2010/04/03 18:25:38 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2010/04/03 18:25:37 | 000,311,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2010/04/03 18:25:37 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2010/04/03 18:25:35 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2010/04/03 18:25:35 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2010/04/03 18:25:35 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2010/04/03 18:25:35 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2010/04/03 18:25:35 | 000,307,616 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2010/04/03 18:25:34 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2010/04/03 18:25:34 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2010/04/03 18:25:34 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2010/04/03 18:25:34 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2010/04/03 18:25:34 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2010/04/03 18:25:34 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2010/04/03 18:25:34 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2010/04/03 18:25:34 | 000,102,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2010/04/03 18:25:34 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Realtek [2010/04/03 18:20:23 | 000,000,000 | -H-D | C] -- C:\Arquivos de Programas\Temp [2010/04/03 18:19:50 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\WinRAR [2010/04/03 16:44:54 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\WinRAR [2010/04/03 16:39:48 | 000,000,000 | ---D | C] -- C:\Nova Pasta [2010/04/03 16:32:46 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2010/04/03 16:32:40 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2010/04/03 16:32:40 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2010/04/03 16:32:39 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2010/04/03 16:32:37 | 000,090,112 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll [2010/04/03 16:32:36 | 000,685,056 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx.dll [2010/04/03 16:32:32 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\K-Lite Codec Pack [2010/04/03 15:36:19 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp [2010/04/03 15:36:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2010/04/03 15:29:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2010/04/03 14:03:05 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/04/03 14:03:04 | 000,162,640 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/04/03 14:03:03 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/04/03 14:03:02 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/04/03 14:02:58 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/04/03 14:01:04 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/04/03 14:01:04 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/04/03 14:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010/04/03 14:00:41 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Alwil Software [2010/04/03 12:51:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010/04/02 19:58:48 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\FDRLab [2010/04/02 19:49:39 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\VDownloader [2010/04/02 19:47:56 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Total Video Converter [2010/04/02 19:35:06 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\youtubegrabberv41 [2010/04/02 18:30:16 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\Recordpad [2010/04/02 18:30:16 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Recordpad [2010/04/02 18:28:42 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\NCH Software [2010/04/02 18:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound [2010/04/02 18:27:48 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\NCH Swift Sound [2010/04/02 18:27:46 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\NCH Swift Sound [2010/04/02 18:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Pianosoft [2010/04/02 18:20:30 | 000,040,960 | ---- | C] (DGP) -- C:\Windows\System32\DGPNorm.ocx [2010/04/02 14:05:39 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\7-Zip [2010/03/31 17:26:17 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Mozilla [2010/03/31 17:26:17 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\Mozilla [2010/03/31 17:24:22 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Mozilla Firefox [2010/03/31 17:23:05 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\My Webcam Recordings [2010/03/31 17:22:53 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\MessengerDiscovery 2 [2010/03/31 17:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\MessengerDiscovery 2 [2010/03/31 17:22:35 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\MessengerDiscovery 2 [2010/03/31 13:28:48 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Macromedia [2010/03/31 13:28:43 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Adobe [2010/03/31 13:28:41 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Google [2010/03/31 13:28:41 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\Google [2010/03/31 13:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010/03/31 13:28:18 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Google [2010/03/31 12:34:21 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\Meus arquivos recebidos [2010/03/31 11:57:09 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Documents\Os Meus Registos [2010/03/31 11:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus! [2010/03/31 11:55:56 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Messenger Plus! Live [2010/03/31 11:40:54 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Tracing [2010/03/31 11:34:05 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft [2010/03/31 11:33:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010/03/31 11:33:49 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Windows Live SkyDrive [2010/03/31 11:33:33 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Windows Live [2010/03/31 11:33:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010/03/31 11:33:13 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010/03/31 11:19:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe [2010/03/31 11:04:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010/03/31 11:04:02 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Windows Live [2010/03/31 10:55:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang [2010/03/31 10:54:30 | 000,027,648 | ---- | C] (Atheros Communications) -- C:\Windows\System32\drivers\l260x86.sys [2010/03/31 10:54:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L2 [2010/03/31 10:54:23 | 000,000,000 | ---D | C] -- C:\Intel [2010/03/31 10:53:41 | 000,000,000 | -H-D | C] -- C:\Arquivos de Programas\InstallShield Installation Information [2010/03/31 10:53:13 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\InstallShield [2010/03/31 10:44:29 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Searches [2010/03/31 10:44:21 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Identities [2010/03/31 10:44:19 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Contacts [2010/03/31 10:44:18 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\VirtualStore [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\AppData\Local\Temporary Internet Files [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\SendTo [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Recent [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Modelos [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Documents\Minhas músicas [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Documents\Minhas imagens [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Documents\Meus vídeos [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Meus documentos [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Menu Iniciar [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\AppData\Local\Histórico [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Dados de aplicativos [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\AppData\Local\Dados de aplicativos [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Cookies [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Configurações locais [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Ambiente de rede [2010/03/31 10:44:13 | 000,000,000 | -HSD | C] -- C:\Users\Lukas\Ambiente de impressão [2010/03/31 10:44:11 | 000,000,000 | --SD | C] -- C:\Users\Lukas\AppData\Roaming\Microsoft [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Videos [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Saved Games [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Pictures [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Music [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Links [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Favorites [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Downloads [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Documents [2010/03/31 10:44:11 | 000,000,000 | R--D | C] -- C:\Users\Lukas\Desktop [2010/03/31 10:44:11 | 000,000,000 | -H-D | C] -- C:\Users\Lukas\AppData [2010/03/31 10:44:11 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\Temp [2010/03/31 10:44:11 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\Microsoft [2010/03/31 10:44:11 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Media Center Programs [2010/03/31 10:40:27 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas\Common Files\Sistema [2010/03/31 10:40:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos [2010/03/31 10:40:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas [2010/03/31 10:40:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens [2010/03/31 10:40:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos [2010/03/31 10:40:27 | 000,000,000 | -HSD | C] -- C:\Arquivos de programas [2010/03/31 10:40:27 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas\Arquivos Comuns [2010/03/31 10:40:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar [2010/03/31 10:40:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos [2010/03/31 10:40:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos [2010/03/31 10:40:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos [2010/03/31 10:37:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010/03/31 10:35:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2 [2010/03/31 10:35:19 | 000,000,000 | ---D | C] -- C:\Windows\Debug [2010/03/31 10:35:18 | 000,000,000 | ---D | C] -- C:\Windows\CSC [2010/03/31 10:33:56 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010/03/31 10:33:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010/03/31 10:32:43 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010/03/31 10:32:27 | 000,000,000 | -HSD | C] -- C:\Boot [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/04/15 18:35:28 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/04/15 18:35:28 | 000,505,400 | ---- | M] () -- C:\Windows\System32\prfh0416.dat [2010/04/15 18:35:28 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/04/15 18:35:28 | 000,082,780 | ---- | M] () -- C:\Windows\System32\prfc0416.dat [2010/04/15 18:35:27 | 001,301,472 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/04/15 18:32:33 | 002,359,296 | -HS- | M] () -- C:\Users\Lukas\NTUSER.DAT [2010/04/15 17:56:16 | 000,004,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/04/15 17:56:16 | 000,004,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/04/15 17:56:16 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/04/15 17:56:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/04/15 17:56:01 | 1064,558,592 | -HS- | M] () -- C:\hiberfil.sys [2010/04/15 17:54:32 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas\Desktop\OTL.exe [2010/04/15 15:01:34 | 002,634,666 | -H-- | M] () -- C:\Users\Lukas\AppData\Local\IconCache.db [2010/04/13 22:38:59 | 000,000,734 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/04/13 17:49:39 | 000,001,691 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010/04/13 12:09:22 | 000,000,532 | ---- | M] () -- C:\Windows\win.ini [2010/04/12 22:09:43 | 000,001,670 | ---- | M] () -- C:\Users\Lukas\Desktop\CCleaner.lnk [2010/04/12 19:50:44 | 003,912,873 | ---- | M] () -- C:\Users\Lukas\Desktop\ComboFix.exe [2010/04/11 21:29:19 | 000,001,947 | ---- | M] () -- C:\Users\Lukas\Desktop\MU Jogando.NET.lnk [2010/04/10 22:45:49 | 000,172,032 | ---- | M] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx [2010/04/10 10:06:17 | 000,001,104 | ---- | M] () -- C:\Users\Lukas\Desktop\Project64.lnk [2010/04/08 12:42:56 | 000,002,837 | ---- | M] () -- C:\Windows\System32\lchdebuglog.ini [2010/04/07 19:31:40 | 000,001,366 | ---- | M] () -- C:\Users\Lukas\Desktop\Winning Eleven 8.lnk [2010/04/07 19:30:45 | 000,000,099 | ---- | M] () -- C:\Users\Lukas\zWEB.bat [2010/04/07 19:28:29 | 000,000,097 | ---- | M] () -- C:\Users\Lukas\Documents\WE8.bat [2010/04/06 13:53:33 | 000,000,874 | ---- | M] () -- C:\Users\Lukas\Desktop\GunboundWC.lnk [2010/04/06 12:35:31 | 031,899,648 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl [2010/04/06 12:35:31 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf [2010/04/06 12:35:30 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx [2010/04/05 20:15:09 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2010/04/05 20:12:30 | 000,229,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/04/05 19:59:18 | 001,657,350 | ---- | M] () -- C:\Windows\System32\wlan.tmf [2010/04/05 18:08:07 | 000,443,912 | RHS- | M] () -- C:\bootmgr [2010/04/04 18:55:04 | 016,516,608 | ---- | M] () -- C:\Users\Lukas\Documents\asdsad [2010/04/04 14:26:55 | 000,230,424 | ---- | M] () -- C:\img2-001.raw [2010/04/04 12:32:16 | 000,436,017 | ---- | M] () -- C:\Users\Lukas\Documents\Sem Título (3).wma [2010/04/04 12:30:07 | 000,287,847 | ---- | M] () -- C:\Users\Lukas\Documents\Sem Título (2).wma [2010/04/04 11:47:33 | 000,216,007 | ---- | M] () -- C:\Users\Lukas\Documents\Sem Título.wma [2010/04/03 16:39:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010/04/03 16:39:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/04/03 15:26:11 | 118,180,702 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/04/03 14:03:07 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/04/03 14:02:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/04/02 20:20:30 | 000,011,264 | ---- | M] () -- C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/02 20:18:32 | 001,028,728 | ---- | M] () -- C:\Users\Lukas\Documents\YouTube- What is this car - Que coche es.avi [2010/04/02 20:00:35 | 001,718,486 | ---- | M] () -- C:\Users\Lukas\Documents\YouTube- Conta giros digital em leds.avi [2010/04/02 19:58:49 | 000,000,867 | ---- | M] () -- C:\Users\Lukas\Desktop\YouTube Download.lnk [2010/04/02 19:49:34 | 000,048,992 | ---- | M] () -- C:\Users\Lukas\AppData\Local\GDIPFONTCACHEV1.DAT [2010/04/02 19:48:04 | 000,000,786 | ---- | M] () -- C:\Users\Lukas\Desktop\Total Video Converter.lnk [2010/04/01 08:55:14 | 000,000,104 | ---- | M] () -- C:\Users\Lukas\Desktop\Internet Explorer.lnk [2010/03/31 17:26:20 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2010/03/31 17:24:27 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/03/31 12:19:45 | 000,016,058 | ---- | M] () -- C:\Windows\System32\results.xml [2010/03/31 12:17:39 | 000,524,288 | -HS- | M] () -- C:\Users\Lukas\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms [2010/03/31 12:17:39 | 000,524,288 | -HS- | M] () -- C:\Users\Lukas\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms [2010/03/31 12:17:39 | 000,065,536 | -HS- | M] () -- C:\Users\Lukas\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf [2010/03/31 12:17:16 | 000,171,136 | RHS- | M] () -- C:\grldr [2010/03/31 12:09:16 | 000,001,977 | ---- | M] () -- C:\Users\Lukas\Desktop\Windows Live Messenger .lnk [2010/03/31 11:04:12 | 000,000,944 | ---- | M] () -- C:\Users\Lukas\Desktop\Windows Media Player.lnk [2010/03/31 10:46:38 | 000,000,373 | ---- | M] () -- C:\Users\Lukas\Desktop\Documentos.lnk [2010/03/31 10:46:34 | 000,000,104 | ---- | M] () -- C:\Users\Lukas\Desktop\Computador.lnk [2010/03/31 10:44:13 | 000,000,020 | -HS- | M] () -- C:\Users\Lukas\ntuser.ini [2010/03/31 10:37:31 | 000,051,585 | ---- | M] () -- C:\Windows\System32\license.rtf [2010/03/31 10:37:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf [2010/03/31 10:32:29 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010/03/17 12:08:32 | 000,307,616 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/04/13 17:49:39 | 000,001,691 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010/04/12 22:09:43 | 000,001,670 | ---- | C] () -- C:\Users\Lukas\Desktop\CCleaner.lnk [2010/04/12 19:50:17 | 003,912,873 | ---- | C] () -- C:\Users\Lukas\Desktop\ComboFix.exe [2010/04/12 18:32:39 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010/04/11 21:29:19 | 000,001,947 | ---- | C] () -- C:\Users\Lukas\Desktop\MU Jogando.NET.lnk [2010/04/10 10:06:17 | 000,001,104 | ---- | C] () -- C:\Users\Lukas\Desktop\Project64.lnk [2010/04/07 19:30:45 | 000,000,099 | ---- | C] () -- C:\Users\Lukas\zWEB.bat [2010/04/07 19:29:02 | 000,001,366 | ---- | C] () -- C:\Users\Lukas\Desktop\Winning Eleven 8.lnk [2010/04/07 19:28:29 | 000,000,097 | ---- | C] () -- C:\Users\Lukas\Documents\WE8.bat [2010/04/07 19:21:15 | 000,002,837 | ---- | C] () -- C:\Windows\System32\lchdebuglog.ini [2010/04/06 14:08:46 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2010/04/06 13:53:33 | 000,000,874 | ---- | C] () -- C:\Users\Lukas\Desktop\GunboundWC.lnk [2010/04/05 19:59:17 | 001,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2010/04/05 18:38:27 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf [2010/04/05 18:38:27 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx [2010/04/05 18:38:26 | 031,899,648 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl [2010/04/04 18:53:53 | 016,516,608 | ---- | C] () -- C:\Users\Lukas\Documents\asdsad [2010/04/04 18:50:13 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe [2010/04/04 18:50:13 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe [2010/04/04 18:50:13 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini [2010/04/04 18:50:13 | 000,013,023 | ---- | C] () -- C:\Windows\snp325.src [2010/04/04 14:26:55 | 000,230,424 | ---- | C] () -- C:\img2-001.raw [2010/04/04 14:13:07 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2010/04/04 13:19:28 | 000,049,152 | ---- | C] () -- C:\Windows\Domino.exe [2010/04/04 12:32:16 | 000,436,017 | ---- | C] () -- C:\Users\Lukas\Documents\Sem Título (3).wma [2010/04/04 12:30:07 | 000,287,847 | ---- | C] () -- C:\Users\Lukas\Documents\Sem Título (2).wma [2010/04/04 11:47:33 | 000,216,007 | ---- | C] () -- C:\Users\Lukas\Documents\Sem Título.wma [2010/04/03 16:39:54 | 000,336,274 | ---- | C] () -- C:\Windows\OPENGL32.LIB [2010/04/03 16:39:53 | 001,093,958 | ---- | C] () -- C:\Windows\GLAUX.LIB [2010/04/03 16:39:53 | 000,068,392 | ---- | C] () -- C:\Windows\GL.H [2010/04/03 16:39:53 | 000,049,514 | ---- | C] () -- C:\Windows\GLU32.LIB [2010/04/03 16:39:53 | 000,018,282 | ---- | C] () -- C:\Windows\GLU.H [2010/04/03 16:39:53 | 000,012,024 | ---- | C] () -- C:\Windows\GLAUX.H [2010/04/03 16:39:26 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010/04/03 16:39:26 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010/04/03 16:32:45 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010/04/03 16:32:45 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/04/03 16:32:40 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2010/04/03 16:32:38 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010/04/03 16:32:38 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010/04/03 16:32:37 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2010/04/03 16:32:34 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/04/03 16:32:34 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2010/04/03 14:03:07 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/04/03 12:51:09 | 118,180,702 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/04/02 20:17:10 | 001,028,728 | ---- | C] () -- C:\Users\Lukas\Documents\YouTube- What is this car - Que coche es.avi [2010/04/02 19:59:37 | 001,718,486 | ---- | C] () -- C:\Users\Lukas\Documents\YouTube- Conta giros digital em leds.avi [2010/04/02 19:58:49 | 000,000,867 | ---- | C] () -- C:\Users\Lukas\Desktop\YouTube Download.lnk [2010/04/02 19:48:04 | 000,000,786 | ---- | C] () -- C:\Users\Lukas\Desktop\Total Video Converter.lnk [2010/04/02 18:23:46 | 000,006,832 | ---- | C] () -- C:\Windows\System32\PulseSoundTouchForVB.tlb [2010/04/01 08:55:14 | 000,000,104 | ---- | C] () -- C:\Users\Lukas\Desktop\Internet Explorer.lnk [2010/03/31 17:26:20 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010/03/31 17:24:27 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/03/31 12:19:45 | 000,016,058 | ---- | C] () -- C:\Windows\System32\results.xml [2010/03/31 12:17:16 | 000,171,136 | RHS- | C] () -- C:\grldr [2010/03/31 12:09:16 | 000,001,977 | ---- | C] () -- C:\Users\Lukas\Desktop\Windows Live Messenger .lnk [2010/03/31 11:04:12 | 000,000,944 | ---- | C] () -- C:\Users\Lukas\Desktop\Windows Media Player.lnk [2010/03/31 10:55:54 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1132.dll [2010/03/31 10:55:39 | 000,121,232 | R--- | C] () -- C:\Windows\System32\IScrNBR.bmp [2010/03/31 10:55:39 | 000,121,232 | R--- | C] () -- C:\Windows\System32\IScrNB.bmp [2010/03/31 10:48:54 | 000,011,264 | ---- | C] () -- C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/31 10:46:38 | 000,000,373 | ---- | C] () -- C:\Users\Lukas\Desktop\Documentos.lnk [2010/03/31 10:46:34 | 000,000,104 | ---- | C] () -- C:\Users\Lukas\Desktop\Computador.lnk [2010/03/31 10:44:13 | 000,000,020 | -HS- | C] () -- C:\Users\Lukas\ntuser.ini [2010/03/31 10:44:12 | 000,524,288 | -HS- | C] () -- C:\Users\Lukas\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms [2010/03/31 10:44:12 | 000,524,288 | -HS- | C] () -- C:\Users\Lukas\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms [2010/03/31 10:44:12 | 000,262,144 | -H-- | C] () -- C:\Users\Lukas\ntuser.dat.LOG1 [2010/03/31 10:44:12 | 000,065,536 | -HS- | C] () -- C:\Users\Lukas\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf [2010/03/31 10:44:12 | 000,000,000 | -H-- | C] () -- C:\Users\Lukas\ntuser.dat.LOG2 [2010/03/31 10:44:11 | 002,359,296 | -HS- | C] () -- C:\Users\Lukas\NTUSER.DAT [2010/03/31 10:39:12 | 1064,558,592 | -HS- | C] () -- C:\hiberfil.sys [2010/03/31 10:32:29 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK [2010/03/31 10:32:28 | 000,443,912 | RHS- | C] () -- C:\bootmgr [2008/01/02 16:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll [2006/11/02 09:34:23 | 000,080,010 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2006/11/02 09:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 04:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini ========== LOP Check ========== [2010/04/06 08:43:43 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\MessengerDiscovery 2 [2010/04/02 18:29:51 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\NCH Swift Sound [2010/04/02 18:30:16 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Recordpad [2010/04/15 15:02:07 | 000,019,052 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2006/11/02 06:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006/11/02 06:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2006/11/02 06:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\drivers\atapi.sys [2006/11/02 06:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006/11/02 06:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 06:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2006/11/02 06:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006/11/02 06:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006/11/02 06:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll [2006/11/02 06:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll < MD5 for: NVSTOR.SYS > [2006/11/02 06:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006/11/02 06:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys < MD5 for: SCECLI.DLL > [2006/11/02 06:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll [2006/11/02 06:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll < %systemroot%\*. /mp /s > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-04-14 17:54:12 ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Lukas\Documents\YouTube- Conta giros digital em leds.avi:TOC.WMV @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 16, 2010 Não encontrei nada que justifique este seu problema. Há entradas no registro provenientes de uma contaminação por usb. Este seu problema começou com a instalação de algum programa? Você conhece este arquivo? C:\Users\Lukas\zWEB.bat Compartilhar este post Link para o post Compartilhar em outros sites
flpbig 0 Denunciar post Postado Abril 16, 2010 Bom, eu formatei o PC ai eu comecei a instalar uns programas.. né sim conheço é do meu winning eleven 8 Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Abril 18, 2010 1. *Clique em Iniciar > Painel de Controle > Contas de Usuários > Ativar ou Desativar Contas de Usuários > Confirme > Continuar > Desmarque "Utilizar o Controle de Conta de Usuário (UAC) para ajudar a proteger o computador" > OK > Confirme > Reinicie o PC 2. *Baixe o USBFix e salve-o no desktop *Desative temporariamente seu antivírus *Espete o Pendrive no PC *Duplo clique em UsbFix *Tecle P > [ENTER] *Tecle 1 > [ENTER] e aguarde o término *Remova o Pendrive *Cole o relatório criado em C:\UsbFix.txt Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Maio 18, 2010 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
