Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

vasp

[Resolvido!] Analise de log

Recommended Posts

eu não consigo instalar nenhum .exe, o Avira fica alertando virus em qualquer programa, aleatoriamente...

A baixo o log do HijackThis2.0.4

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:39:15, on 1/9/2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\AppServ\Apache2.2\bin\httpd.exe

C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\AppServ\Apache2.2\bin\httpd.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\TortoiseSVN\bin\TSVNCache.exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\FirefoxPortable\FirefoxPortable.exe

C:\FirefoxPortable\App\firefox\firefox.exe

C:\FirefoxPortable\App\firefox\plugin-container.exe

C:\Documents and Settings\XP\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://free.avg.com/br-pt.virbase-appf9?IDN=MGJmNjcyN2JlNjY1YzAwMA

O1 - Hosts: 70.38.12.152 L2authd.lineage2.com

O1 - Hosts: 66.240.255.107 nprotect.lineage2.com

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG9\avgssie.dll (file missing)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\system32\msconfig.exe /auto

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\RunServices: [csrcs] C:\WINDOWS\system32\csrcs.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{67E1F43E-C21B-442E-818F-BF9CE65083BC}: NameServer = 8.8.8.8,8.8.4.4

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 9393 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

############################## | FindyKill V5.048 |

 

# User : XP (Usuários) # XP-MICR789

# Update on 28/08/2010 by El Desaparecido

# Start at: 17:27:14 | 1/9/2010

# Website : http://pagesperso-orange.fr/NosTools/index.html

# Contact : FindyKill.Contact@gmail.com

 

# AMD Phenom 9650 Quad-Core Processor

# Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 2

# Internet Explorer 6.0.2900.2180

# Windows Firewall Status : Enabled

# AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

 

# C:\ # Disco fixo local # 292,97 Go (145,14 Go free) # NTFS

# D:\ # Disco CD-ROM

# E:\ # Disco fixo local # 172,78 Go (156,89 Go free) # NTFS

# F:\ # Disco CD-ROM

# G:\ # Disco removível # 3,73 Go (3,73 Go free) [KINGSTON] # FAT32

 

################## | Ficheiros infeciosos |

 

 

################## | Registro |

 

 

################## | Estado |

 

# Affichagem dos arquivos ocultos : OK

 

# Safe mode : OK

 

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )

# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )

# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )

# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )

# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

 

################## | ! Fim do relatório # FindyKill V5.048 ! |

 

Log do findykill

Compartilhar este post


Link para o post
Compartilhar em outros sites

*Baixe o OTL e salve-o no desktop

 

*Execute o OTL e selecione as opções abaixo:

 

[X] Verificar All Users

Exame Extra do Registro: [X] Nenhum

[X] Ignorar Arquivos Microsoft

[X] Usar WhiteList para Nomes de Companhias

[X] Verificar Lop

[X] Verificar Purity

*Deixe as demais opções como estão.

*Clique no espaço abaixo de "Exames Personalizados/Correções" e cole o código:

%SystemRoot%\system32\drivers\*.*

%SystemRoot%\Prefetch\*.*

%SystemDrive%\documents and settings\All Users\Dados de aplicativos\*.*

%SystemDrive%\documents and settings\All Users\Dados de aplicativos\*

%SystemDrive%\documents and settings\All Users\Menu iniciar\Programas\Inicializar\*.*

%SystemDrive%\documents and settings\User\Configurações Locais\Temp\*.*

netsvcs

 

*Clique [Verificar]

*Cole o relatório OTL.txt apresentado

Compartilhar este post


Link para o post
Compartilhar em outros sites

OTL logfile created on: 1/9/2010 18:10:55 - Run 1

OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\XP\Desktop

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 292,97 Gb Total Space | 145,16 Gb Free Space | 49,55% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 172,78 Gb Total Space | 156,89 Gb Free Space | 90,80% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

Drive G: | 3,73 Gb Total Space | 3,73 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: XP-MICR789

Current User Name: XP

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010/09/01 18:10:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.com

PRC - [2010/07/24 13:37:41 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\FirefoxPortable\App\Firefox\plugin-container.exe

PRC - [2010/07/24 13:37:40 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\FirefoxPortable\App\Firefox\firefox.exe

PRC - [2010/04/17 11:29:56 | 000,619,784 | ---- | M] (http://tortoisesvn.net) -- C:\Arquivos de programas\TortoiseSVN\bin\TSVNCache.exe

PRC - [2009/09/10 11:12:38 | 000,152,688 | ---- | M] (PortableApps.com) -- C:\FirefoxPortable\FirefoxPortable.exe

PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

PRC - [2008/01/17 14:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) -- C:\AppServ\Apache2.2\bin\httpd.exe

PRC - [2004/08/03 23:45:34 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2004/08/03 23:45:32 | 000,400,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/09/01 18:10:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.com

MOD - [2004/08/03 23:44:04 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

MOD - [2004/08/03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010/08/20 22:46:35 | 002,854,488 | ---- | M] () [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Akamai\rswin_3745.dll -- (Akamai)

SRV - [2010/03/30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2009/12/06 16:49:00 | 003,386,992 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)

SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2008/01/17 14:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\AppServ\Apache2.2\bin\httpd.exe -- (Apache2.2)

SRV - [2007/06/27 18:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva327.sys -- (XDva327)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva315.sys -- (XDva315)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva297.sys -- (XDva297)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ManyCam.sys -- (ManyCam)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\XP\CONFIG~1\Temp\SPJ30.tmp -- (GarenaPEngine)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\XP\CONFIG~1\Temp\extrem.sys -- (extrem.sys)

DRV - [2010/05/28 03:04:51 | 000,091,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Arquivos de programas\sXe Injected\ddsxei.sys -- (ddsxeiservice)

DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2009/12/01 11:40:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009/01/21 13:08:00 | 006,305,472 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

DRV - [2008/11/25 05:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008/08/18 07:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)

DRV - [2008/08/01 00:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2008/08/01 00:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2007/09/04 19:01:04 | 000,037,009 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Arquivos de programas\Gravity\Ragnarok Online\npkcusb.sys -- (npkcusb)

DRV - [2007/09/04 19:01:04 | 000,021,442 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Arquivos de programas\Gravity\Ragnarok Online\npkcrypt.sys -- (npkcrypt)

DRV - [2005/01/07 16:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)

DRV - [2004/08/14 15:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Driver de áudio USB (WDM)

DRV - [2003/09/25 17:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

 

IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

 

IE - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/

IE - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-1547161642-651377827-725345543-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-21-1547161642-651377827-725345543-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

[2010/09/01 16:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions

[2010/08/30 13:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions-BackupByFirefoxPortable

[2010/08/30 13:04:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions-BackupByFirefoxPortable\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009/10/04 20:48:30 | 000,023,158 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\localstrike.xml

 

O1 HOSTS File: ([2009/08/30 17:12:07 | 000,000,092 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 70.38.12.152 L2authd.lineage2.com

O1 - Hosts: 66.240.255.107 nprotect.lineage2.com

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG9\avgssie.dll File not found

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll ()

O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKU\S-1-5-21-1547161642-651377827-725345543-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll (Ask.com)

O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\System32\msconfig.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\RunServices: [csrcs] C:\WINDOWS\System32\csrcs.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O7 - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1

O7 - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O8 - Extra context menu item: &Download by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Baixar com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dllink.htm ()

O8 - Extra context menu item: Baixar tudo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlall.htm ()

O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlfvideo.htm ()

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Download selecionado pelo Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlselected.htm ()

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2002/02/21 05:49:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010/09/01 17:20:05 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2010/09/01 17:20:06 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2010/09/01 17:20:08 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ FAT32 ]

O33 - MountPoints2\{69540456-ddb6-11de-97db-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{69540456-ddb6-11de-97db-806d6172696f}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe -- File not found

O33 - MountPoints2\{dca6cb71-6fdb-11df-8cf8-002618ea9e39}\Shell\aUtoPlAy\coMmaNd - "" = G:\idlef.pif -- File not found

O33 - MountPoints2\{dca6cb71-6fdb-11df-8cf8-002618ea9e39}\Shell\AutoRun\command - "" = G:\idlef.pif -- File not found

O33 - MountPoints2\{dca6cb71-6fdb-11df-8cf8-002618ea9e39}\Shell\eXPLorE\COmMaNd - "" = G:\idlef.pif -- File not found

O33 - MountPoints2\{dca6cb71-6fdb-11df-8cf8-002618ea9e39}\Shell\oPen\commANd - "" = G:\idlef.pif -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/09/01 18:10:25 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.com

[2010/09/01 17:34:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\Recent

[2010/09/01 17:26:43 | 000,000,000 | ---D | C] -- C:\FyK

[2010/09/01 17:26:43 | 000,000,000 | ---D | C] -- \FyK

[2010/09/01 17:20:05 | 000,000,000 | RHSD | C] -- C:\Autorun.inf

[2010/09/01 17:20:05 | 000,000,000 | RHSD | C] -- \Autorun.inf

[2010/09/01 16:38:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\XP\Desktop\HiJackThis.exe

[2010/09/01 16:28:22 | 001,214,584 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix(3).exe

[2010/09/01 16:16:47 | 001,214,584 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix(2).exe

[2010/09/01 16:08:42 | 000,000,000 | ---D | C] -- C:\UsbFix

[2010/09/01 16:08:42 | 000,000,000 | ---D | C] -- \UsbFix

[2010/09/01 16:08:30 | 001,208,952 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix.exe

[2010/08/28 12:51:45 | 000,000,000 | ---D | C] -- C:\RagnaSony

[2010/08/28 12:51:45 | 000,000,000 | ---D | C] -- \RagnaSony

[2010/08/25 07:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\EDINETE - FACULDADE

[2010/08/22 18:54:37 | 000,000,000 | ---D | C] -- C:\PopGameBox

[2010/08/22 18:54:37 | 000,000,000 | ---D | C] -- \PopGameBox

[2010/08/22 18:50:55 | 006,872,723 | ---- | C] (Pop Game Soft, Inc. ) -- C:\Documents and Settings\XP\Meus documentos\popgamebox_fsetup.exe

[2010/08/14 16:43:31 | 001,283,912 | ---- | C] (Blizzard Entertainment) -- C:\Documents and Settings\XP\Meus documentos\wowclient-downloader.exe

[2010/08/07 03:47:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Blizzard Entertainment

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/09/01 18:10:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.com

[2010/09/01 18:01:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2010/09/01 17:37:01 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/09/01 17:37:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/09/01 17:35:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/09/01 17:35:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/09/01 17:34:44 | 009,961,472 | -H-- | M] () -- C:\Documents and Settings\XP\NTUSER.DAT

[2010/09/01 17:26:40 | 001,331,978 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Setup.exe

[2010/09/01 17:19:15 | 000,716,035 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\UsbFix (versão 3.030)

[2010/09/01 17:07:52 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk

[2010/09/01 16:54:42 | 001,208,952 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix.exe

[2010/09/01 16:38:35 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\XP\Desktop\HiJackThis.exe

[2010/09/01 16:34:11 | 000,000,734 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/09/01 16:34:11 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/09/01 16:34:11 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2010/09/01 16:28:23 | 001,214,584 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix(3).exe

[2010/09/01 16:16:47 | 001,214,584 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix(2).exe

[2010/09/01 15:43:33 | 000,207,962 | ---- | M] () -- C:\WINDOWS\System32\1nvapps.xml

[2010/09/01 15:36:56 | 000,079,597 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\asdasdasd.jpg

[2010/09/01 15:27:29 | 000,034,542 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\download338.jpg

[2010/09/01 14:51:02 | 000,028,061 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\retorno_do_rei_10.jpg

[2010/09/01 14:46:00 | 000,043,374 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Lordoftherings-3.JPG

[2010/09/01 14:17:45 | 000,057,312 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\1069850_4.jpg

[2010/09/01 14:00:26 | 000,007,318 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\estatueta_oscar.jpg

[2010/09/01 13:55:56 | 000,049,695 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\senhor-dos-aneis-3-poster07.jpg

[2010/09/01 01:04:54 | 000,000,330 | -HS- | M] () -- C:\Documents and Settings\XP\ntuser.ini

[2010/08/31 19:24:43 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Arthas - RagNanime.exe.lnk

[2010/08/30 13:12:45 | 000,206,848 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Iara antes de ser sereia era uma índia guerreira.doc

[2010/08/30 13:07:40 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Microsoft Office Word 2003.lnk

[2010/08/27 21:10:58 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\XP\intlname.ols

[2010/08/27 12:32:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/08/26 20:07:57 | 000,057,856 | ---- | M] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/26 15:49:58 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Ragnanime.lnk

[2010/08/25 12:31:24 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Teamspeak RC2.lnk

[2010/08/25 09:34:27 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\Curriculum Vitae Nete.doc

[2010/08/25 07:54:15 | 000,000,491 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\EDINETE - FACULDADE.lnk

[2010/08/23 16:41:34 | 026,517,867 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\RagNanime - Arthas 1.3a.exe

[2010/08/23 15:22:51 | 332,612,446 | ---- | M] () -- C:\Arquivos de programas\Valve.rar

[2010/08/23 12:51:26 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Atalho para RSBot-118.lnk

[2010/08/22 18:54:40 | 000,001,392 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Popgamebox.lnk

[2010/08/22 18:54:31 | 006,872,723 | ---- | M] (Pop Game Soft, Inc. ) -- C:\Documents and Settings\XP\Meus documentos\popgamebox_fsetup.exe

[2010/08/22 16:08:34 | 000,001,197 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Meus documentos.lnk

[2010/08/22 03:35:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/08/16 21:36:36 | 000,014,546 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Partido do Inovador.JPG

[2010/08/15 04:00:55 | 002,642,182 | -H-- | M] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\IconCache.db

[2010/08/15 02:10:48 | 000,001,866 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\HallsRO.lnk

[2010/08/14 21:27:38 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Slave-RO.lnk

[2010/08/14 18:28:09 | 000,001,849 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\SecretRO.ink.lnk

[2010/08/14 17:15:31 | 000,000,031 | ---- | M] () -- C:\WINDOWS\GunzLauncher.INI

[2010/08/14 16:43:46 | 001,283,912 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\XP\Meus documentos\wowclient-downloader.exe

[2010/08/10 10:41:20 | 006,586,233 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Edital_357_2010_Graduacao.pdf

[2010/08/09 00:03:06 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\HV.doc

[2010/08/08 01:33:10 | 000,000,515 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\D2PK Launcher.lnk

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/09/01 18:09:10 | 000,001,252 | ---- | C] () -- \FyK.txt

[2010/09/01 17:26:31 | 001,331,978 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Setup.exe

[2010/09/01 17:19:07 | 000,716,035 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\UsbFix (versão 3.030)

[2010/09/01 16:55:24 | 000,000,890 | ---- | C] () -- \UsbFix.txt

[2010/09/01 16:26:04 | 026,517,867 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\RagNanime - Arthas 1.3a.exe

[2010/09/01 15:40:47 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\XP\control_panel.txt

[2010/09/01 15:36:54 | 000,079,597 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\asdasdasd.jpg

[2010/09/01 15:27:06 | 000,034,542 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\download338.jpg

[2010/09/01 14:51:02 | 000,028,061 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\retorno_do_rei_10.jpg

[2010/09/01 14:17:45 | 000,057,312 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\1069850_4.jpg

[2010/09/01 14:07:20 | 000,043,374 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Lordoftherings-3.JPG

[2010/09/01 14:00:26 | 000,007,318 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\estatueta_oscar.jpg

[2010/09/01 13:55:55 | 000,049,695 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\senhor-dos-aneis-3-poster07.jpg

[2010/08/30 13:12:45 | 000,206,848 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Iara antes de ser sereia era uma índia guerreira.doc

[2010/08/26 15:49:32 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Ragnanime.lnk

[2010/08/25 12:31:24 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Teamspeak RC2.lnk

[2010/08/25 07:54:15 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\EDINETE - FACULDADE.lnk

[2010/08/23 18:05:58 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Arthas - RagNanime.exe.lnk

[2010/08/23 15:18:56 | 332,612,446 | ---- | C] () -- C:\Arquivos de programas\Valve.rar

[2010/08/22 18:54:40 | 000,001,392 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Popgamebox.lnk

[2010/08/22 16:07:27 | 000,001,197 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Meus documentos.lnk

[2010/08/15 02:10:48 | 000,001,866 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\HallsRO.lnk

[2010/08/15 01:54:04 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\XP\intlname.ols

[2010/08/14 18:28:09 | 000,001,849 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\SecretRO.ink.lnk

[2010/08/14 18:21:39 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Slave-RO.lnk

[2010/08/10 10:40:23 | 006,586,233 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Edital_357_2010_Graduacao.pdf

[2010/08/09 21:43:53 | 000,014,546 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Partido do Inovador.JPG

[2010/08/08 23:40:40 | 000,225,280 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\HV.doc

[2010/08/08 01:32:59 | 000,000,515 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\D2PK Launcher.lnk

[2010/07/22 14:18:19 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll

[2010/07/20 17:37:28 | 003,352,628 | ---- | C] () -- C:\Arquivos de programas\Remere's Map Editor.rar

[2010/06/27 18:46:38 | 003,577,605 | ---- | C] () -- C:\Arquivos de programas\TibiaBot NG4.rar

[2010/06/20 00:58:59 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dksav3.ini

[2010/06/20 00:56:16 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dksav1.ini

[2010/05/01 22:50:07 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\XP\Dados de aplicativos\RSBot Accounts.ini

[2010/02/03 22:52:04 | 000,000,686 | ---- | C] () -- C:\WINDOWS\SIERRA.INI

[2009/12/24 15:12:17 | 000,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI

[2009/12/05 21:47:08 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\fusioncache.dat

[2009/12/04 19:36:52 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI

[2009/12/04 19:23:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009/12/01 12:04:38 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll

[2009/12/01 12:04:38 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll

[2009/12/01 12:04:38 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll

[2009/12/01 11:40:29 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/01 11:40:00 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009/11/30 10:54:29 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009/11/30 10:53:43 | 000,008,274 | ---- | C] () -- C:\WINDOWS\WDIC.INI

[2009/11/30 10:45:02 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini

[2009/11/30 10:44:52 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys

[2009/11/30 10:44:43 | 000,023,640 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2009/11/30 10:44:43 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2009/01/21 13:08:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2009/01/21 13:08:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2009/01/21 13:08:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2009/01/21 13:08:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2008/05/08 06:15:34 | 000,043,368 | ---- | C] () -- C:\WINDOWS\php.ini

[2008/05/07 16:17:10 | 002,076,672 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll

[2003/04/07 10:30:02 | 000,005,383 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

 

========== LOP Check ==========

 

[2009/12/01 11:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite

[2010/02/16 00:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FreeDownloadManager.ORG

[2010/01/19 16:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

[2009/12/25 00:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NFS Underground

[2010/06/20 00:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PMB Files

[2010/08/11 11:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2010/04/03 18:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\W3i

[2009/12/01 12:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\DAEMON Tools Lite

[2010/06/02 15:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Easeware

[2010/08/31 19:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Free Download Manager

[2010/06/02 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\GetRightToGo

[2010/08/12 19:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\LimeWire

[2010/05/18 20:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\LolClient

[2010/04/04 15:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\ManyCam

[2010/06/26 23:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Orbit

[2010/07/18 18:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Remere's Map Editor

[2010/06/27 15:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Sony Online Entertainment

[2010/07/25 19:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\sqlitestudio

[2010/05/01 21:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Subversion

[2010/07/18 20:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Tibia

[2010/06/20 11:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Turbine

[2010/08/12 19:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\uTorrent

[2010/09/01 18:01:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SystemRoot%\system32\drivers\*.* >

[2004/08/03 23:35:08 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpi.sys

[2001/10/28 14:06:06 | 000,011,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpiec.sys

[2004/08/03 21:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys

[2004/08/03 22:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\afd.sys

[2008/08/05 09:10:12 | 001,684,736 | ---- | M] (Creative) -- C:\WINDOWS\system32\drivers\Ambfilt.sys

[2004/08/03 23:55:42 | 000,041,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk6.sys

[2004/08/03 23:55:42 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys

[2004/08/03 23:55:42 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\arp1394.sys

[2004/08/14 15:56:20 | 000,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys

[2007/12/28 04:22:02 | 000,010,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS

[2004/08/03 22:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\asyncmac.sys

[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys

[2004/08/03 21:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmarpc.sys

[2001/10/28 14:06:10 | 000,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmepvc.sys

[2004/08/03 21:58:36 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmlane.sys

[2001/10/28 14:06:10 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmuni.sys

[2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\audstub.sys

[2009/02/13 11:17:49 | 000,045,416 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntdd.sys

[2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys

[2009/02/13 11:29:11 | 000,022,360 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntmgr.sys

[2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys

[2001/10/28 14:06:10 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\beep.sys

[2004/08/03 21:59:58 | 000,071,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bridge.sys

[2001/01/03 12:06:18 | 000,148,385 | ---- | M] (D-Link Corporation) -- C:\WINDOWS\system32\drivers\ca500av.sys

[2001/10/28 14:06:10 | 000,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cbidf2k.sys

[2004/08/03 23:10:18 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\CCDECODE.sys

[2001/10/28 14:06:30 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdaudio.sys

[2004/08/03 22:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdfs.sys

[2009/04/28 17:20:06 | 000,009,072 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys

[2009/04/28 17:20:06 | 000,009,200 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdralw2k.sys

[2004/08/03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdrom.sys

[2001/10/28 14:06:30 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

[2004/08/03 22:14:28 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\classpnp.sys

[2001/10/28 14:06:30 | 000,011,776 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

[2004/08/03 23:55:42 | 000,040,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\crusoe.sys

[2004/08/03 21:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\disk.sys

[2004/08/03 21:59:54 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\diskdump.sys

[2004/08/03 23:39:24 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmboot.sys

[2004/08/03 23:39:26 | 000,153,984 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmio.sys

[2001/10/28 14:06:18 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\system32\drivers\dmload.sys

[2004/08/03 22:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DMusic.sys

[2004/08/03 22:08:00 | 000,060,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmk.sys

[2004/08/03 22:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys

[2001/10/28 14:06:32 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxapi.sys

[2004/08/03 22:00:56 | 000,071,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxg.sys

[2001/10/28 14:06:32 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxgthk.sys

[2004/08/03 22:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fastfat.sys

[2004/08/03 21:59:28 | 000,027,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fdc.sys

[2001/10/28 14:06:32 | 000,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fips.sys

[2004/08/03 21:59:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\flpydisk.sys

[2004/08/03 22:01:20 | 000,124,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fltMgr.sys

[2001/10/28 14:06:30 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys

[2001/10/28 14:06:34 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fs_rec.sys

[2001/10/28 14:06:34 | 000,125,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ftdisk.sys

[2001/10/28 14:06:34 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls

[2001/10/28 14:06:34 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt

[2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\hamachi.sys

[2005/01/07 16:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys

[2005/01/07 16:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudio.sys

[2004/08/03 22:08:20 | 000,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidclass.sys

[2004/08/03 22:08:18 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidparse.sys

[2001/08/17 22:02:20 | 000,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidusb.sys

[2004/08/03 22:00:14 | 000,263,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\http.sys

[2004/08/03 23:37:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\i8042prt.sys

[2007/07/03 18:10:10 | 000,011,304 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\system32\drivers\imagedrv.sys

[2007/07/03 18:10:12 | 000,132,904 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\system32\drivers\imagesrv.sys

[2004/08/03 22:00:16 | 000,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\imapi.sys

[2004/08/03 23:38:28 | 000,040,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelppm.sys

[2004/08/03 22:00:08 | 000,029,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ip6fw.sys

[2001/10/28 14:06:38 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys

[2004/08/03 22:04:46 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipinip.sys

[2004/08/03 22:04:52 | 000,134,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipnat.sys

[2004/08/03 22:14:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipsec.sys

[2004/08/03 22:00:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irenum.sys

[2001/10/28 14:06:40 | 000,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\isapnp.sys

[2004/08/03 23:39:20 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdclass.sys

[2004/08/03 23:39:20 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys

[2004/08/03 22:07:50 | 000,171,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys

[2004/08/03 23:15:22 | 000,140,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ks.sys

[2004/08/03 21:59:48 | 000,092,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ksecdd.sys

[2001/10/28 14:06:58 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mcd.sys

[2004/08/03 23:55:42 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mf.sys

[2001/01/03 12:06:18 | 000,010,810 | ---- | M] (D-Link Corporation) -- C:\WINDOWS\system32\drivers\minbulk.sys

[2001/10/28 14:07:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mnmdd.sys

[2004/08/03 23:55:42 | 000,030,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\modem.sys

[2006/01/04 04:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\Monfilt.sys

[2004/08/04 00:35:08 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouclass.sys

[2001/09/05 23:20:20 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouhid.sys

[2004/08/03 21:58:32 | 000,042,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mountmgr.sys

[2004/08/03 21:58:22 | 000,072,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mqac.sys

[2004/08/03 22:00:58 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxdav.sys

[2004/08/03 22:15:18 | 000,451,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys

[2004/08/03 22:00:42 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msfs.sys

[2004/08/03 22:04:14 | 000,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msgpc.sys

[2004/08/03 21:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSKSSRV.sys

[2004/08/03 21:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys

[2004/08/03 21:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPQM.sys

[2004/08/03 23:55:42 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mssmbios.sys

[2004/08/03 22:58:40 | 000,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSTEE.sys

[2004/08/03 22:15:22 | 000,107,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mup.sys

[2004/08/03 23:10:30 | 000,085,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NABTSFEC.sys

[2004/08/03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndis.sys

[2004/08/03 23:10:14 | 000,010,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NdisIP.sys

[2001/10/28 14:07:06 | 000,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys

[2004/08/03 23:55:42 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndisuio.sys

[2004/08/03 22:14:32 | 000,091,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndiswan.sys

[2001/10/28 14:07:06 | 000,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys

[2004/08/03 22:03:22 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbios.sys

[2004/08/03 22:14:38 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbt.sys

[2004/08/03 23:55:42 | 000,061,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nic1394.sys

[2001/10/28 14:06:30 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\nikedrv.sys

[2004/08/03 21:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys

[2004/08/03 22:00:44 | 000,030,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\npfs.sys

[2004/08/03 22:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ntfs.sys

[2001/10/28 14:07:12 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\null.sys

[2009/01/21 13:08:00 | 006,305,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys

[2008/08/01 00:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys

[2008/08/18 07:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvgts.sys

[2008/08/01 00:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys

[2008/08/01 00:35:58 | 000,955,520 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnrm.sys

[2008/07/07 14:45:58 | 000,004,984 | R--- | M] () -- C:\WINDOWS\system32\drivers\nvphy.bin

[2001/10/28 14:07:14 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys

[2001/10/28 14:07:14 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys

[2004/08/03 22:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys

[2001/10/28 14:07:14 | 000,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys

[2001/10/28 14:07:14 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys

[2004/08/03 22:02:24 | 000,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwrdr.sys

[2001/10/28 14:07:16 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\oprghdlr.sys

[2003/09/25 17:00:00 | 000,025,211 | ---- | M] (OmniVision Technologies Inc.) -- C:\WINDOWS\system32\drivers\ov519cmd.sys

[2003/09/25 17:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ov519vid.sys

[2004/08/03 23:55:42 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\p3.sys

[2004/08/03 23:55:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parport.sys

[2001/10/28 14:07:16 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\partmgr.sys

[2001/10/28 14:07:16 | 000,007,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parvdm.sys

[2004/08/03 23:35:08 | 000,068,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pci.sys

[2001/10/28 14:07:18 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciide.sys

[2004/08/03 21:59:42 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciidex.sys

[2004/08/03 23:35:10 | 000,120,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pcmcia.sys

[2004/03/16 09:58:20 | 000,136,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\portcls.sys

[2004/08/03 23:55:42 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\processr.sys

[2004/08/03 22:04:20 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\psched.sys

[2001/10/28 14:07:22 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys

[2009/04/28 17:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys

[2001/10/28 14:07:22 | 000,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasacd.sys

[2004/08/03 22:14:24 | 000,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasl2tp.sys

[2004/08/03 22:05:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspppoe.sys

[2004/08/03 22:14:28 | 000,048,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspptp.sys

[2001/10/28 14:07:24 | 000,016,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspti.sys

[2001/10/28 14:07:24 | 000,034,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rawwan.sys

[2004/08/03 22:20:08 | 000,176,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdbss.sys

[2001/10/28 14:07:24 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpcdd.sys

[2004/08/03 23:01:16 | 000,196,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpdr.sys

[2004/08/03 23:45:56 | 000,139,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys

[2004/08/03 21:36:32 | 000,057,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\redbook.sys

[2001/10/28 14:06:30 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\rio8drv.sys

[2001/10/28 14:06:30 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\riodrv.sys

[2001/10/28 14:07:24 | 000,200,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\RMCast.sys

[2004/08/03 22:04:32 | 000,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rndismp.sys

[2001/10/28 14:07:24 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys

[2008/11/25 05:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys

[2004/08/03 21:59:42 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\scsiport.sys

[2004/08/03 22:07:48 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys

[2009/12/24 23:56:10 | 000,012,400 | ---- | M] (Macrovision Europe Ltd) -- C:\WINDOWS\system32\drivers\secdrv.sys

[2004/08/03 21:59:08 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serenum.sys

[2004/08/03 23:37:42 | 000,065,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serial.sys

[2004/08/03 21:59:56 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys

[2004/08/03 21:59:56 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys

[2004/08/03 21:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sfloppy.sys

[2004/08/03 23:10:18 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\SLIP.sys

[2001/10/28 14:07:28 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\smclib.sys

[2004/08/03 23:55:42 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sonydcam.sys

[2004/08/03 22:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys

[2009/12/01 11:40:00 | 000,691,696 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys

[2004/08/03 23:41:04 | 000,073,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sr.sys

[2004/08/03 22:14:46 | 000,336,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys

[2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

[2004/08/03 23:08:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\stream.sys

[2004/08/03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\StreamIP.sys

[2004/08/03 23:55:42 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swenum.sys

[2001/08/17 21:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys

[2004/08/03 22:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys

[2004/08/03 22:00:00 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tape.sys

[2004/08/03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip.sys

[2004/08/03 22:07:46 | 000,223,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys

[2004/08/03 22:07:50 | 000,018,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdi.sys

[2004/08/03 23:45:56 | 000,012,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdpipe.sys

[2004/08/03 23:45:56 | 000,021,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdtcp.sys

[2004/08/04 00:45:54 | 000,040,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\termdd.sys

[2001/10/28 14:06:30 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tosdvd.sys

[2001/10/28 14:06:30 | 000,021,376 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

[2004/08/03 23:55:42 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tunmp.sys

[2004/08/03 22:00:32 | 000,066,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\udfs.sys

[2004/08/03 21:58:34 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\update.sys

[2004/08/03 22:04:34 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys

[2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys

[2001/10/28 14:06:30 | 000,023,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd.sys

[2001/10/28 14:06:30 | 000,023,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd2.sys

[2004/08/03 22:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbccgp.sys

[2001/10/28 14:07:34 | 000,004,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbd.sys

[2004/08/03 22:08:38 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys

[2004/08/03 22:08:44 | 000,057,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbhub.sys

[2004/08/03 23:55:42 | 000,016,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbintel.sys

[2004/08/03 22:08:38 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbohci.sys

[2004/08/03 22:08:44 | 000,142,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbport.sys

[2004/08/03 22:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBSTOR.SYS

[2001/10/28 14:06:30 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

[2004/08/03 22:07:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vga.sys

[2004/08/03 22:07:06 | 000,079,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\videoprt.sys

[2004/08/03 23:37:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\volsnap.sys

[2004/08/03 22:04:58 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wanarp.sys

[2004/08/03 22:15:06 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys

[2001/10/28 14:07:46 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmilib.sys

[2004/08/11 00:45:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wpdusb.sys

[2001/10/28 14:07:48 | 000,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

[2004/08/03 23:10:22 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS

 

< %SystemRoot%\Prefetch\*.* >

[2010/08/25 08:35:34 | 000,055,808 | ---- | M] () -- C:\WINDOWS\Prefetch\ACRORD32.EXE-34A08EDB.pf

[2010/08/25 08:44:28 | 000,055,780 | ---- | M] () -- C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-278F5F5E.pf

[2010/08/27 12:51:15 | 000,019,146 | ---- | M] () -- C:\WINDOWS\Prefetch\ADOBEARM.EXE-2C0B2F33.pf

[2010/08/26 15:41:58 | 000,032,908 | ---- | M] () -- C:\WINDOWS\Prefetch\ALFARO.EXE-1FF01939.pf

[2010/08/26 15:42:10 | 000,037,816 | ---- | M] () -- C:\WINDOWS\Prefetch\ALFAROCLIENT.EXE-3413A252.pf

[2010/09/01 15:44:32 | 000,014,648 | ---- | M] () -- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf

[2010/08/31 19:37:06 | 000,062,618 | ---- | M] () -- C:\WINDOWS\Prefetch\ARTHAS - RAGNANIME.EXE-226852F5.pf

[2010/09/01 15:38:46 | 000,024,252 | ---- | M] () -- C:\WINDOWS\Prefetch\AU_.EXE-294EB7EA.pf

[2010/08/31 19:07:40 | 000,050,580 | ---- | M] () -- C:\WINDOWS\Prefetch\AVGNT.EXE-20F46265.pf

[2010/08/31 01:08:02 | 000,044,140 | ---- | M] () -- C:\WINDOWS\Prefetch\AVGUARD.EXE-31B97082.pf

[2010/09/01 15:54:26 | 000,039,834 | ---- | M] () -- C:\WINDOWS\Prefetch\AVNOTIFY.EXE-274E4E95.pf

[2010/09/01 18:10:40 | 000,049,348 | ---- | M] () -- C:\WINDOWS\Prefetch\AVWSC.EXE-019F86B8.pf

[2010/09/01 15:15:28 | 000,053,584 | ---- | M] () -- C:\WINDOWS\Prefetch\BATTERY 3.EXE-05C17419.pf

[2010/09/01 15:16:13 | 000,053,498 | ---- | M] () -- C:\WINDOWS\Prefetch\BATTERY 3.EXE-245E945C.pf

[2010/08/30 21:10:39 | 000,012,448 | ---- | M] () -- C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf

[2010/09/01 15:37:49 | 000,068,630 | ---- | M] () -- C:\WINDOWS\Prefetch\CCLEANER.EXE-16242569.pf

[2010/08/28 12:52:35 | 000,048,958 | ---- | M] () -- C:\WINDOWS\Prefetch\CLIENT.BIN-35A88110.pf

[2010/08/28 12:52:30 | 000,025,268 | ---- | M] () -- C:\WINDOWS\Prefetch\CRAGSONY.EXE-28CC0AA9.pf

[2010/08/28 12:23:07 | 000,013,450 | ---- | M] () -- C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf

[2010/08/31 21:28:50 | 000,014,804 | ---- | M] () -- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf

[2010/08/31 21:28:51 | 000,057,278 | ---- | M] () -- C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf

[2010/08/23 13:30:53 | 000,009,644 | ---- | M] () -- C:\WINDOWS\Prefetch\DIABLO II.EXE-06410441.pf

[2010/09/01 17:30:24 | 000,025,202 | ---- | M] () -- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf

[2010/09/01 17:00:59 | 000,099,038 | ---- | M] () -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf

[2010/08/31 19:23:57 | 000,060,242 | ---- | M] () -- C:\WINDOWS\Prefetch\FDM.EXE-10318DDF.pf

[2010/09/01 18:09:53 | 000,072,134 | ---- | M] () -- C:\WINDOWS\Prefetch\FIREFOX.EXE-1051016A.pf

[2010/08/24 11:20:38 | 000,029,112 | ---- | M] () -- C:\WINDOWS\Prefetch\FIREFOX.EXE-3AC22183.pf

[2010/09/01 18:10:01 | 000,099,098 | ---- | M] () -- C:\WINDOWS\Prefetch\FIREFOXPORTABLE.EXE-038E84EB.pf

[2010/08/23 13:30:55 | 000,059,568 | ---- | M] () -- C:\WINDOWS\Prefetch\GAME.EXE-1F75E2A3.pf

[2010/09/01 17:37:00 | 000,012,760 | ---- | M] () -- C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-0017DD00.pf

[2010/09/01 17:37:01 | 000,028,458 | ---- | M] () -- C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-19D08292.pf

[2010/08/26 14:28:50 | 000,049,954 | ---- | M] () -- C:\WINDOWS\Prefetch\GTA_SA.EXE-1D024066.pf

[2010/09/01 18:10:27 | 000,026,270 | ---- | M] () -- C:\WINDOWS\Prefetch\GUARDGUI.EXE-1F071B35.pf

[2010/08/29 18:42:26 | 000,069,858 | ---- | M] () -- C:\WINDOWS\Prefetch\HALLSRO - ATUALIZADOR.EXE-2310C195.pf

[2010/08/26 15:42:48 | 000,022,508 | ---- | M] () -- C:\WINDOWS\Prefetch\HALLSRO.BIN-1729658E.pf

[2010/08/26 15:42:49 | 000,012,126 | ---- | M] () -- C:\WINDOWS\Prefetch\HALLSRO.EXE-0F39D067.pf

[2010/08/31 01:08:12 | 000,051,886 | ---- | M] () -- C:\WINDOWS\Prefetch\HAMACHI-2.EXE-14D8D4E2.pf

[2010/08/31 01:08:02 | 000,043,298 | ---- | M] () -- C:\WINDOWS\Prefetch\HTTPD.EXE-17DD672C.pf

[2010/09/01 18:06:41 | 000,016,220 | ---- | M] () -- C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf

[2010/08/27 23:07:07 | 000,016,744 | ---- | M] () -- C:\WINDOWS\Prefetch\INSTALADOR_RAGNAONE_V6.5.2.EX-0D248E05.pf

[2010/08/29 18:28:11 | 000,023,660 | ---- | M] () -- C:\WINDOWS\Prefetch\JAUCHECK.EXE-1B73FEF3.pf

[2010/09/01 15:37:51 | 000,083,982 | ---- | M] () -- C:\WINDOWS\Prefetch\JAVAW.EXE-109B1B69.pf

[2010/09/01 15:09:02 | 000,016,472 | ---- | M] () -- C:\WINDOWS\Prefetch\JAVAWS.EXE-062D5CF6.pf

[2010/09/01 15:37:52 | 000,011,280 | ---- | M] () -- C:\WINDOWS\Prefetch\JAVAWS.EXE-15D32DE0.pf

[2010/08/31 01:08:12 | 000,049,364 | ---- | M] () -- C:\WINDOWS\Prefetch\JQS.EXE-047A496E.pf

[2010/09/01 18:09:53 | 000,007,176 | ---- | M] () -- C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-39AFFB8A.pf

[2010/08/31 19:07:45 | 000,009,584 | ---- | M] () -- C:\WINDOWS\Prefetch\JUSCHED.EXE-153A82FA.pf

[2010/08/27 20:57:29 | 000,054,054 | ---- | M] () -- C:\WINDOWS\Prefetch\L2.EXE-0DE7400F.pf

[2010/08/31 21:28:39 | 000,459,482 | ---- | M] () -- C:\WINDOWS\Prefetch\Layout.ini

[2010/08/29 12:59:37 | 000,005,510 | ---- | M] () -- C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf

[2010/09/01 16:29:45 | 000,019,836 | ---- | M] () -- C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf

[2010/08/27 21:31:12 | 000,035,646 | ---- | M] () -- C:\WINDOWS\Prefetch\MIX.EXE-1A1EE858.pf

[2010/08/29 00:36:43 | 000,032,150 | ---- | M] () -- C:\WINDOWS\Prefetch\MMC.EXE-39071BCC.pf

[2010/09/01 18:06:47 | 000,067,906 | ---- | M] () -- C:\WINDOWS\Prefetch\MSNMSGR.EXE-304664B4.pf

[2010/09/01 17:06:39 | 000,022,928 | ---- | M] () -- C:\WINDOWS\Prefetch\MSPAINT.EXE-11CBB631.pf

[2010/09/01 18:08:40 | 000,018,558 | ---- | M] () -- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf

[2010/08/28 12:45:07 | 000,038,660 | ---- | M] () -- C:\WINDOWS\Prefetch\NPKCUSB.DLL-3B13A8CE.pf

[2010/09/01 17:36:45 | 001,431,552 | ---- | M] () -- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf

[2010/08/31 01:08:13 | 000,024,210 | ---- | M] () -- C:\WINDOWS\Prefetch\NVSVC32.EXE-1F9EED18.pf

[2010/09/01 15:56:44 | 000,044,540 | ---- | M] () -- C:\WINDOWS\Prefetch\OIS.EXE-2FECE659.pf

[2010/08/27 21:11:02 | 000,065,520 | ---- | M] () -- C:\WINDOWS\Prefetch\OUTLOOK.EXE-3413D956.pf

[2010/09/01 15:27:44 | 000,019,150 | ---- | M] () -- C:\WINDOWS\Prefetch\PHOTOFILTRE.EXE-14F1A042.pf

[2010/09/01 18:10:22 | 000,057,384 | ---- | M] () -- C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-17C663B2.pf

[2010/08/25 08:06:14 | 000,046,764 | ---- | M] () -- C:\WINDOWS\Prefetch\POWERPNT.EXE-1FCAD291.pf

[2010/08/27 21:32:24 | 000,016,438 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGEXE.EXE-3A4E8106.pf

[2010/08/28 12:40:40 | 000,049,008 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAEXE.BIN-049815E6.pf

[2010/08/28 12:40:29 | 000,024,278 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAEXE.EXE-050D2CD7.pf

[2010/08/29 18:44:11 | 000,040,072 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAFOR.EXE-18B84C66.pf

[2010/08/23 18:05:12 | 000,011,048 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNANIME - ARTHAS 1.3A.EXE-220AC257.pf

[2010/08/31 19:24:23 | 000,011,422 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNANIME - ARTHAS 1.3A.EXE-39F5157F.pf

[2010/08/28 12:40:20 | 000,043,242 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAONE.EXE-3006E955.pf

[2010/08/27 21:32:11 | 000,038,106 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAROK.EXE-1847C32F.pf

[2010/08/27 21:32:37 | 000,052,296 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAROK.EXE-35430489.pf

[2010/08/28 12:51:46 | 000,017,780 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNASONY.EXE-01A91F6D.pf

[2010/08/29 00:28:19 | 000,065,322 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNASONY.EXE-067DAC89.pf

[2010/08/28 12:44:59 | 000,038,612 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNASONY.EXE-141F7D64.pf

[2010/08/28 12:52:30 | 000,035,998 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGSONY.EXE-255B23D6.pf

[2010/08/28 12:39:52 | 000,039,080 | ---- | M] () -- C:\WINDOWS\Prefetch\RENA-RO AUTOPATCH.EXE-3108A9D0.pf

[2010/08/31 20:23:41 | 000,042,224 | ---- | M] () -- C:\WINDOWS\Prefetch\RN.BIN-21429D97.pf

[2010/08/31 20:23:31 | 000,026,404 | ---- | M] () -- C:\WINDOWS\Prefetch\RN.EXE-293232BE.pf

[2010/08/29 00:36:42 | 000,029,870 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-12B7EA69.pf

[2010/08/31 01:09:17 | 000,030,228 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-14FC201E.pf

[2010/09/01 15:44:32 | 000,015,582 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1619A94E.pf

[2010/08/31 01:08:03 | 000,015,286 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1857459C.pf

[2010/08/30 13:13:11 | 000,018,870 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-188DF14E.pf

[2010/08/25 08:43:15 | 000,015,028 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1DB8DA2D.pf

[2010/08/28 12:51:37 | 000,030,898 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2576181F.pf

[2010/08/24 11:28:12 | 000,011,442 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf

[2010/08/28 12:29:22 | 000,013,526 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-28FBFF05.pf

[2010/08/26 14:33:08 | 000,020,784 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf

[2010/08/26 14:33:08 | 000,020,916 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf

[2010/08/25 08:02:59 | 000,015,196 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-307057F0.pf

[2010/08/30 13:13:21 | 000,015,948 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-32C8678F.pf

[2010/09/01 15:44:32 | 000,022,322 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf

[2010/08/28 12:28:02 | 000,021,562 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-396671E0.pf

[2010/09/01 18:06:45 | 000,025,320 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf

[2010/09/01 15:38:23 | 000,068,576 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-41F1E535.pf

[2010/08/29 00:36:59 | 000,013,856 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-429BC680.pf

[2010/09/01 16:55:07 | 000,011,430 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf

[2010/08/28 12:40:25 | 000,066,612 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B58B826.pf

[2010/09/01 15:50:27 | 000,017,228 | ---- | M] () -- C:\WINDOWS\Prefetch\SAMP.EXE-04EF06B6.pf

[2010/09/01 18:01:00 | 000,009,188 | ---- | M] () -- C:\WINDOWS\Prefetch\SAUPDATE.EXE-06D90150.pf

[2010/08/28 12:39:43 | 000,038,692 | ---- | M] () -- C:\WINDOWS\Prefetch\SECRETRO.EXE-3334E477.pf

[2010/08/27 21:18:16 | 000,052,314 | ---- | M] () -- C:\WINDOWS\Prefetch\SETUPMIX-RO.EXE-0A490E0E.pf

[2010/09/01 18:06:47 | 000,065,696 | ---- | M] () -- C:\WINDOWS\Prefetch\SKYPE.EXE-2CDF188C.pf

[2010/09/01 18:07:09 | 000,029,286 | ---- | M] () -- C:\WINDOWS\Prefetch\SKYPEPM.EXE-1D0B78E9.pf

[2010/08/29 18:42:59 | 000,079,002 | ---- | M] () -- C:\WINDOWS\Prefetch\SLAVERO.EXE-0757559E.pf

[2010/09/01 00:55:39 | 000,014,572 | ---- | M] () -- C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf

[2010/09/01 15:44:32 | 000,043,344 | ---- | M] () -- C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf

[2010/09/01 18:02:58 | 000,018,066 | ---- | M] () -- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf

[2010/08/31 20:41:11 | 000,044,306 | ---- | M] () -- C:\WINDOWS\Prefetch\TEAMSPEAK.EXE-3432C314.pf

[2010/08/25 08:01:28 | 000,033,526 | ---- | M] () -- C:\WINDOWS\Prefetch\TORTOISEPROC.EXE-022F1930.pf

[2010/09/01 18:06:44 | 000,017,536 | ---- | M] () -- C:\WINDOWS\Prefetch\TSVNCACHE.EXE-2E3F13BB.pf

[2010/09/01 15:38:36 | 000,011,558 | ---- | M] () -- C:\WINDOWS\Prefetch\UNINST.EXE-1840D976.pf

[2010/09/01 16:28:51 | 000,049,526 | ---- | M] () -- C:\WINDOWS\Prefetch\UPDATE.EXE-1A7F43AA.pf

[2010/09/01 18:01:00 | 000,014,750 | ---- | M] () -- C:\WINDOWS\Prefetch\UPDATETASK.EXE-32C5BDE0.pf

[2010/08/31 19:07:43 | 000,076,346 | ---- | M] () -- C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf

[2010/09/01 15:44:32 | 000,014,584 | ---- | M] () -- C:\WINDOWS\Prefetch\WDFMGR.EXE-2CF4013B.pf

[2010/09/01 00:10:27 | 000,087,700 | ---- | M] () -- C:\WINDOWS\Prefetch\WINAMP.EXE-22EEEFC3.pf

[2010/09/01 16:25:11 | 000,162,020 | ---- | M] () -- C:\WINDOWS\Prefetch\WINRAR.EXE-09D6614C.pf

[2010/08/31 22:17:46 | 000,114,694 | ---- | M] () -- C:\WINDOWS\Prefetch\WINWORD.EXE-2F4074DC.pf

[2010/08/26 14:40:12 | 000,019,460 | ---- | M] () -- C:\WINDOWS\Prefetch\WISPTIS.EXE-0C21B942.pf

[2010/09/01 17:06:07 | 000,052,892 | ---- | M] () -- C:\WINDOWS\Prefetch\WLCOMM.EXE-0889FC35.pf

[2010/09/01 15:44:32 | 000,022,720 | ---- | M] () -- C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf

[2010/09/01 18:09:20 | 000,070,170 | ---- | M] () -- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf

[2010/09/01 17:36:47 | 000,061,702 | ---- | M] () -- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf

[2010/08/31 19:24:33 | 000,039,356 | ---- | M] () -- C:\WINDOWS\Prefetch\_INST1.EXE-2378FB7D.pf

 

< %SystemDrive%\documents and settings\All Users\Dados de aplicativos\*.* >

[2002/02/21 02:38:40 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

 

< %SystemDrive%\documents and settings\All Users\Dados de aplicativos\* >

[2002/02/21 02:38:40 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

 

< %SystemDrive%\documents and settings\All Users\Menu iniciar\Programas\Inicializar\*.* >

[2002/02/21 05:49:08 | 000,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\desktop.ini

 

< %SystemDrive%\documents and settings\User\Configurações Locais\Temp\*.* >

 

< netsvcs >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 574 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:05EE1EEF

@Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:4EE74317

@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E41EAF13

< End of report >

Compartilhar este post


Link para o post
Compartilhar em outros sites

sim consegui

 

eu desativei o avira.. ele tava que nem um louco afirmando virus em uma pah de programa...

o que eu faço ?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom...vamos devagar.

 

1.

*Execute o FindyKill

*Tecle P > [ENTER]

*Tecle 4 > [ENTER]

*Delete a pasta C:\FyK

 

2.

*Baixe o MalwareBytes Anti-malware e salve-o no desktop

*Instale o programa e aguarde a atualização

*O programa será aberto automaticamente

*Na aba [Verificação], selecione [Verificação completa]

*Clique [Verificar] e selecione as partições a serem examinadas (geralmente C:\ e D:\)

*Ao finalizar o scan, clique [sIM] > [OK] > [Mostrar Resultados]

*Clique [Remover Selecionados]

*Cole o relatório apresentado

Compartilhar este post


Link para o post
Compartilhar em outros sites

*Faça um scan online com o NOD32

4682a6d30e.gif

 

*Ao término cole o relatório criado em C:\Arquivos de programas\EsetOnlineScanner\log

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Versão da Base de Dados: 4525

 

Windows 5.1.2600 Service Pack 2

Internet Explorer 6.0.2900.2180

 

1/9/2010 19:38:36

mbam-log-2010-09-01 (19-38-36).txt

 

Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|F:\|G:\|)

Objetos escaneados: 254956

Tempo decorrido: 40 minuto(s), 41 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 3

Valores de Registro Infectados: 1

Itens de Dados no Registro Infectados: 4

Pastas Infectadas: 9

Arquivos Infectados: 42

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DRM\amty (Worm.Autorun) -> Quarantined and deleted successfully.

 

Valores de Registro Infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\csrcs (Trojan.Agent) -> Quarantined and deleted successfully.

 

Itens de Dados no Registro Infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Pastas Infectadas:

C:\Arquivos de programas\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Menu Iniciar\Programas\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.

 

Arquivos Infectados:

C:\Arquivos de programas\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\dskinliteu.dll (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\player.dat (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_default.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_disable.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_normal.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonDown.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonHot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonNor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox\edit_back.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menubg.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_arrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_check.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menuitem_select.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_seperator.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\BottomBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\downarrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\LeftBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\main.ico (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\RightBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\TitlePattern.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Menu Iniciar\Programas\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Menu Iniciar\Programas\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.

 

 

 

 

Malwarebytes ... vo renicia e ja volto ... pra escania com o nod

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.

*Execute o Malwarebytes, e na aba [Quarentena], selecione todos os resultados e clique [Apagar tudo]

*Clique na aba [Logs], selecione o relatório e clique [Apagar]

 

Aguardo scan do NOD32

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ei, o avira continua acusando a porrada de virus...

é normal ?

 

Tipo ... queria saber se deu pau... pq até meu driver da nvdia n ta conseguindo starta com o pc

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ei, o avira continua acusando a porrada de virus...

é normal ?

 

Tipo ... queria saber se deu pau... pq até meu driver da nvdia n ta conseguindo starta com o pc

É preciso saber qual a contaminação....

Faça o scan online.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Estou fazendo. Já deve estar no fim.

 

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6211

# api_version=3.0.2

# EOSSerial=bda6e101e7ab0343874607ccac1d0147

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2010-09-02 02:09:16

# local_time=2010-09-01 11:09:16 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1033

# osver=5.1.2600 NT Service Pack 2

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=1024 16777215 100 0 0 0 0 0

# compatibility_mode=1797 16775125 100 94 0 55100361 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=100056

# found=12

# cleaned=12

# scan_time=11517

C:\Arquivos de programas\APT\Game.exe probably a variant of Win32/Genetik trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Heroes of Newerth\hon.exe Win32/DunDun.A virus (cleaned - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Lineage II\et.exe probably a variant of Win32/Obfuscated.JNTDCSU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Lineage II\system76\L2.bin a variant of Win32/Packed.Themida application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Microsoft Office\OFFICE11\OIS.EXE Win32/DunDun.A virus (cleaned - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\XP\Desktop\Coisas\Arquivos\MsgPlusLive-483.exe a variant of Win32/Adware.CiDHelp application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\XP\Desktop\Coisas\Arquivos\vdownloader.zip probably a variant of Win32/Agent.ILZCTEN trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\XP\Desktop\Coisas\Arquivos\#Programas\AutoClick.exe Win32/TrojanClicker.Agent.NFX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\XP\Desktop\OTSERVS\New Slayer Yurots.rar probably a variant of Win32/Delf.HXDCJEE trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\XP\Meus documentos\ArcadePT_Alfa_Patch_V3.rar probably a variant of Win32/Genetik trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\XP\Meus documentos\MiniPatchAlfa3.1.rar probably a variant of Win32/Genetik trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\XP\Meus documentos\Downloads\The Sims 2\Games\07_Glamour Life Stuff\The Sims 2 - Glamour Life Stuff.iso probably a variant of Win32/Agent.LNDZOZL trojan (deleted - quarantined) 00000000000000000000000000000000 C

esets_scanner_update returned -1 esets_gle=53251

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6211

# api_version=3.0.2

# EOSSerial=bda6e101e7ab0343874607ccac1d0147

# end=stopped

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2010-09-02 02:14:35

# local_time=2010-09-01 11:14:35 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1033

# osver=5.1.2600 NT Service Pack 2

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=1024 16777215 100 0 0 0 0 0

# compatibility_mode=1797 16775125 100 94 0 55112173 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=1359

# found=0

# cleaned=0

# scan_time=22

 

 

Desculpa a demora.... Tinha muita coisa pra escania, muita mesmo kkkk..

Irei dormir agora.. amanha volto, por favor, descubra o problema se possivel ;D

abraço

Compartilhar este post


Link para o post
Compartilhar em outros sites

Verifique se o Avira ainda acusa algo e informe.

 

1.

*Execute o arquivo c:\arquivos de programas\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

 

2.

Abra o Spybot

No menu superior, clique em [Modo] > [Avançado] e confirme.

Clique em [Ferramentas] > [Residente]

Desmarque a opção Ativar "TeaTimer" do Residente (proteção geral das configurações de sistema).

Feche o programa.

3.

*Baixe o AD-Remover e salve-o no desktop

*Execute o AD-Remover

*Clique [Clean]...aguarde o término. A reinicialização do PC poderá ou não ser solicitada pelo programa.

*Cole o relatório C:\Ad-Report-CLEAN.log e novo log do hijack

Compartilhar este post


Link para o post
Compartilhar em outros sites

ComboFix 10-09-01.02 - XP 01/09/2010 23:50:05.1.4 - x86

Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.2047.1527 [GMT -3:00]

Executando de: c:\documents and settings\XP\Desktop\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\arquivos de programas\APT\StartImage\_desktop.ini

c:\arquivos de programas\APT\StartImage\login\_desktop.ini

c:\arquivos de programas\APT\StartImage\MessageBox\_desktop.ini

c:\arquivos de programas\APT\StartImage\MessageBox\BellaBox\_desktop.ini

c:\arquivos de programas\APT\StartImage\MessageBox\ChatBox\_desktop.ini

c:\arquivos de programas\APT\StartImage\MessageBox\ClanBox\_desktop.ini

c:\arquivos de programas\APT\StartImage\MessageBox\NormalBox\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\skin\default\basic_interface\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\skin\Scribbling Kid\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\skin\Scribbling Kid\basic_interface\_desktop.ini

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-08-02 to 2010-09-02 ))))))))))))))))))))))))))))

.

 

2010-09-01 22:50 . 2010-09-01 22:50 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\nView_Profiles

2010-09-01 22:45 . 2010-09-01 22:45 -------- d-----w- c:\arquivos de programas\ESET

2010-09-01 21:55 . 2010-09-01 21:55 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Malwarebytes

2010-09-01 21:55 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-09-01 21:55 . 2010-09-01 21:55 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2010-09-01 21:55 . 2010-09-01 21:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes

2010-09-01 21:55 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-09-01 20:26 . 2010-09-01 21:50 -------- d-----w- C:\FyK

2010-09-01 19:08 . 2010-09-01 20:21 -------- d-----w- C:\UsbFix

2010-09-01 18:09 . 2010-09-01 18:09 65024 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-dx8_64.dll

2010-09-01 18:09 . 2010-09-01 18:09 62464 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-raw_64.dll

2010-09-01 18:09 . 2010-09-01 18:09 61952 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-dx8.dll

2010-09-01 18:09 . 2010-09-01 18:09 59392 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-raw.dll

2010-09-01 18:09 . 2010-09-01 18:09 56832 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-wintab.dll

2010-08-28 15:51 . 2010-08-28 16:56 -------- d-----w- C:\RagnaSony

2010-08-22 21:54 . 2010-08-22 21:54 -------- d-----w- C:\PopGameBox

2010-08-08 15:11 . 2010-08-08 15:11 503808 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-10cffe1e-n\msvcp71.dll

2010-08-08 15:11 . 2010-08-08 15:11 499712 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-10cffe1e-n\jmc.dll

2010-08-08 15:11 . 2010-08-08 15:11 348160 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-10cffe1e-n\msvcr71.dll

2010-08-08 15:11 . 2010-08-08 15:11 61440 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-7bc5e408-n\decora-sse.dll

2010-08-08 15:11 . 2010-08-08 15:11 12800 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-7bc5e408-n\decora-d3d.dll

2010-08-07 06:47 . 2010-08-07 06:47 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Blizzard Entertainment

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-02 02:57 . 2010-03-02 19:50 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Akamai

2010-09-02 02:56 . 2010-02-12 20:16 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Skype

2010-09-02 02:45 . 2010-04-03 00:04 -------- d-----w- c:\arquivos de programas\Free Offers from Freeze.com

2010-09-02 02:24 . 2009-12-02 22:08 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2010-09-02 01:32 . 2009-12-02 21:07 -------- d-----w- c:\arquivos de programas\uTorrent

2010-09-02 01:32 . 2009-12-06 00:39 -------- d-----w- c:\arquivos de programas\San Andreas Mod Installer

2010-09-01 23:49 . 2010-04-30 22:07 -------- d-----w- c:\arquivos de programas\Lineage II

2010-09-01 23:27 . 2009-12-03 20:05 -------- d-----w- c:\arquivos de programas\Heroes of Newerth

2010-09-01 23:05 . 2010-06-27 01:17 -------- d-----w- c:\arquivos de programas\APT

2010-09-01 20:07 . 2010-02-12 20:19 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\skypePM

2010-09-01 19:31 . 2009-12-19 06:38 -------- d-----w- c:\arquivos de programas\PhotoFiltre

2010-08-31 22:33 . 2010-02-16 03:14 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Free Download Manager

2010-08-24 22:24 . 2009-12-07 17:36 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\teamspeak2

2010-08-23 18:22 . 2010-08-23 18:18 332612446 ----a-w- c:\arquivos de programas\Valve.rar

2010-08-23 16:33 . 2010-07-21 03:00 -------- d-----w- c:\arquivos de programas\Diablo II

2010-08-23 16:04 . 2009-12-17 00:10 -------- d-----w- c:\arquivos de programas\Warcraft III

2010-08-23 16:04 . 2009-12-17 18:16 -------- d-----w- c:\arquivos de programas\Garena

2010-08-14 20:09 . 2010-07-27 19:59 -------- d-----w- c:\arquivos de programas\SystemRequirementsLab

2010-08-14 02:20 . 2010-04-04 18:40 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Norton

2010-08-12 22:53 . 2010-02-08 21:54 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\LimeWire

2010-08-12 22:18 . 2009-12-02 20:59 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\uTorrent

2010-08-11 14:32 . 2009-12-04 22:37 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP

2010-07-25 22:17 . 2009-12-01 20:45 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\sqlitestudio

2010-07-21 03:10 . 2010-07-21 03:04 40051 ----a-w- c:\windows\DIIUnin.dat

2010-07-21 03:09 . 2009-12-01 15:04 21840 ----atw- c:\windows\system32\SIntfNT.dll

2010-07-21 03:09 . 2009-12-01 15:04 17212 ----atw- c:\windows\system32\SIntf32.dll

2010-07-21 03:09 . 2009-12-01 15:04 12067 ----atw- c:\windows\system32\SIntf16.dll

2010-07-21 03:04 . 2010-07-21 03:04 94208 ----a-w- c:\windows\DIIUnin.exe

2010-07-21 03:04 . 2010-07-21 03:04 2829 ----a-w- c:\windows\DIIUnin.pif

2010-07-21 02:59 . 2010-07-21 02:48 -------- d-----w- c:\arquivos de programas\dddd

2010-07-21 02:47 . 2010-02-04 01:52 -------- d-----w- c:\arquivos de programas\Sierra On-Line

2010-07-20 20:37 . 2010-07-20 20:37 3352628 ----a-w- c:\arquivos de programas\Remere's Map Editor.rar

2010-07-20 02:34 . 2010-05-02 00:38 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\TortoiseSVN

2010-07-19 20:31 . 2010-06-27 21:16 -------- d-----w- c:\arquivos de programas\Tibia8.57

2010-07-18 23:29 . 2009-12-05 04:41 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Tibia

2010-07-18 21:25 . 2010-07-18 21:25 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Remere's Map Editor

2010-07-18 21:25 . 2010-07-18 21:25 -------- d-----w- c:\arquivos de programas\Remere's Map Editor

2010-07-18 07:16 . 2010-05-15 11:14 -------- d-----w- c:\arquivos de programas\Rockstar Games

2010-07-18 07:07 . 2009-11-30 13:47 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2010-07-18 05:51 . 2010-07-18 05:47 -------- d-----w- c:\arquivos de programas\EasyPHP1-7

2010-07-18 04:31 . 2010-04-02 13:21 41 ----a-w- c:\documents and settings\XP\jagex__preferences3.dat

2010-07-18 04:31 . 2010-03-06 21:55 46 ----a-w- c:\documents and settings\XP\jagex_runescape_preferences.dat

2010-07-18 04:29 . 2010-03-06 21:57 99 ----a-w- c:\documents and settings\XP\jagex_runescape_preferences2.dat

2010-07-18 00:43 . 2010-05-13 21:03 -------- d-----w- c:\arquivos de programas\Heroes of Newerth - Extreme

2010-07-13 00:22 . 2009-12-08 20:56 -------- d-----w- c:\arquivos de programas\Valve

2010-07-13 00:22 . 2010-02-03 19:36 -------- d-----w- c:\arquivos de programas\sXe Injected

2010-07-05 04:09 . 2010-07-05 04:09 -------- d-----w- c:\arquivos de programas\Fake Webcam

2010-07-05 04:09 . 2010-07-05 04:09 -------- d-----w- c:\arquivos de programas\Arquivos comuns\fwc

2010-06-27 21:46 . 2010-06-27 21:46 3577605 ----a-w- c:\arquivos de programas\TibiaBot NG4.rar

2010-06-23 17:26 . 2010-06-27 18:45 11449688 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sony Online Entertainment\Installed Games\Free Realms\FreeRealms.exe

2010-06-23 17:20 . 2010-06-27 18:43 94208 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sony Online Entertainment\Installed Games\Free Realms\GraphicsDriver.dll

2010-06-23 17:19 . 2010-06-27 18:45 2854912 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sony Online Entertainment\Installed Games\Free Realms\GFxWrap.dll

2010-06-20 14:21 . 2001-10-28 17:07 71938 ----a-w- c:\windows\system32\perfc016.dat

2010-06-20 14:21 . 2001-10-28 17:07 436754 ----a-w- c:\windows\system32\perfh016.dat

.

 

------- Sigcheck -------

 

[-] 2009-06-10 . C332E43B1C3AFDEF239C32CD1E5D0A4E . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2010-02-04 19:50 1197448 ----a-w- c:\arquivos de programas\Ask.com\GenericAskToolbar.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\arquivos de programas\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

 

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\arquivos de programas\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

 

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]

@="{C5994560-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]

@="{C5994561-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]

@="{C5994562-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]

@="{C5994563-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]

@="{C5994564-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]

@="{C5994565-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]

@="{C5994566-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]

@="{C5994567-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]

@="{C5994568-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]

2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]

"Skype"="c:\arquivos de programas\Skype\Phone\Skype.exe" [2010-05-13 26192168]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-21 13680640]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"_nltide_3"="advpack.dll" [2004-08-04 101376]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoSMHelp"= 1 (0x1)

 

[HKLM\~\startupfolder\C:^Documents and Settings^XP^Menu Iniciar^Programas^Inicializar^Aeon - Lineage II.lnk]

path=c:\documents and settings\XP\Menu Iniciar\Programas\Inicializar\Aeon - Lineage II.lnk

backup=c:\windows\pss\Aeon - Lineage II.lnkStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^XP^Menu Iniciar^Programas^Inicializar^Warcraft Config.lnk]

path=c:\documents and settings\XP\Menu Iniciar\Programas\Inicializar\Warcraft Config.lnk

backup=c:\windows\pss\Warcraft Config.lnkStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

c:\windows\system32\dumprep 0 -k [X]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-w- c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-10-03 06:08 35696 ----a-w- c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

2008-06-19 08:20 57344 ----a-w- c:\windows\ALCMTR.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

2009-03-02 15:08 209153 ----a-w- c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-06-27 21:03 152872 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2004-08-04 02:45 15360 ----a-w- c:\windows\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2009-10-30 11:57 369200 ----a-w- c:\arquivos de programas\DAEMON Tools Lite\DTLite.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallIQUpdater]

2010-02-23 23:45 982528 ----a-w- c:\arquivos de programas\W3i\InstallIQUpdater\InstallIQUpdater.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]

2010-03-30 14:16 1820040 ----a-w- c:\arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-07-26 18:44 3883840 ------w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 17:57 153136 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2009-01-21 16:08 13680640 ----a-w- c:\windows\system32\nvcpl.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2009-01-21 16:08 86016 ----a-w- c:\windows\system32\nvmctray.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

2009-01-21 16:08 1657376 ----a-w- c:\windows\system32\nwiz.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]

2010-05-18 21:13 2938552 ----a-w- c:\arquivos de programas\Pando Networks\Media Booster\PMB.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

2003-12-08 19:35 32768 ----a-w- c:\arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2008-11-17 08:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

2009-03-05 18:07 2260480 --sha-r- c:\arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-02-18 14:43 248040 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Orbitdownloader\\orbitdm.exe"=

"c:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe"=

"c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Arquivos de programas\\Garena\\Garena.exe"=

"c:\\Arquivos de programas\\Heroes of Newerth\\hon.exe"=

"c:\\Arquivos de programas\\Valve\\hl.exe"=

"c:\\Arquivos de programas\\Valve\\hlds.exe"=

"c:\\Arquivos de programas\\EA GAMES\\Battlefield 2\\BF2.exe"=

"c:\\Arquivos de programas\\Microsoft Games\\Age of Mythology\\aomx.exe"=

"c:\\Arquivos de programas\\Heroes of Newerth - Extreme\\hon.exe"=

"c:\\Arquivos de programas\\Pando Networks\\Media Booster\\PMB.exe"=

"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=

"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=

"c:\\Arquivos de programas\\Microsoft Games\\Age of Mythology\\aom.exe"=

"c:\\Arquivos de programas\\BYOND\\bin\\byond.exe"=

"c:\\Arquivos de programas\\Turbine\\DDO Unlimited\\dndclient.exe"=

"c:\\AppServ\\Apache2.2\\bin\\httpd.exe"=

"c:\\Documents and Settings\\XP\\Desktop\\OTSERVS\\PortaSafe.AntiNuker.xh0t\\Portsafe_Anti-Nuker_.exe"=

"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"58472:TCP"= 58472:TCP:Pando Media Booster

"58472:UDP"= 58472:UDP:Pando Media Booster

"5910:TCP"= 5910:TCP:vnc5910

"56227:TCP"= 56227:TCP:Pando Media Booster

"56227:UDP"= 56227:UDP:Pando Media Booster

"8377:TCP"= 8377:TCP:League of Legends Launcher

"8377:UDP"= 8377:UDP:League of Legends Launcher

"8378:TCP"= 8378:TCP:League of Legends Launcher

"8378:UDP"= 8378:UDP:League of Legends Launcher

"6944:TCP"= 6944:TCP:League of Legends Launcher

"6944:UDP"= 6944:UDP:League of Legends Launcher

"6974:TCP"= 6974:TCP:League of Legends Launcher

"6974:UDP"= 6974:UDP:League of Legends Launcher

"6905:TCP"= 6905:TCP:League of Legends Launcher

"6905:UDP"= 6905:UDP:League of Legends Launcher

"8379:TCP"= 8379:TCP:League of Legends Launcher

"8379:UDP"= 8379:UDP:League of Legends Launcher

"8090:TCP"= 8090:TCP:AppServ

"1040:TCP"= 1040:TCP:Akamai NetSession Interface

"5000:UDP"= 5000:UDP:Akamai NetSession Interface

 

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [3/8/2004 23:45 14336]

R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [15/3/2010 20:44 108289]

R2 Apache2.2;Apache2.2;c:\appserv\Apache2.2\bin\httpd.exe [17/1/2008 14:37 24635]

R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\arquivos de programas\LogMeIn Hamachi\hamachi-2.exe [30/3/2010 11:16 1107336]

S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [30/5/2010 16:27 136176]

S3 ddsxeiservice;ddsxeiservice2;c:\arquivos de programas\sXe Injected\ddsxei.sys [28/5/2010 03:04 91776]

S3 extrem.sys;extrem;\??\c:\docume~1\XP\CONFIG~1\Temp\extrem.sys --> c:\docume~1\XP\CONFIG~1\Temp\extrem.sys [?]

S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\XP\CONFIG~1\Temp\SPJ30.tmp --> c:\docume~1\XP\CONFIG~1\Temp\SPJ30.tmp [?]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 XDva297;XDva297;\??\c:\windows\system32\XDva297.sys --> c:\windows\system32\XDva297.sys [?]

S3 XDva315;XDva315;\??\c:\windows\system32\XDva315.sys --> c:\windows\system32\XDva315.sys [?]

S3 XDva327;XDva327;\??\c:\windows\system32\XDva327.sys --> c:\windows\system32\XDva327.sys [?]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1/12/2009 11:40 691696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2010-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-05-30 19:27]

 

2010-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-05-30 19:27]

 

2010-09-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

- c:\arquivos de programas\Ask.com\UpdateTask.exe [2010-02-04 19:50]

.

.

------- Scan Suplementar -------

.

uStart Page = about:blank

mStart Page = hxxp://search.localstrike.com.ar/

uInternet Connection Wizard,ShellNext = hxxp://free.avg.com/br-pt.virbase-appf9?IDN=MGJmNjcyN2JlNjY1YzAwMA

IE: &Download by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/204

IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm

IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm

IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm

IE: Do&wnload selected by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/202

IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

TCP: {67E1F43E-C21B-442E-818F-BF9CE65083BC} = 8.8.8.8,8.8.4.4

.

- - - - ORFÃOS REMOVIDOS - - - -

 

MSConfigStartUp-Software Informer - c:\arquivos de programas\Software Informer\softinfo.exe

MSConfigStartUp-sysinfo - c:\docume~1\XP\CONFIG~1\Temp\62531170Wsy.dll

AddRemove-ArenaBrasil.Net Mu - c:\windows\ArenaBrasil.Net

AddRemove-DestroyerL2 - Patch - c:\arquivos de programas\Lineage II\Uninstal.exe

AddRemove-L2PhX 3.1.8 - c:\documents and settings\XP\Desktop\Arquivos\PHX\Uninstal.exe

AddRemove-Lineage 2 Hax - c:\arquivos de programas\Lineage II\Uninstal.exe

AddRemove-Ragnarok Online - c:\windows\IFinst27.exe

AddRemove-Ragnarok Sakray - c:\windows\IFinst27.exe

AddRemove-ShowGames - c:\arquivos de programas\Lineage II\Uninstal.exe

AddRemove-Sierra Utilities - c:\arquivos de programas\Sierra On-Line\sutil32.exe

AddRemove-uTorrent - c:\arquivos de programas\uTorrent\uTorrent.exe

AddRemove-System - c:\arquivos de programas\Lineage II\Uninstal.exe

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-09-01 23:56

Windows 5.1.2600 Service Pack 2 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\GarenaPEngine]

"ImagePath"="\??\c:\docume~1\XP\CONFIG~1\Temp\SPJ30.tmp"

 

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

Tempo para conclusão: 2010-09-02 00:00:20

ComboFix-quarantined-files.txt 2010-09-02 03:00

 

Pré-execução: 20 pasta(s) 177.415.491.584 bytes disponíveis

Pós execução: 23 pasta(s) 177.380.663.296 bytes disponíveis

 

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

- - End Of File - - B56449B7614470A50CE911831AAD262D

 

 

desculpa... eu pensei que você n iria entrar mais ... e fiz o combo fix pra deleta uma parada

ele acusou isso

Compartilhar este post


Link para o post
Compartilhar em outros sites

======= REPORT FROM AD-REMOVER 2.0.0.1,E | ONLY XP/VISTA/7 =======

 

Updated by C_XX on 01/09/10 at 16:00

Contact: AdRemover.contact[AT]gmail.com

website: http://pagesperso-orange.fr/NosTools/ad_remover.html

 

C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 00:22:13 on 02/09/2010, Normal boot

 

Microsoft Windows XP Professional Service Pack 2 (X86)

XP@XP-MICR789 ( )

 

============== ACTION(S) ==============

 

 

0,Folder deleted: C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

0,File deleted: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

0,Folder deleted: C:\Arquivos de programas\Ask.com

0,Folder deleted: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\AskToolbar

3,File deleted: C:\WINDOWS\Installer\94d44d.msi

 

(!) -- Temporary files deleted.

 

 

1,Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

1,Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

1,Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

1,Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

1,Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

1,Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

0,Key deleted: HKLM\Software\Classes\Toolbar.CT2284374

0,Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

1,Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

0,Key deleted: HKLM\Software\Freeze.com

0,Key deleted: HKCU\Software\Ask.com

0,Key deleted: HKCU\Software\AskToolbar

0,Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo

0,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\FLV Direct Player

3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

 

0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

** Internet Explorer Version [6.0.2900.2180] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Arquivos de programas\Ad-Remover\Quarantine: 17 File(s)

C:\Arquivos de programas\Ad-Remover\Backup: 13 File(s)

 

C:\Ad-Report-CLEAN[1].txt - 02/09/2010 (841 Byte(s))

 

End at: 00:23:11, 02/09/2010

 

============== E.O.F ==============

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 00:26:36, on 2/9/2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\TortoiseSVN\bin\TSVNCache.exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe

C:\FirefoxPortable\FirefoxPortable.exe

C:\FirefoxPortable\App\firefox\firefox.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\AppServ\Apache2.2\bin\httpd.exe

C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\AppServ\Apache2.2\bin\httpd.exe

C:\WINDOWS\system32\wscntfy.exe

C:\FirefoxPortable\App\firefox\plugin-container.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\XP\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://free.avg.com/br-pt.virbase-appf9?IDN=MGJmNjcyN2JlNjY1YzAwMA

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG9\avgssie.dll (file missing)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{67E1F43E-C21B-442E-818F-BF9CE65083BC}: NameServer = 8.8.8.8,8.8.4.4

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 8338 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ei, só uma observação, agora toda vez que renicia.. a parada da placa de video da erro

diz que n foi possivel iniciar algo do tipo;... e outra o meu "msconfig" sumiu do system32... acho que o avira deletou ele ;/

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.