vasp 0 Denunciar post Postado Setembro 1, 2010 eu não consigo instalar nenhum .exe, o Avira fica alertando virus em qualquer programa, aleatoriamente... A baixo o log do HijackThis2.0.4 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:39:15, on 1/9/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\TortoiseSVN\bin\TSVNCache.exe C:\Arquivos de programas\Skype\Phone\Skype.exe C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\FirefoxPortable\FirefoxPortable.exe C:\FirefoxPortable\App\firefox\firefox.exe C:\FirefoxPortable\App\firefox\plugin-container.exe C:\Documents and Settings\XP\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://free.avg.com/br-pt.virbase-appf9?IDN=MGJmNjcyN2JlNjY1YzAwMA O1 - Hosts: 70.38.12.152 L2authd.lineage2.com O1 - Hosts: 66.240.255.107 nprotect.lineage2.com O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG9\avgssie.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\system32\msconfig.exe /auto O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\RunServices: [csrcs] C:\WINDOWS\system32\csrcs.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{67E1F43E-C21B-442E-818F-BF9CE65083BC}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 9393 bytes Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 1, 2010 ############################## | FindyKill V5.048 | # User : XP (Usuários) # XP-MICR789 # Update on 28/08/2010 by El Desaparecido # Start at: 17:27:14 | 1/9/2010 # Website : http://pagesperso-orange.fr/NosTools/index.html # Contact : FindyKill.Contact@gmail.com # AMD Phenom 9650 Quad-Core Processor # Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 2 # Internet Explorer 6.0.2900.2180 # Windows Firewall Status : Enabled # AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ] # C:\ # Disco fixo local # 292,97 Go (145,14 Go free) # NTFS # D:\ # Disco CD-ROM # E:\ # Disco fixo local # 172,78 Go (156,89 Go free) # NTFS # F:\ # Disco CD-ROM # G:\ # Disco removível # 3,73 Go (3,73 Go free) [KINGSTON] # FAT32 ################## | Ficheiros infeciosos | ################## | Registro | ################## | Estado | # Affichagem dos arquivos ocultos : OK # Safe mode : OK # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) # Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 ) # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) ################## | ! Fim do relatório # FindyKill V5.048 ! | Log do findykill Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 1, 2010 *Baixe o OTL e salve-o no desktop *Execute o OTL e selecione as opções abaixo: [X] Verificar All UsersExame Extra do Registro: [X] Nenhum [X] Ignorar Arquivos Microsoft [X] Usar WhiteList para Nomes de Companhias [X] Verificar Lop [X] Verificar Purity *Deixe as demais opções como estão. *Clique no espaço abaixo de "Exames Personalizados/Correções" e cole o código: %SystemRoot%\system32\drivers\*.* %SystemRoot%\Prefetch\*.* %SystemDrive%\documents and settings\All Users\Dados de aplicativos\*.* %SystemDrive%\documents and settings\All Users\Dados de aplicativos\* %SystemDrive%\documents and settings\All Users\Menu iniciar\Programas\Inicializar\*.* %SystemDrive%\documents and settings\User\Configurações Locais\Temp\*.* netsvcs *Clique [Verificar] *Cole o relatório OTL.txt apresentado Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 1, 2010 OTL logfile created on: 1/9/2010 18:10:55 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\XP\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 292,97 Gb Total Space | 145,16 Gb Free Space | 49,55% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 172,78 Gb Total Space | 156,89 Gb Free Space | 90,80% Space Free | Partition Type: NTFS F: Drive not present or media not loaded Drive G: | 3,73 Gb Total Space | 3,73 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XP-MICR789 Current User Name: XP Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/09/01 18:10:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.com PRC - [2010/07/24 13:37:41 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\FirefoxPortable\App\Firefox\plugin-container.exe PRC - [2010/07/24 13:37:40 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\FirefoxPortable\App\Firefox\firefox.exe PRC - [2010/04/17 11:29:56 | 000,619,784 | ---- | M] (http://tortoisesvn.net) -- C:\Arquivos de programas\TortoiseSVN\bin\TSVNCache.exe PRC - [2009/09/10 11:12:38 | 000,152,688 | ---- | M] (PortableApps.com) -- C:\FirefoxPortable\FirefoxPortable.exe PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe PRC - [2008/01/17 14:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) -- C:\AppServ\Apache2.2\bin\httpd.exe PRC - [2004/08/03 23:45:34 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004/08/03 23:45:32 | 000,400,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe ========== Modules (SafeList) ========== MOD - [2010/09/01 18:10:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.com MOD - [2004/08/03 23:44:04 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004/08/03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010/08/20 22:46:35 | 002,854,488 | ---- | M] () [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Akamai\rswin_3745.dll -- (Akamai) SRV - [2010/03/30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2009/12/06 16:49:00 | 003,386,992 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008/01/17 14:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\AppServ\Apache2.2\bin\httpd.exe -- (Apache2.2) SRV - [2007/06/27 18:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva327.sys -- (XDva327) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva315.sys -- (XDva315) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva297.sys -- (XDva297) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ManyCam.sys -- (ManyCam) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\XP\CONFIG~1\Temp\SPJ30.tmp -- (GarenaPEngine) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\XP\CONFIG~1\Temp\extrem.sys -- (extrem.sys) DRV - [2010/05/28 03:04:51 | 000,091,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Arquivos de programas\sXe Injected\ddsxei.sys -- (ddsxeiservice) DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009/12/01 11:40:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/01/21 13:08:00 | 006,305,472 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008/11/25 05:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/08/18 07:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts) DRV - [2008/08/01 00:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008/08/01 00:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2007/09/04 19:01:04 | 000,037,009 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Arquivos de programas\Gravity\Ragnarok Online\npkcusb.sys -- (npkcusb) DRV - [2007/09/04 19:01:04 | 000,021,442 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Arquivos de programas\Gravity\Ragnarok Online\npkcrypt.sys -- (npkcrypt) DRV - [2005/01/07 16:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004/08/14 15:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Driver de áudio USB (WDM) DRV - [2003/09/25 17:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/ IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/ IE - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1547161642-651377827-725345543-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-1547161642-651377827-725345543-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2010/09/01 16:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions [2010/08/30 13:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions-BackupByFirefoxPortable [2010/08/30 13:04:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dados de aplicativos\Mozilla\Extensions-BackupByFirefoxPortable\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/10/04 20:48:30 | 000,023,158 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\localstrike.xml O1 HOSTS File: ([2009/08/30 17:12:07 | 000,000,092 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 70.38.12.152 L2authd.lineage2.com O1 - Hosts: 66.240.255.107 nprotect.lineage2.com O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG9\avgssie.dll File not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-1547161642-651377827-725345543-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\System32\msconfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\RunServices: [csrcs] C:\WINDOWS\System32\csrcs.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-1547161642-651377827-725345543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8 - Extra context menu item: &Download by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Baixar com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dllink.htm () O8 - Extra context menu item: Baixar tudo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlall.htm () O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Download selecionado pelo Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlselected.htm () O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2002/02/21 05:49:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/09/01 17:20:05 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/09/01 17:20:06 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/09/01 17:20:08 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ FAT32 ] O33 - MountPoints2\{69540456-ddb6-11de-97db-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{69540456-ddb6-11de-97db-806d6172696f}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe -- File not found O33 - MountPoints2\{dca6cb71-6fdb-11df-8cf8-002618ea9e39}\Shell\aUtoPlAy\coMmaNd - "" = G:\idlef.pif -- File not found O33 - MountPoints2\{dca6cb71-6fdb-11df-8cf8-002618ea9e39}\Shell\AutoRun\command - "" = G:\idlef.pif -- File not found O33 - MountPoints2\{dca6cb71-6fdb-11df-8cf8-002618ea9e39}\Shell\eXPLorE\COmMaNd - "" = G:\idlef.pif -- File not found O33 - MountPoints2\{dca6cb71-6fdb-11df-8cf8-002618ea9e39}\Shell\oPen\commANd - "" = G:\idlef.pif -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/09/01 18:10:25 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.com [2010/09/01 17:34:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\Recent [2010/09/01 17:26:43 | 000,000,000 | ---D | C] -- C:\FyK [2010/09/01 17:26:43 | 000,000,000 | ---D | C] -- \FyK [2010/09/01 17:20:05 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2010/09/01 17:20:05 | 000,000,000 | RHSD | C] -- \Autorun.inf [2010/09/01 16:38:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\XP\Desktop\HiJackThis.exe [2010/09/01 16:28:22 | 001,214,584 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix(3).exe [2010/09/01 16:16:47 | 001,214,584 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix(2).exe [2010/09/01 16:08:42 | 000,000,000 | ---D | C] -- C:\UsbFix [2010/09/01 16:08:42 | 000,000,000 | ---D | C] -- \UsbFix [2010/09/01 16:08:30 | 001,208,952 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix.exe [2010/08/28 12:51:45 | 000,000,000 | ---D | C] -- C:\RagnaSony [2010/08/28 12:51:45 | 000,000,000 | ---D | C] -- \RagnaSony [2010/08/25 07:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Meus documentos\EDINETE - FACULDADE [2010/08/22 18:54:37 | 000,000,000 | ---D | C] -- C:\PopGameBox [2010/08/22 18:54:37 | 000,000,000 | ---D | C] -- \PopGameBox [2010/08/22 18:50:55 | 006,872,723 | ---- | C] (Pop Game Soft, Inc. ) -- C:\Documents and Settings\XP\Meus documentos\popgamebox_fsetup.exe [2010/08/14 16:43:31 | 001,283,912 | ---- | C] (Blizzard Entertainment) -- C:\Documents and Settings\XP\Meus documentos\wowclient-downloader.exe [2010/08/07 03:47:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Blizzard Entertainment [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/09/01 18:10:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Desktop\OTL.com [2010/09/01 18:01:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010/09/01 17:37:01 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/09/01 17:37:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/09/01 17:35:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/09/01 17:35:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/09/01 17:34:44 | 009,961,472 | -H-- | M] () -- C:\Documents and Settings\XP\NTUSER.DAT [2010/09/01 17:26:40 | 001,331,978 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Setup.exe [2010/09/01 17:19:15 | 000,716,035 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\UsbFix (versão 3.030) [2010/09/01 17:07:52 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2010/09/01 16:54:42 | 001,208,952 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix.exe [2010/09/01 16:38:35 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\XP\Desktop\HiJackThis.exe [2010/09/01 16:34:11 | 000,000,734 | ---- | M] () -- C:\WINDOWS\win.ini [2010/09/01 16:34:11 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/09/01 16:34:11 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010/09/01 16:28:23 | 001,214,584 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix(3).exe [2010/09/01 16:16:47 | 001,214,584 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\XP\Desktop\UsbFix(2).exe [2010/09/01 15:43:33 | 000,207,962 | ---- | M] () -- C:\WINDOWS\System32\1nvapps.xml [2010/09/01 15:36:56 | 000,079,597 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\asdasdasd.jpg [2010/09/01 15:27:29 | 000,034,542 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\download338.jpg [2010/09/01 14:51:02 | 000,028,061 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\retorno_do_rei_10.jpg [2010/09/01 14:46:00 | 000,043,374 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Lordoftherings-3.JPG [2010/09/01 14:17:45 | 000,057,312 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\1069850_4.jpg [2010/09/01 14:00:26 | 000,007,318 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\estatueta_oscar.jpg [2010/09/01 13:55:56 | 000,049,695 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\senhor-dos-aneis-3-poster07.jpg [2010/09/01 01:04:54 | 000,000,330 | -HS- | M] () -- C:\Documents and Settings\XP\ntuser.ini [2010/08/31 19:24:43 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Arthas - RagNanime.exe.lnk [2010/08/30 13:12:45 | 000,206,848 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Iara antes de ser sereia era uma índia guerreira.doc [2010/08/30 13:07:40 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Microsoft Office Word 2003.lnk [2010/08/27 21:10:58 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\XP\intlname.ols [2010/08/27 12:32:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/08/26 20:07:57 | 000,057,856 | ---- | M] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/26 15:49:58 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Ragnanime.lnk [2010/08/25 12:31:24 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Teamspeak RC2.lnk [2010/08/25 09:34:27 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\XP\Meus documentos\Curriculum Vitae Nete.doc [2010/08/25 07:54:15 | 000,000,491 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\EDINETE - FACULDADE.lnk [2010/08/23 16:41:34 | 026,517,867 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\RagNanime - Arthas 1.3a.exe [2010/08/23 15:22:51 | 332,612,446 | ---- | M] () -- C:\Arquivos de programas\Valve.rar [2010/08/23 12:51:26 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Atalho para RSBot-118.lnk [2010/08/22 18:54:40 | 000,001,392 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Popgamebox.lnk [2010/08/22 18:54:31 | 006,872,723 | ---- | M] (Pop Game Soft, Inc. ) -- C:\Documents and Settings\XP\Meus documentos\popgamebox_fsetup.exe [2010/08/22 16:08:34 | 000,001,197 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Meus documentos.lnk [2010/08/22 03:35:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/08/16 21:36:36 | 000,014,546 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Partido do Inovador.JPG [2010/08/15 04:00:55 | 002,642,182 | -H-- | M] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\IconCache.db [2010/08/15 02:10:48 | 000,001,866 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\HallsRO.lnk [2010/08/14 21:27:38 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Slave-RO.lnk [2010/08/14 18:28:09 | 000,001,849 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\SecretRO.ink.lnk [2010/08/14 17:15:31 | 000,000,031 | ---- | M] () -- C:\WINDOWS\GunzLauncher.INI [2010/08/14 16:43:46 | 001,283,912 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\XP\Meus documentos\wowclient-downloader.exe [2010/08/10 10:41:20 | 006,586,233 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\Edital_357_2010_Graduacao.pdf [2010/08/09 00:03:06 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\HV.doc [2010/08/08 01:33:10 | 000,000,515 | ---- | M] () -- C:\Documents and Settings\XP\Desktop\D2PK Launcher.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/09/01 18:09:10 | 000,001,252 | ---- | C] () -- \FyK.txt [2010/09/01 17:26:31 | 001,331,978 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Setup.exe [2010/09/01 17:19:07 | 000,716,035 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\UsbFix (versão 3.030) [2010/09/01 16:55:24 | 000,000,890 | ---- | C] () -- \UsbFix.txt [2010/09/01 16:26:04 | 026,517,867 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\RagNanime - Arthas 1.3a.exe [2010/09/01 15:40:47 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\XP\control_panel.txt [2010/09/01 15:36:54 | 000,079,597 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\asdasdasd.jpg [2010/09/01 15:27:06 | 000,034,542 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\download338.jpg [2010/09/01 14:51:02 | 000,028,061 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\retorno_do_rei_10.jpg [2010/09/01 14:17:45 | 000,057,312 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\1069850_4.jpg [2010/09/01 14:07:20 | 000,043,374 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Lordoftherings-3.JPG [2010/09/01 14:00:26 | 000,007,318 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\estatueta_oscar.jpg [2010/09/01 13:55:55 | 000,049,695 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\senhor-dos-aneis-3-poster07.jpg [2010/08/30 13:12:45 | 000,206,848 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Iara antes de ser sereia era uma índia guerreira.doc [2010/08/26 15:49:32 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Ragnanime.lnk [2010/08/25 12:31:24 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Teamspeak RC2.lnk [2010/08/25 07:54:15 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\EDINETE - FACULDADE.lnk [2010/08/23 18:05:58 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Arthas - RagNanime.exe.lnk [2010/08/23 15:18:56 | 332,612,446 | ---- | C] () -- C:\Arquivos de programas\Valve.rar [2010/08/22 18:54:40 | 000,001,392 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Popgamebox.lnk [2010/08/22 16:07:27 | 000,001,197 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Meus documentos.lnk [2010/08/15 02:10:48 | 000,001,866 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\HallsRO.lnk [2010/08/15 01:54:04 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\XP\intlname.ols [2010/08/14 18:28:09 | 000,001,849 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\SecretRO.ink.lnk [2010/08/14 18:21:39 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Slave-RO.lnk [2010/08/10 10:40:23 | 006,586,233 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Edital_357_2010_Graduacao.pdf [2010/08/09 21:43:53 | 000,014,546 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\Partido do Inovador.JPG [2010/08/08 23:40:40 | 000,225,280 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\HV.doc [2010/08/08 01:32:59 | 000,000,515 | ---- | C] () -- C:\Documents and Settings\XP\Desktop\D2PK Launcher.lnk [2010/07/22 14:18:19 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2010/07/20 17:37:28 | 003,352,628 | ---- | C] () -- C:\Arquivos de programas\Remere's Map Editor.rar [2010/06/27 18:46:38 | 003,577,605 | ---- | C] () -- C:\Arquivos de programas\TibiaBot NG4.rar [2010/06/20 00:58:59 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dksav3.ini [2010/06/20 00:56:16 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dksav1.ini [2010/05/01 22:50:07 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\XP\Dados de aplicativos\RSBot Accounts.ini [2010/02/03 22:52:04 | 000,000,686 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2009/12/24 15:12:17 | 000,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI [2009/12/05 21:47:08 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\fusioncache.dat [2009/12/04 19:36:52 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI [2009/12/04 19:23:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/12/01 12:04:38 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2009/12/01 12:04:38 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2009/12/01 12:04:38 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2009/12/01 11:40:29 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/01 11:40:00 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009/11/30 10:54:29 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/11/30 10:53:43 | 000,008,274 | ---- | C] () -- C:\WINDOWS\WDIC.INI [2009/11/30 10:45:02 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2009/11/30 10:44:52 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009/11/30 10:44:43 | 000,023,640 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/11/30 10:44:43 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/01/21 13:08:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009/01/21 13:08:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009/01/21 13:08:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009/01/21 13:08:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008/05/08 06:15:34 | 000,043,368 | ---- | C] () -- C:\WINDOWS\php.ini [2008/05/07 16:17:10 | 002,076,672 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll [2003/04/07 10:30:02 | 000,005,383 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== LOP Check ========== [2009/12/01 11:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite [2010/02/16 00:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FreeDownloadManager.ORG [2010/01/19 16:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus! [2009/12/25 00:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NFS Underground [2010/06/20 00:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PMB Files [2010/08/11 11:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP [2010/04/03 18:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\W3i [2009/12/01 12:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\DAEMON Tools Lite [2010/06/02 15:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Easeware [2010/08/31 19:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Free Download Manager [2010/06/02 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\GetRightToGo [2010/08/12 19:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\LimeWire [2010/05/18 20:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\LolClient [2010/04/04 15:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\ManyCam [2010/06/26 23:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Orbit [2010/07/18 18:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Remere's Map Editor [2010/06/27 15:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Sony Online Entertainment [2010/07/25 19:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\sqlitestudio [2010/05/01 21:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Subversion [2010/07/18 20:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Tibia [2010/06/20 11:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\Turbine [2010/08/12 19:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dados de aplicativos\uTorrent [2010/09/01 18:01:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ========== Purity Check ========== ========== Custom Scans ========== < %SystemRoot%\system32\drivers\*.* > [2004/08/03 23:35:08 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpi.sys [2001/10/28 14:06:06 | 000,011,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpiec.sys [2004/08/03 21:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys [2004/08/03 22:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\afd.sys [2008/08/05 09:10:12 | 001,684,736 | ---- | M] (Creative) -- C:\WINDOWS\system32\drivers\Ambfilt.sys [2004/08/03 23:55:42 | 000,041,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk6.sys [2004/08/03 23:55:42 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys [2004/08/03 23:55:42 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\arp1394.sys [2004/08/14 15:56:20 | 000,005,810 | R--- | M] () -- C:\WINDOWS\system32\drivers\ASACPI.sys [2007/12/28 04:22:02 | 000,010,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [2004/08/03 22:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\asyncmac.sys [2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 21:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmarpc.sys [2001/10/28 14:06:10 | 000,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmepvc.sys [2004/08/03 21:58:36 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmlane.sys [2001/10/28 14:06:10 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmuni.sys [2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\audstub.sys [2009/02/13 11:17:49 | 000,045,416 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntdd.sys [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys [2009/02/13 11:29:11 | 000,022,360 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys [2001/10/28 14:06:10 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\beep.sys [2004/08/03 21:59:58 | 000,071,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bridge.sys [2001/01/03 12:06:18 | 000,148,385 | ---- | M] (D-Link Corporation) -- C:\WINDOWS\system32\drivers\ca500av.sys [2001/10/28 14:06:10 | 000,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cbidf2k.sys [2004/08/03 23:10:18 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\CCDECODE.sys [2001/10/28 14:06:30 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdaudio.sys [2004/08/03 22:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdfs.sys [2009/04/28 17:20:06 | 000,009,072 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys [2009/04/28 17:20:06 | 000,009,200 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdralw2k.sys [2004/08/03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdrom.sys [2001/10/28 14:06:30 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [2004/08/03 22:14:28 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\classpnp.sys [2001/10/28 14:06:30 | 000,011,776 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [2004/08/03 23:55:42 | 000,040,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\crusoe.sys [2004/08/03 21:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\disk.sys [2004/08/03 21:59:54 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\diskdump.sys [2004/08/03 23:39:24 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmboot.sys [2004/08/03 23:39:26 | 000,153,984 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmio.sys [2001/10/28 14:06:18 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\system32\drivers\dmload.sys [2004/08/03 22:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DMusic.sys [2004/08/03 22:08:00 | 000,060,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmk.sys [2004/08/03 22:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys [2001/10/28 14:06:32 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxapi.sys [2004/08/03 22:00:56 | 000,071,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxg.sys [2001/10/28 14:06:32 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxgthk.sys [2004/08/03 22:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fastfat.sys [2004/08/03 21:59:28 | 000,027,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fdc.sys [2001/10/28 14:06:32 | 000,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fips.sys [2004/08/03 21:59:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\flpydisk.sys [2004/08/03 22:01:20 | 000,124,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fltMgr.sys [2001/10/28 14:06:30 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys [2001/10/28 14:06:34 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fs_rec.sys [2001/10/28 14:06:34 | 000,125,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ftdisk.sys [2001/10/28 14:06:34 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls [2001/10/28 14:06:34 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\hamachi.sys [2005/01/07 16:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys [2005/01/07 16:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [2004/08/03 22:08:20 | 000,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidclass.sys [2004/08/03 22:08:18 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidparse.sys [2001/08/17 22:02:20 | 000,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidusb.sys [2004/08/03 22:00:14 | 000,263,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\http.sys [2004/08/03 23:37:16 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\i8042prt.sys [2007/07/03 18:10:10 | 000,011,304 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\system32\drivers\imagedrv.sys [2007/07/03 18:10:12 | 000,132,904 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\system32\drivers\imagesrv.sys [2004/08/03 22:00:16 | 000,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\imapi.sys [2004/08/03 23:38:28 | 000,040,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelppm.sys [2004/08/03 22:00:08 | 000,029,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ip6fw.sys [2001/10/28 14:06:38 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys [2004/08/03 22:04:46 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipinip.sys [2004/08/03 22:04:52 | 000,134,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipnat.sys [2004/08/03 22:14:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipsec.sys [2004/08/03 22:00:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irenum.sys [2001/10/28 14:06:40 | 000,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\isapnp.sys [2004/08/03 23:39:20 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdclass.sys [2004/08/03 23:39:20 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys [2004/08/03 22:07:50 | 000,171,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys [2004/08/03 23:15:22 | 000,140,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ks.sys [2004/08/03 21:59:48 | 000,092,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ksecdd.sys [2001/10/28 14:06:58 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mcd.sys [2004/08/03 23:55:42 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mf.sys [2001/01/03 12:06:18 | 000,010,810 | ---- | M] (D-Link Corporation) -- C:\WINDOWS\system32\drivers\minbulk.sys [2001/10/28 14:07:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mnmdd.sys [2004/08/03 23:55:42 | 000,030,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\modem.sys [2006/01/04 04:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\Monfilt.sys [2004/08/04 00:35:08 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouclass.sys [2001/09/05 23:20:20 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouhid.sys [2004/08/03 21:58:32 | 000,042,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mountmgr.sys [2004/08/03 21:58:22 | 000,072,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mqac.sys [2004/08/03 22:00:58 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxdav.sys [2004/08/03 22:15:18 | 000,451,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys [2004/08/03 22:00:42 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msfs.sys [2004/08/03 22:04:14 | 000,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msgpc.sys [2004/08/03 21:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSKSSRV.sys [2004/08/03 21:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys [2004/08/03 21:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPQM.sys [2004/08/03 23:55:42 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mssmbios.sys [2004/08/03 22:58:40 | 000,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSTEE.sys [2004/08/03 22:15:22 | 000,107,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mup.sys [2004/08/03 23:10:30 | 000,085,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NABTSFEC.sys [2004/08/03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndis.sys [2004/08/03 23:10:14 | 000,010,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NdisIP.sys [2001/10/28 14:07:06 | 000,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys [2004/08/03 23:55:42 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndisuio.sys [2004/08/03 22:14:32 | 000,091,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndiswan.sys [2001/10/28 14:07:06 | 000,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys [2004/08/03 22:03:22 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbios.sys [2004/08/03 22:14:38 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbt.sys [2004/08/03 23:55:42 | 000,061,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nic1394.sys [2001/10/28 14:06:30 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\nikedrv.sys [2004/08/03 21:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys [2004/08/03 22:00:44 | 000,030,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\npfs.sys [2004/08/03 22:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ntfs.sys [2001/10/28 14:07:12 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\null.sys [2009/01/21 13:08:00 | 006,305,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [2008/08/01 00:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys [2008/08/18 07:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvgts.sys [2008/08/01 00:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys [2008/08/01 00:35:58 | 000,955,520 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnrm.sys [2008/07/07 14:45:58 | 000,004,984 | R--- | M] () -- C:\WINDOWS\system32\drivers\nvphy.bin [2001/10/28 14:07:14 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys [2001/10/28 14:07:14 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys [2004/08/03 22:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys [2001/10/28 14:07:14 | 000,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys [2001/10/28 14:07:14 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys [2004/08/03 22:02:24 | 000,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwrdr.sys [2001/10/28 14:07:16 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\oprghdlr.sys [2003/09/25 17:00:00 | 000,025,211 | ---- | M] (OmniVision Technologies Inc.) -- C:\WINDOWS\system32\drivers\ov519cmd.sys [2003/09/25 17:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ov519vid.sys [2004/08/03 23:55:42 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\p3.sys [2004/08/03 23:55:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parport.sys [2001/10/28 14:07:16 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\partmgr.sys [2001/10/28 14:07:16 | 000,007,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parvdm.sys [2004/08/03 23:35:08 | 000,068,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pci.sys [2001/10/28 14:07:18 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciide.sys [2004/08/03 21:59:42 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciidex.sys [2004/08/03 23:35:10 | 000,120,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pcmcia.sys [2004/03/16 09:58:20 | 000,136,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\portcls.sys [2004/08/03 23:55:42 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\processr.sys [2004/08/03 22:04:20 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\psched.sys [2001/10/28 14:07:22 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys [2009/04/28 17:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys [2001/10/28 14:07:22 | 000,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasacd.sys [2004/08/03 22:14:24 | 000,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasl2tp.sys [2004/08/03 22:05:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspppoe.sys [2004/08/03 22:14:28 | 000,048,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspptp.sys [2001/10/28 14:07:24 | 000,016,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspti.sys [2001/10/28 14:07:24 | 000,034,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rawwan.sys [2004/08/03 22:20:08 | 000,176,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdbss.sys [2001/10/28 14:07:24 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpcdd.sys [2004/08/03 23:01:16 | 000,196,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpdr.sys [2004/08/03 23:45:56 | 000,139,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys [2004/08/03 21:36:32 | 000,057,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\redbook.sys [2001/10/28 14:06:30 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\rio8drv.sys [2001/10/28 14:06:30 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\riodrv.sys [2001/10/28 14:07:24 | 000,200,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\RMCast.sys [2004/08/03 22:04:32 | 000,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rndismp.sys [2001/10/28 14:07:24 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys [2008/11/25 05:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [2004/08/03 21:59:42 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\scsiport.sys [2004/08/03 22:07:48 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys [2009/12/24 23:56:10 | 000,012,400 | ---- | M] (Macrovision Europe Ltd) -- C:\WINDOWS\system32\drivers\secdrv.sys [2004/08/03 21:59:08 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serenum.sys [2004/08/03 23:37:42 | 000,065,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serial.sys [2004/08/03 21:59:56 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys [2004/08/03 21:59:56 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys [2004/08/03 21:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sfloppy.sys [2004/08/03 23:10:18 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\SLIP.sys [2001/10/28 14:07:28 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\smclib.sys [2004/08/03 23:55:42 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sonydcam.sys [2004/08/03 22:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys [2009/12/01 11:40:00 | 000,691,696 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys [2004/08/03 23:41:04 | 000,073,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sr.sys [2004/08/03 22:14:46 | 000,336,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [2004/08/03 23:08:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\stream.sys [2004/08/03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\StreamIP.sys [2004/08/03 23:55:42 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swenum.sys [2001/08/17 21:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys [2004/08/03 22:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys [2004/08/03 22:00:00 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tape.sys [2004/08/03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip.sys [2004/08/03 22:07:46 | 000,223,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys [2004/08/03 22:07:50 | 000,018,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdi.sys [2004/08/03 23:45:56 | 000,012,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdpipe.sys [2004/08/03 23:45:56 | 000,021,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdtcp.sys [2004/08/04 00:45:54 | 000,040,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\termdd.sys [2001/10/28 14:06:30 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tosdvd.sys [2001/10/28 14:06:30 | 000,021,376 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [2004/08/03 23:55:42 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tunmp.sys [2004/08/03 22:00:32 | 000,066,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\udfs.sys [2004/08/03 21:58:34 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\update.sys [2004/08/03 22:04:34 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys [2001/10/28 14:06:30 | 000,023,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd.sys [2001/10/28 14:06:30 | 000,023,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd2.sys [2004/08/03 22:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbccgp.sys [2001/10/28 14:07:34 | 000,004,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbd.sys [2004/08/03 22:08:38 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys [2004/08/03 22:08:44 | 000,057,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbhub.sys [2004/08/03 23:55:42 | 000,016,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbintel.sys [2004/08/03 22:08:38 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbohci.sys [2004/08/03 22:08:44 | 000,142,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbport.sys [2004/08/03 22:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBSTOR.SYS [2001/10/28 14:06:30 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [2004/08/03 22:07:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vga.sys [2004/08/03 22:07:06 | 000,079,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\videoprt.sys [2004/08/03 23:37:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\volsnap.sys [2004/08/03 22:04:58 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wanarp.sys [2004/08/03 22:15:06 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys [2001/10/28 14:07:46 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmilib.sys [2004/08/11 00:45:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wpdusb.sys [2001/10/28 14:07:48 | 000,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys [2004/08/03 23:10:22 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS < %SystemRoot%\Prefetch\*.* > [2010/08/25 08:35:34 | 000,055,808 | ---- | M] () -- C:\WINDOWS\Prefetch\ACRORD32.EXE-34A08EDB.pf [2010/08/25 08:44:28 | 000,055,780 | ---- | M] () -- C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-278F5F5E.pf [2010/08/27 12:51:15 | 000,019,146 | ---- | M] () -- C:\WINDOWS\Prefetch\ADOBEARM.EXE-2C0B2F33.pf [2010/08/26 15:41:58 | 000,032,908 | ---- | M] () -- C:\WINDOWS\Prefetch\ALFARO.EXE-1FF01939.pf [2010/08/26 15:42:10 | 000,037,816 | ---- | M] () -- C:\WINDOWS\Prefetch\ALFAROCLIENT.EXE-3413A252.pf [2010/09/01 15:44:32 | 000,014,648 | ---- | M] () -- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf [2010/08/31 19:37:06 | 000,062,618 | ---- | M] () -- C:\WINDOWS\Prefetch\ARTHAS - RAGNANIME.EXE-226852F5.pf [2010/09/01 15:38:46 | 000,024,252 | ---- | M] () -- C:\WINDOWS\Prefetch\AU_.EXE-294EB7EA.pf [2010/08/31 19:07:40 | 000,050,580 | ---- | M] () -- C:\WINDOWS\Prefetch\AVGNT.EXE-20F46265.pf [2010/08/31 01:08:02 | 000,044,140 | ---- | M] () -- C:\WINDOWS\Prefetch\AVGUARD.EXE-31B97082.pf [2010/09/01 15:54:26 | 000,039,834 | ---- | M] () -- C:\WINDOWS\Prefetch\AVNOTIFY.EXE-274E4E95.pf [2010/09/01 18:10:40 | 000,049,348 | ---- | M] () -- C:\WINDOWS\Prefetch\AVWSC.EXE-019F86B8.pf [2010/09/01 15:15:28 | 000,053,584 | ---- | M] () -- C:\WINDOWS\Prefetch\BATTERY 3.EXE-05C17419.pf [2010/09/01 15:16:13 | 000,053,498 | ---- | M] () -- C:\WINDOWS\Prefetch\BATTERY 3.EXE-245E945C.pf [2010/08/30 21:10:39 | 000,012,448 | ---- | M] () -- C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf [2010/09/01 15:37:49 | 000,068,630 | ---- | M] () -- C:\WINDOWS\Prefetch\CCLEANER.EXE-16242569.pf [2010/08/28 12:52:35 | 000,048,958 | ---- | M] () -- C:\WINDOWS\Prefetch\CLIENT.BIN-35A88110.pf [2010/08/28 12:52:30 | 000,025,268 | ---- | M] () -- C:\WINDOWS\Prefetch\CRAGSONY.EXE-28CC0AA9.pf [2010/08/28 12:23:07 | 000,013,450 | ---- | M] () -- C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf [2010/08/31 21:28:50 | 000,014,804 | ---- | M] () -- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf [2010/08/31 21:28:51 | 000,057,278 | ---- | M] () -- C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf [2010/08/23 13:30:53 | 000,009,644 | ---- | M] () -- C:\WINDOWS\Prefetch\DIABLO II.EXE-06410441.pf [2010/09/01 17:30:24 | 000,025,202 | ---- | M] () -- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf [2010/09/01 17:00:59 | 000,099,038 | ---- | M] () -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf [2010/08/31 19:23:57 | 000,060,242 | ---- | M] () -- C:\WINDOWS\Prefetch\FDM.EXE-10318DDF.pf [2010/09/01 18:09:53 | 000,072,134 | ---- | M] () -- C:\WINDOWS\Prefetch\FIREFOX.EXE-1051016A.pf [2010/08/24 11:20:38 | 000,029,112 | ---- | M] () -- C:\WINDOWS\Prefetch\FIREFOX.EXE-3AC22183.pf [2010/09/01 18:10:01 | 000,099,098 | ---- | M] () -- C:\WINDOWS\Prefetch\FIREFOXPORTABLE.EXE-038E84EB.pf [2010/08/23 13:30:55 | 000,059,568 | ---- | M] () -- C:\WINDOWS\Prefetch\GAME.EXE-1F75E2A3.pf [2010/09/01 17:37:00 | 000,012,760 | ---- | M] () -- C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-0017DD00.pf [2010/09/01 17:37:01 | 000,028,458 | ---- | M] () -- C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-19D08292.pf [2010/08/26 14:28:50 | 000,049,954 | ---- | M] () -- C:\WINDOWS\Prefetch\GTA_SA.EXE-1D024066.pf [2010/09/01 18:10:27 | 000,026,270 | ---- | M] () -- C:\WINDOWS\Prefetch\GUARDGUI.EXE-1F071B35.pf [2010/08/29 18:42:26 | 000,069,858 | ---- | M] () -- C:\WINDOWS\Prefetch\HALLSRO - ATUALIZADOR.EXE-2310C195.pf [2010/08/26 15:42:48 | 000,022,508 | ---- | M] () -- C:\WINDOWS\Prefetch\HALLSRO.BIN-1729658E.pf [2010/08/26 15:42:49 | 000,012,126 | ---- | M] () -- C:\WINDOWS\Prefetch\HALLSRO.EXE-0F39D067.pf [2010/08/31 01:08:12 | 000,051,886 | ---- | M] () -- C:\WINDOWS\Prefetch\HAMACHI-2.EXE-14D8D4E2.pf [2010/08/31 01:08:02 | 000,043,298 | ---- | M] () -- C:\WINDOWS\Prefetch\HTTPD.EXE-17DD672C.pf [2010/09/01 18:06:41 | 000,016,220 | ---- | M] () -- C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf [2010/08/27 23:07:07 | 000,016,744 | ---- | M] () -- C:\WINDOWS\Prefetch\INSTALADOR_RAGNAONE_V6.5.2.EX-0D248E05.pf [2010/08/29 18:28:11 | 000,023,660 | ---- | M] () -- C:\WINDOWS\Prefetch\JAUCHECK.EXE-1B73FEF3.pf [2010/09/01 15:37:51 | 000,083,982 | ---- | M] () -- C:\WINDOWS\Prefetch\JAVAW.EXE-109B1B69.pf [2010/09/01 15:09:02 | 000,016,472 | ---- | M] () -- C:\WINDOWS\Prefetch\JAVAWS.EXE-062D5CF6.pf [2010/09/01 15:37:52 | 000,011,280 | ---- | M] () -- C:\WINDOWS\Prefetch\JAVAWS.EXE-15D32DE0.pf [2010/08/31 01:08:12 | 000,049,364 | ---- | M] () -- C:\WINDOWS\Prefetch\JQS.EXE-047A496E.pf [2010/09/01 18:09:53 | 000,007,176 | ---- | M] () -- C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-39AFFB8A.pf [2010/08/31 19:07:45 | 000,009,584 | ---- | M] () -- C:\WINDOWS\Prefetch\JUSCHED.EXE-153A82FA.pf [2010/08/27 20:57:29 | 000,054,054 | ---- | M] () -- C:\WINDOWS\Prefetch\L2.EXE-0DE7400F.pf [2010/08/31 21:28:39 | 000,459,482 | ---- | M] () -- C:\WINDOWS\Prefetch\Layout.ini [2010/08/29 12:59:37 | 000,005,510 | ---- | M] () -- C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf [2010/09/01 16:29:45 | 000,019,836 | ---- | M] () -- C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf [2010/08/27 21:31:12 | 000,035,646 | ---- | M] () -- C:\WINDOWS\Prefetch\MIX.EXE-1A1EE858.pf [2010/08/29 00:36:43 | 000,032,150 | ---- | M] () -- C:\WINDOWS\Prefetch\MMC.EXE-39071BCC.pf [2010/09/01 18:06:47 | 000,067,906 | ---- | M] () -- C:\WINDOWS\Prefetch\MSNMSGR.EXE-304664B4.pf [2010/09/01 17:06:39 | 000,022,928 | ---- | M] () -- C:\WINDOWS\Prefetch\MSPAINT.EXE-11CBB631.pf [2010/09/01 18:08:40 | 000,018,558 | ---- | M] () -- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf [2010/08/28 12:45:07 | 000,038,660 | ---- | M] () -- C:\WINDOWS\Prefetch\NPKCUSB.DLL-3B13A8CE.pf [2010/09/01 17:36:45 | 001,431,552 | ---- | M] () -- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf [2010/08/31 01:08:13 | 000,024,210 | ---- | M] () -- C:\WINDOWS\Prefetch\NVSVC32.EXE-1F9EED18.pf [2010/09/01 15:56:44 | 000,044,540 | ---- | M] () -- C:\WINDOWS\Prefetch\OIS.EXE-2FECE659.pf [2010/08/27 21:11:02 | 000,065,520 | ---- | M] () -- C:\WINDOWS\Prefetch\OUTLOOK.EXE-3413D956.pf [2010/09/01 15:27:44 | 000,019,150 | ---- | M] () -- C:\WINDOWS\Prefetch\PHOTOFILTRE.EXE-14F1A042.pf [2010/09/01 18:10:22 | 000,057,384 | ---- | M] () -- C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-17C663B2.pf [2010/08/25 08:06:14 | 000,046,764 | ---- | M] () -- C:\WINDOWS\Prefetch\POWERPNT.EXE-1FCAD291.pf [2010/08/27 21:32:24 | 000,016,438 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGEXE.EXE-3A4E8106.pf [2010/08/28 12:40:40 | 000,049,008 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAEXE.BIN-049815E6.pf [2010/08/28 12:40:29 | 000,024,278 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAEXE.EXE-050D2CD7.pf [2010/08/29 18:44:11 | 000,040,072 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAFOR.EXE-18B84C66.pf [2010/08/23 18:05:12 | 000,011,048 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNANIME - ARTHAS 1.3A.EXE-220AC257.pf [2010/08/31 19:24:23 | 000,011,422 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNANIME - ARTHAS 1.3A.EXE-39F5157F.pf [2010/08/28 12:40:20 | 000,043,242 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAONE.EXE-3006E955.pf [2010/08/27 21:32:11 | 000,038,106 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAROK.EXE-1847C32F.pf [2010/08/27 21:32:37 | 000,052,296 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNAROK.EXE-35430489.pf [2010/08/28 12:51:46 | 000,017,780 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNASONY.EXE-01A91F6D.pf [2010/08/29 00:28:19 | 000,065,322 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNASONY.EXE-067DAC89.pf [2010/08/28 12:44:59 | 000,038,612 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGNASONY.EXE-141F7D64.pf [2010/08/28 12:52:30 | 000,035,998 | ---- | M] () -- C:\WINDOWS\Prefetch\RAGSONY.EXE-255B23D6.pf [2010/08/28 12:39:52 | 000,039,080 | ---- | M] () -- C:\WINDOWS\Prefetch\RENA-RO AUTOPATCH.EXE-3108A9D0.pf [2010/08/31 20:23:41 | 000,042,224 | ---- | M] () -- C:\WINDOWS\Prefetch\RN.BIN-21429D97.pf [2010/08/31 20:23:31 | 000,026,404 | ---- | M] () -- C:\WINDOWS\Prefetch\RN.EXE-293232BE.pf [2010/08/29 00:36:42 | 000,029,870 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-12B7EA69.pf [2010/08/31 01:09:17 | 000,030,228 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-14FC201E.pf [2010/09/01 15:44:32 | 000,015,582 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1619A94E.pf [2010/08/31 01:08:03 | 000,015,286 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1857459C.pf [2010/08/30 13:13:11 | 000,018,870 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-188DF14E.pf [2010/08/25 08:43:15 | 000,015,028 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1DB8DA2D.pf [2010/08/28 12:51:37 | 000,030,898 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2576181F.pf [2010/08/24 11:28:12 | 000,011,442 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf [2010/08/28 12:29:22 | 000,013,526 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-28FBFF05.pf [2010/08/26 14:33:08 | 000,020,784 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf [2010/08/26 14:33:08 | 000,020,916 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf [2010/08/25 08:02:59 | 000,015,196 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-307057F0.pf [2010/08/30 13:13:21 | 000,015,948 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-32C8678F.pf [2010/09/01 15:44:32 | 000,022,322 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf [2010/08/28 12:28:02 | 000,021,562 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-396671E0.pf [2010/09/01 18:06:45 | 000,025,320 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf [2010/09/01 15:38:23 | 000,068,576 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-41F1E535.pf [2010/08/29 00:36:59 | 000,013,856 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-429BC680.pf [2010/09/01 16:55:07 | 000,011,430 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf [2010/08/28 12:40:25 | 000,066,612 | ---- | M] () -- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B58B826.pf [2010/09/01 15:50:27 | 000,017,228 | ---- | M] () -- C:\WINDOWS\Prefetch\SAMP.EXE-04EF06B6.pf [2010/09/01 18:01:00 | 000,009,188 | ---- | M] () -- C:\WINDOWS\Prefetch\SAUPDATE.EXE-06D90150.pf [2010/08/28 12:39:43 | 000,038,692 | ---- | M] () -- C:\WINDOWS\Prefetch\SECRETRO.EXE-3334E477.pf [2010/08/27 21:18:16 | 000,052,314 | ---- | M] () -- C:\WINDOWS\Prefetch\SETUPMIX-RO.EXE-0A490E0E.pf [2010/09/01 18:06:47 | 000,065,696 | ---- | M] () -- C:\WINDOWS\Prefetch\SKYPE.EXE-2CDF188C.pf [2010/09/01 18:07:09 | 000,029,286 | ---- | M] () -- C:\WINDOWS\Prefetch\SKYPEPM.EXE-1D0B78E9.pf [2010/08/29 18:42:59 | 000,079,002 | ---- | M] () -- C:\WINDOWS\Prefetch\SLAVERO.EXE-0757559E.pf [2010/09/01 00:55:39 | 000,014,572 | ---- | M] () -- C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf [2010/09/01 15:44:32 | 000,043,344 | ---- | M] () -- C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf [2010/09/01 18:02:58 | 000,018,066 | ---- | M] () -- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf [2010/08/31 20:41:11 | 000,044,306 | ---- | M] () -- C:\WINDOWS\Prefetch\TEAMSPEAK.EXE-3432C314.pf [2010/08/25 08:01:28 | 000,033,526 | ---- | M] () -- C:\WINDOWS\Prefetch\TORTOISEPROC.EXE-022F1930.pf [2010/09/01 18:06:44 | 000,017,536 | ---- | M] () -- C:\WINDOWS\Prefetch\TSVNCACHE.EXE-2E3F13BB.pf [2010/09/01 15:38:36 | 000,011,558 | ---- | M] () -- C:\WINDOWS\Prefetch\UNINST.EXE-1840D976.pf [2010/09/01 16:28:51 | 000,049,526 | ---- | M] () -- C:\WINDOWS\Prefetch\UPDATE.EXE-1A7F43AA.pf [2010/09/01 18:01:00 | 000,014,750 | ---- | M] () -- C:\WINDOWS\Prefetch\UPDATETASK.EXE-32C5BDE0.pf [2010/08/31 19:07:43 | 000,076,346 | ---- | M] () -- C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf [2010/09/01 15:44:32 | 000,014,584 | ---- | M] () -- C:\WINDOWS\Prefetch\WDFMGR.EXE-2CF4013B.pf [2010/09/01 00:10:27 | 000,087,700 | ---- | M] () -- C:\WINDOWS\Prefetch\WINAMP.EXE-22EEEFC3.pf [2010/09/01 16:25:11 | 000,162,020 | ---- | M] () -- C:\WINDOWS\Prefetch\WINRAR.EXE-09D6614C.pf [2010/08/31 22:17:46 | 000,114,694 | ---- | M] () -- C:\WINDOWS\Prefetch\WINWORD.EXE-2F4074DC.pf [2010/08/26 14:40:12 | 000,019,460 | ---- | M] () -- C:\WINDOWS\Prefetch\WISPTIS.EXE-0C21B942.pf [2010/09/01 17:06:07 | 000,052,892 | ---- | M] () -- C:\WINDOWS\Prefetch\WLCOMM.EXE-0889FC35.pf [2010/09/01 15:44:32 | 000,022,720 | ---- | M] () -- C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf [2010/09/01 18:09:20 | 000,070,170 | ---- | M] () -- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf [2010/09/01 17:36:47 | 000,061,702 | ---- | M] () -- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf [2010/08/31 19:24:33 | 000,039,356 | ---- | M] () -- C:\WINDOWS\Prefetch\_INST1.EXE-2378FB7D.pf < %SystemDrive%\documents and settings\All Users\Dados de aplicativos\*.* > [2002/02/21 02:38:40 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini < %SystemDrive%\documents and settings\All Users\Dados de aplicativos\* > [2002/02/21 02:38:40 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini < %SystemDrive%\documents and settings\All Users\Menu iniciar\Programas\Inicializar\*.* > [2002/02/21 05:49:08 | 000,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\desktop.ini < %SystemDrive%\documents and settings\User\Configurações Locais\Temp\*.* > < netsvcs > ========== Alternate Data Streams ========== @Alternate Data Stream - 574 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:05EE1EEF @Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:4EE74317 @Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E41EAF13 < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 1, 2010 Não encontrei sinais do que eu esperava... Informe se consegue acessar o site abaixo: http://eset.com/onlinescan Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 1, 2010 sim consegui eu desativei o avira.. ele tava que nem um louco afirmando virus em uma pah de programa... o que eu faço ? Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 1, 2010 Bom...vamos devagar. 1. *Execute o FindyKill *Tecle P > [ENTER] *Tecle 4 > [ENTER] *Delete a pasta C:\FyK 2. *Baixe o MalwareBytes Anti-malware e salve-o no desktop *Instale o programa e aguarde a atualização *O programa será aberto automaticamente *Na aba [Verificação], selecione [Verificação completa] *Clique [Verificar] e selecione as partições a serem examinadas (geralmente C:\ e D:\) *Ao finalizar o scan, clique [sIM] > [OK] > [Mostrar Resultados] *Clique [Remover Selecionados] *Cole o relatório apresentado Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 1, 2010 ok, tens msn cara ? me manda por pm se puder ... Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 1, 2010 ok, tens msn cara ? me manda por pm se puder ... Não consegue baixar? Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 1, 2010 tipo ... nao o programa ... perguntei seu msn .. hotmail.... e talz Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 1, 2010 *Faça um scan online com o NOD32 *Ao término cole o relatório criado em C:\Arquivos de programas\EsetOnlineScanner\log Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 1, 2010 Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Versão da Base de Dados: 4525 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 1/9/2010 19:38:36 mbam-log-2010-09-01 (19-38-36).txt Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|F:\|G:\|) Objetos escaneados: 254956 Tempo decorrido: 40 minuto(s), 41 segundo(s) Processos de Memória Infectados: 0 Módulos de Memória Infectados: 0 Chaves de Registro Infectadas: 3 Valores de Registro Infectados: 1 Itens de Dados no Registro Infectados: 4 Pastas Infectadas: 9 Arquivos Infectados: 42 Processos de Memória Infectados: (Não foram detectados ítens maliciosos) Módulos de Memória Infectados: (Não foram detectados ítens maliciosos) Chaves de Registro Infectadas: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DRM\amty (Worm.Autorun) -> Quarantined and deleted successfully. Valores de Registro Infectados: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\csrcs (Trojan.Agent) -> Quarantined and deleted successfully. Itens de Dados no Registro Infectados: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Pastas Infectadas: C:\Arquivos de programas\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Iniciar\Programas\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully. Arquivos Infectados: C:\Arquivos de programas\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\dskinliteu.dll (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\player.dat (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_default.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_disable.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Button\button_normal.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonDown.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonHot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonNor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\ComboBox\edit_back.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menubg.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_arrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_check.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menuitem_select.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_seperator.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\BottomBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\downarrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\LeftBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\main.ico (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\RightBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Arquivos de programas\FLV Direct Player\SkinDirectFLV\skin\Window\TitlePattern.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Iniciar\Programas\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Iniciar\Programas\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. Malwarebytes ... vo renicia e ja volto ... pra escania com o nod Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 1, 2010 1. *Execute o Malwarebytes, e na aba [Quarentena], selecione todos os resultados e clique [Apagar tudo] *Clique na aba [Logs], selecione o relatório e clique [Apagar] Aguardo scan do NOD32 Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 1, 2010 Ei, o avira continua acusando a porrada de virus... é normal ? Tipo ... queria saber se deu pau... pq até meu driver da nvdia n ta conseguindo starta com o pc Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 1, 2010 Ei, o avira continua acusando a porrada de virus... é normal ? Tipo ... queria saber se deu pau... pq até meu driver da nvdia n ta conseguindo starta com o pc É preciso saber qual a contaminação.... Faça o scan online. Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 2, 2010 Estou fazendo. Já deve estar no fim. ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=bda6e101e7ab0343874607ccac1d0147 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2010-09-02 02:09:16 # local_time=2010-09-01 11:09:16 (-0300, Hora oficial do Brasil) # country="Brazil" # lang=1033 # osver=5.1.2600 NT Service Pack 2 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=1024 16777215 100 0 0 0 0 0 # compatibility_mode=1797 16775125 100 94 0 55100361 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=100056 # found=12 # cleaned=12 # scan_time=11517 C:\Arquivos de programas\APT\Game.exe probably a variant of Win32/Genetik trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Heroes of Newerth\hon.exe Win32/DunDun.A virus (cleaned - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Lineage II\et.exe probably a variant of Win32/Obfuscated.JNTDCSU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Lineage II\system76\L2.bin a variant of Win32/Packed.Themida application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Microsoft Office\OFFICE11\OIS.EXE Win32/DunDun.A virus (cleaned - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\XP\Desktop\Coisas\Arquivos\MsgPlusLive-483.exe a variant of Win32/Adware.CiDHelp application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\XP\Desktop\Coisas\Arquivos\vdownloader.zip probably a variant of Win32/Agent.ILZCTEN trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\XP\Desktop\Coisas\Arquivos\#Programas\AutoClick.exe Win32/TrojanClicker.Agent.NFX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\XP\Desktop\OTSERVS\New Slayer Yurots.rar probably a variant of Win32/Delf.HXDCJEE trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\XP\Meus documentos\ArcadePT_Alfa_Patch_V3.rar probably a variant of Win32/Genetik trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\XP\Meus documentos\MiniPatchAlfa3.1.rar probably a variant of Win32/Genetik trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\XP\Meus documentos\Downloads\The Sims 2\Games\07_Glamour Life Stuff\The Sims 2 - Glamour Life Stuff.iso probably a variant of Win32/Agent.LNDZOZL trojan (deleted - quarantined) 00000000000000000000000000000000 C esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=bda6e101e7ab0343874607ccac1d0147 # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2010-09-02 02:14:35 # local_time=2010-09-01 11:14:35 (-0300, Hora oficial do Brasil) # country="Brazil" # lang=1033 # osver=5.1.2600 NT Service Pack 2 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=1024 16777215 100 0 0 0 0 0 # compatibility_mode=1797 16775125 100 94 0 55112173 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=1359 # found=0 # cleaned=0 # scan_time=22 Desculpa a demora.... Tinha muita coisa pra escania, muita mesmo kkkk.. Irei dormir agora.. amanha volto, por favor, descubra o problema se possivel ;D abraço Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Setembro 2, 2010 Verifique se o Avira ainda acusa algo e informe. 1. *Execute o arquivo c:\arquivos de programas\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe 2. Abra o Spybot No menu superior, clique em [Modo] > [Avançado] e confirme. Clique em [Ferramentas] > [Residente] Desmarque a opção Ativar "TeaTimer" do Residente (proteção geral das configurações de sistema). Feche o programa. 3. *Baixe o AD-Remover e salve-o no desktop *Execute o AD-Remover *Clique [Clean]...aguarde o término. A reinicialização do PC poderá ou não ser solicitada pelo programa. *Cole o relatório C:\Ad-Report-CLEAN.log e novo log do hijack Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 2, 2010 ComboFix 10-09-01.02 - XP 01/09/2010 23:50:05.1.4 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.2047.1527 [GMT -3:00] Executando de: c:\documents and settings\XP\Desktop\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\arquivos de programas\APT\StartImage\_desktop.ini c:\arquivos de programas\APT\StartImage\login\_desktop.ini c:\arquivos de programas\APT\StartImage\MessageBox\_desktop.ini c:\arquivos de programas\APT\StartImage\MessageBox\BellaBox\_desktop.ini c:\arquivos de programas\APT\StartImage\MessageBox\ChatBox\_desktop.ini c:\arquivos de programas\APT\StartImage\MessageBox\ClanBox\_desktop.ini c:\arquivos de programas\APT\StartImage\MessageBox\NormalBox\_desktop.ini c:\arquivos de programas\Gravity\Ragnarok Online\skin\default\basic_interface\_desktop.ini c:\arquivos de programas\Gravity\Ragnarok Online\skin\Scribbling Kid\_desktop.ini c:\arquivos de programas\Gravity\Ragnarok Online\skin\Scribbling Kid\basic_interface\_desktop.ini . (((((((((((((((( Arquivos/Ficheiros criados de 2010-08-02 to 2010-09-02 )))))))))))))))))))))))))))) . 2010-09-01 22:50 . 2010-09-01 22:50 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\nView_Profiles 2010-09-01 22:45 . 2010-09-01 22:45 -------- d-----w- c:\arquivos de programas\ESET 2010-09-01 21:55 . 2010-09-01 21:55 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Malwarebytes 2010-09-01 21:55 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-01 21:55 . 2010-09-01 21:55 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2010-09-01 21:55 . 2010-09-01 21:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes 2010-09-01 21:55 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-01 20:26 . 2010-09-01 21:50 -------- d-----w- C:\FyK 2010-09-01 19:08 . 2010-09-01 20:21 -------- d-----w- C:\UsbFix 2010-09-01 18:09 . 2010-09-01 18:09 65024 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-dx8_64.dll 2010-09-01 18:09 . 2010-09-01 18:09 62464 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-raw_64.dll 2010-09-01 18:09 . 2010-09-01 18:09 61952 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-dx8.dll 2010-09-01 18:09 . 2010-09-01 18:09 59392 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-raw.dll 2010-09-01 18:09 . 2010-09-01 18:09 56832 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\9\e375149-59bc6b39-n\jinput-wintab.dll 2010-08-28 15:51 . 2010-08-28 16:56 -------- d-----w- C:\RagnaSony 2010-08-22 21:54 . 2010-08-22 21:54 -------- d-----w- C:\PopGameBox 2010-08-08 15:11 . 2010-08-08 15:11 503808 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-10cffe1e-n\msvcp71.dll 2010-08-08 15:11 . 2010-08-08 15:11 499712 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-10cffe1e-n\jmc.dll 2010-08-08 15:11 . 2010-08-08 15:11 348160 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-10cffe1e-n\msvcr71.dll 2010-08-08 15:11 . 2010-08-08 15:11 61440 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-7bc5e408-n\decora-sse.dll 2010-08-08 15:11 . 2010-08-08 15:11 12800 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-7bc5e408-n\decora-d3d.dll 2010-08-07 06:47 . 2010-08-07 06:47 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Blizzard Entertainment . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-02 02:57 . 2010-03-02 19:50 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Akamai 2010-09-02 02:56 . 2010-02-12 20:16 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Skype 2010-09-02 02:45 . 2010-04-03 00:04 -------- d-----w- c:\arquivos de programas\Free Offers from Freeze.com 2010-09-02 02:24 . 2009-12-02 22:08 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2010-09-02 01:32 . 2009-12-02 21:07 -------- d-----w- c:\arquivos de programas\uTorrent 2010-09-02 01:32 . 2009-12-06 00:39 -------- d-----w- c:\arquivos de programas\San Andreas Mod Installer 2010-09-01 23:49 . 2010-04-30 22:07 -------- d-----w- c:\arquivos de programas\Lineage II 2010-09-01 23:27 . 2009-12-03 20:05 -------- d-----w- c:\arquivos de programas\Heroes of Newerth 2010-09-01 23:05 . 2010-06-27 01:17 -------- d-----w- c:\arquivos de programas\APT 2010-09-01 20:07 . 2010-02-12 20:19 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\skypePM 2010-09-01 19:31 . 2009-12-19 06:38 -------- d-----w- c:\arquivos de programas\PhotoFiltre 2010-08-31 22:33 . 2010-02-16 03:14 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Free Download Manager 2010-08-24 22:24 . 2009-12-07 17:36 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\teamspeak2 2010-08-23 18:22 . 2010-08-23 18:18 332612446 ----a-w- c:\arquivos de programas\Valve.rar 2010-08-23 16:33 . 2010-07-21 03:00 -------- d-----w- c:\arquivos de programas\Diablo II 2010-08-23 16:04 . 2009-12-17 00:10 -------- d-----w- c:\arquivos de programas\Warcraft III 2010-08-23 16:04 . 2009-12-17 18:16 -------- d-----w- c:\arquivos de programas\Garena 2010-08-14 20:09 . 2010-07-27 19:59 -------- d-----w- c:\arquivos de programas\SystemRequirementsLab 2010-08-14 02:20 . 2010-04-04 18:40 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Norton 2010-08-12 22:53 . 2010-02-08 21:54 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\LimeWire 2010-08-12 22:18 . 2009-12-02 20:59 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\uTorrent 2010-08-11 14:32 . 2009-12-04 22:37 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP 2010-07-25 22:17 . 2009-12-01 20:45 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\sqlitestudio 2010-07-21 03:10 . 2010-07-21 03:04 40051 ----a-w- c:\windows\DIIUnin.dat 2010-07-21 03:09 . 2009-12-01 15:04 21840 ----atw- c:\windows\system32\SIntfNT.dll 2010-07-21 03:09 . 2009-12-01 15:04 17212 ----atw- c:\windows\system32\SIntf32.dll 2010-07-21 03:09 . 2009-12-01 15:04 12067 ----atw- c:\windows\system32\SIntf16.dll 2010-07-21 03:04 . 2010-07-21 03:04 94208 ----a-w- c:\windows\DIIUnin.exe 2010-07-21 03:04 . 2010-07-21 03:04 2829 ----a-w- c:\windows\DIIUnin.pif 2010-07-21 02:59 . 2010-07-21 02:48 -------- d-----w- c:\arquivos de programas\dddd 2010-07-21 02:47 . 2010-02-04 01:52 -------- d-----w- c:\arquivos de programas\Sierra On-Line 2010-07-20 20:37 . 2010-07-20 20:37 3352628 ----a-w- c:\arquivos de programas\Remere's Map Editor.rar 2010-07-20 02:34 . 2010-05-02 00:38 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\TortoiseSVN 2010-07-19 20:31 . 2010-06-27 21:16 -------- d-----w- c:\arquivos de programas\Tibia8.57 2010-07-18 23:29 . 2009-12-05 04:41 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Tibia 2010-07-18 21:25 . 2010-07-18 21:25 -------- d-----w- c:\documents and settings\XP\Dados de aplicativos\Remere's Map Editor 2010-07-18 21:25 . 2010-07-18 21:25 -------- d-----w- c:\arquivos de programas\Remere's Map Editor 2010-07-18 07:16 . 2010-05-15 11:14 -------- d-----w- c:\arquivos de programas\Rockstar Games 2010-07-18 07:07 . 2009-11-30 13:47 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2010-07-18 05:51 . 2010-07-18 05:47 -------- d-----w- c:\arquivos de programas\EasyPHP1-7 2010-07-18 04:31 . 2010-04-02 13:21 41 ----a-w- c:\documents and settings\XP\jagex__preferences3.dat 2010-07-18 04:31 . 2010-03-06 21:55 46 ----a-w- c:\documents and settings\XP\jagex_runescape_preferences.dat 2010-07-18 04:29 . 2010-03-06 21:57 99 ----a-w- c:\documents and settings\XP\jagex_runescape_preferences2.dat 2010-07-18 00:43 . 2010-05-13 21:03 -------- d-----w- c:\arquivos de programas\Heroes of Newerth - Extreme 2010-07-13 00:22 . 2009-12-08 20:56 -------- d-----w- c:\arquivos de programas\Valve 2010-07-13 00:22 . 2010-02-03 19:36 -------- d-----w- c:\arquivos de programas\sXe Injected 2010-07-05 04:09 . 2010-07-05 04:09 -------- d-----w- c:\arquivos de programas\Fake Webcam 2010-07-05 04:09 . 2010-07-05 04:09 -------- d-----w- c:\arquivos de programas\Arquivos comuns\fwc 2010-06-27 21:46 . 2010-06-27 21:46 3577605 ----a-w- c:\arquivos de programas\TibiaBot NG4.rar 2010-06-23 17:26 . 2010-06-27 18:45 11449688 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sony Online Entertainment\Installed Games\Free Realms\FreeRealms.exe 2010-06-23 17:20 . 2010-06-27 18:43 94208 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sony Online Entertainment\Installed Games\Free Realms\GraphicsDriver.dll 2010-06-23 17:19 . 2010-06-27 18:45 2854912 ----a-w- c:\documents and settings\XP\Dados de aplicativos\Sony Online Entertainment\Installed Games\Free Realms\GFxWrap.dll 2010-06-20 14:21 . 2001-10-28 17:07 71938 ----a-w- c:\windows\system32\perfc016.dat 2010-06-20 14:21 . 2001-10-28 17:07 436754 ----a-w- c:\windows\system32\perfh016.dat . ------- Sigcheck ------- [-] 2009-06-10 . C332E43B1C3AFDEF239C32CD1E5D0A4E . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-02-04 19:50 1197448 ----a-w- c:\arquivos de programas\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\arquivos de programas\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\arquivos de programas\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 11:55 87304 ----a-w- c:\arquivos de programas\Arquivos comuns\TortoiseOverlays\TortoiseOverlays.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "Skype"="c:\arquivos de programas\Skype\Phone\Skype.exe" [2010-05-13 26192168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-21 13680640] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2004-08-04 101376] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [HKLM\~\startupfolder\C:^Documents and Settings^XP^Menu Iniciar^Programas^Inicializar^Aeon - Lineage II.lnk] path=c:\documents and settings\XP\Menu Iniciar\Programas\Inicializar\Aeon - Lineage II.lnk backup=c:\windows\pss\Aeon - Lineage II.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^XP^Menu Iniciar^Programas^Inicializar^Warcraft Config.lnk] path=c:\documents and settings\XP\Menu Iniciar\Programas\Inicializar\Warcraft Config.lnk backup=c:\windows\pss\Warcraft Config.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06 976832 ----a-w- c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 06:08 35696 ----a-w- c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2008-06-19 08:20 57344 ----a-w- c:\windows\ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] 2009-03-02 15:08 209153 ----a-w- c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-06-27 21:03 152872 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2004-08-04 02:45 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-10-30 11:57 369200 ----a-w- c:\arquivos de programas\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallIQUpdater] 2010-02-23 23:45 982528 ----a-w- c:\arquivos de programas\W3i\InstallIQUpdater\InstallIQUpdater.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] 2010-03-30 14:16 1820040 ----a-w- c:\arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 18:44 3883840 ------w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 17:57 153136 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2009-01-21 16:08 13680640 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2009-01-21 16:08 86016 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2009-01-21 16:08 1657376 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] 2010-05-18 21:13 2938552 ----a-w- c:\arquivos de programas\Pando Networks\Media Booster\PMB.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2003-12-08 19:35 32768 ----a-w- c:\arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2008-11-17 08:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 18:07 2260480 --sha-r- c:\arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 14:43 248040 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Orbitdownloader\\orbitdm.exe"= "c:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe"= "c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Arquivos de programas\\Garena\\Garena.exe"= "c:\\Arquivos de programas\\Heroes of Newerth\\hon.exe"= "c:\\Arquivos de programas\\Valve\\hl.exe"= "c:\\Arquivos de programas\\Valve\\hlds.exe"= "c:\\Arquivos de programas\\EA GAMES\\Battlefield 2\\BF2.exe"= "c:\\Arquivos de programas\\Microsoft Games\\Age of Mythology\\aomx.exe"= "c:\\Arquivos de programas\\Heroes of Newerth - Extreme\\hon.exe"= "c:\\Arquivos de programas\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Riot Games\\League of Legends\\air\\LolClient.exe"= "c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"= "c:\\Arquivos de programas\\Microsoft Games\\Age of Mythology\\aom.exe"= "c:\\Arquivos de programas\\BYOND\\bin\\byond.exe"= "c:\\Arquivos de programas\\Turbine\\DDO Unlimited\\dndclient.exe"= "c:\\AppServ\\Apache2.2\\bin\\httpd.exe"= "c:\\Documents and Settings\\XP\\Desktop\\OTSERVS\\PortaSafe.AntiNuker.xh0t\\Portsafe_Anti-Nuker_.exe"= "c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58472:TCP"= 58472:TCP:Pando Media Booster "58472:UDP"= 58472:UDP:Pando Media Booster "5910:TCP"= 5910:TCP:vnc5910 "56227:TCP"= 56227:TCP:Pando Media Booster "56227:UDP"= 56227:UDP:Pando Media Booster "8377:TCP"= 8377:TCP:League of Legends Launcher "8377:UDP"= 8377:UDP:League of Legends Launcher "8378:TCP"= 8378:TCP:League of Legends Launcher "8378:UDP"= 8378:UDP:League of Legends Launcher "6944:TCP"= 6944:TCP:League of Legends Launcher "6944:UDP"= 6944:UDP:League of Legends Launcher "6974:TCP"= 6974:TCP:League of Legends Launcher "6974:UDP"= 6974:UDP:League of Legends Launcher "6905:TCP"= 6905:TCP:League of Legends Launcher "6905:UDP"= 6905:UDP:League of Legends Launcher "8379:TCP"= 8379:TCP:League of Legends Launcher "8379:UDP"= 8379:UDP:League of Legends Launcher "8090:TCP"= 8090:TCP:AppServ "1040:TCP"= 1040:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [3/8/2004 23:45 14336] R2 AntiVirSchedulerService;Avira AntiVir Programador;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [15/3/2010 20:44 108289] R2 Apache2.2;Apache2.2;c:\appserv\Apache2.2\bin\httpd.exe [17/1/2008 14:37 24635] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\arquivos de programas\LogMeIn Hamachi\hamachi-2.exe [30/3/2010 11:16 1107336] S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [30/5/2010 16:27 136176] S3 ddsxeiservice;ddsxeiservice2;c:\arquivos de programas\sXe Injected\ddsxei.sys [28/5/2010 03:04 91776] S3 extrem.sys;extrem;\??\c:\docume~1\XP\CONFIG~1\Temp\extrem.sys --> c:\docume~1\XP\CONFIG~1\Temp\extrem.sys [?] S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\XP\CONFIG~1\Temp\SPJ30.tmp --> c:\docume~1\XP\CONFIG~1\Temp\SPJ30.tmp [?] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 XDva297;XDva297;\??\c:\windows\system32\XDva297.sys --> c:\windows\system32\XDva297.sys [?] S3 XDva315;XDva315;\??\c:\windows\system32\XDva315.sys --> c:\windows\system32\XDva315.sys [?] S3 XDva327;XDva327;\??\c:\windows\system32\XDva327.sys --> c:\windows\system32\XDva327.sys [?] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1/12/2009 11:40 691696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Conteúdo da pasta 'Tarefas Agendadas' 2010-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-05-30 19:27] 2010-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-05-30 19:27] 2010-09-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\arquivos de programas\Ask.com\UpdateTask.exe [2010-02-04 19:50] . . ------- Scan Suplementar ------- . uStart Page = about:blank mStart Page = hxxp://search.localstrike.com.ar/ uInternet Connection Wizard,ShellNext = hxxp://free.avg.com/br-pt.virbase-appf9?IDN=MGJmNjcyN2JlNjY1YzAwMA IE: &Download by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/204 IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm IE: Do&wnload selected by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/202 IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {67E1F43E-C21B-442E-818F-BF9CE65083BC} = 8.8.8.8,8.8.4.4 . - - - - ORFÃOS REMOVIDOS - - - - MSConfigStartUp-Software Informer - c:\arquivos de programas\Software Informer\softinfo.exe MSConfigStartUp-sysinfo - c:\docume~1\XP\CONFIG~1\Temp\62531170Wsy.dll AddRemove-ArenaBrasil.Net Mu - c:\windows\ArenaBrasil.Net AddRemove-DestroyerL2 - Patch - c:\arquivos de programas\Lineage II\Uninstal.exe AddRemove-L2PhX 3.1.8 - c:\documents and settings\XP\Desktop\Arquivos\PHX\Uninstal.exe AddRemove-Lineage 2 Hax - c:\arquivos de programas\Lineage II\Uninstal.exe AddRemove-Ragnarok Online - c:\windows\IFinst27.exe AddRemove-Ragnarok Sakray - c:\windows\IFinst27.exe AddRemove-ShowGames - c:\arquivos de programas\Lineage II\Uninstal.exe AddRemove-Sierra Utilities - c:\arquivos de programas\Sierra On-Line\sutil32.exe AddRemove-uTorrent - c:\arquivos de programas\uTorrent\uTorrent.exe AddRemove-System - c:\arquivos de programas\Lineage II\Uninstal.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-09-01 23:56 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\GarenaPEngine] "ImagePath"="\??\c:\docume~1\XP\CONFIG~1\Temp\SPJ30.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . Tempo para conclusão: 2010-09-02 00:00:20 ComboFix-quarantined-files.txt 2010-09-02 03:00 Pré-execução: 20 pasta(s) 177.415.491.584 bytes disponíveis Pós execução: 23 pasta(s) 177.380.663.296 bytes disponíveis WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - B56449B7614470A50CE911831AAD262D desculpa... eu pensei que você n iria entrar mais ... e fiz o combo fix pra deleta uma parada ele acusou isso Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 2, 2010 ======= REPORT FROM AD-REMOVER 2.0.0.1,E | ONLY XP/VISTA/7 ======= Updated by C_XX on 01/09/10 at 16:00 Contact: AdRemover.contact[AT]gmail.com website: http://pagesperso-orange.fr/NosTools/ad_remover.html C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 00:22:13 on 02/09/2010, Normal boot Microsoft Windows XP Professional Service Pack 2 (X86) XP@XP-MICR789 ( ) ============== ACTION(S) ============== 0,Folder deleted: C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,File deleted: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job 0,Folder deleted: C:\Arquivos de programas\Ask.com 0,Folder deleted: C:\Documents and Settings\XP\Configurações locais\Dados de aplicativos\AskToolbar 3,File deleted: C:\WINDOWS\Installer\94d44d.msi (!) -- Temporary files deleted. 1,Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} 1,Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} 1,Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} 1,Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} 1,Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} 0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd 0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 0,Key deleted: HKLM\Software\Classes\Toolbar.CT2284374 0,Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL 1,Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} 0,Key deleted: HKLM\Software\Freeze.com 0,Key deleted: HKCU\Software\Ask.com 0,Key deleted: HKCU\Software\AskToolbar 0,Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo 0,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\FLV Direct Player 3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} 3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} 3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} 0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== ** Internet Explorer Version [6.0.2900.2180] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Arquivos de programas\Ad-Remover\Quarantine: 17 File(s) C:\Arquivos de programas\Ad-Remover\Backup: 13 File(s) C:\Ad-Report-CLEAN[1].txt - 02/09/2010 (841 Byte(s)) End at: 00:23:11, 02/09/2010 ============== E.O.F ============== Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:26:36, on 2/9/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\TortoiseSVN\bin\TSVNCache.exe C:\Arquivos de programas\Skype\Phone\Skype.exe C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe C:\FirefoxPortable\FirefoxPortable.exe C:\FirefoxPortable\App\firefox\firefox.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\WINDOWS\system32\wscntfy.exe C:\FirefoxPortable\App\firefox\plugin-container.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\XP\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://free.avg.com/br-pt.virbase-appf9?IDN=MGJmNjcyN2JlNjY1YzAwMA O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG9\avgssie.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{67E1F43E-C21B-442E-818F-BF9CE65083BC}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8338 bytes Compartilhar este post Link para o post Compartilhar em outros sites
vasp 0 Denunciar post Postado Setembro 2, 2010 Ei, só uma observação, agora toda vez que renicia.. a parada da placa de video da erro diz que n foi possivel iniciar algo do tipo;... e outra o meu "msconfig" sumiu do system32... acho que o avira deletou ele ;/ Compartilhar este post Link para o post Compartilhar em outros sites
