Edvan 30 Denunciar post Postado Janeiro 18, 2012 Uma bobeira que dei e saí da sala, plugaram um pendriver infectado na minha maquina, resultado a pagina do IE muito lenta e as vezes dar algumas travadas.. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:30:12, on 18/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\ARQUIV~1\GbPlugin\GbpSv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedul2.exe C:\Arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe C:\Arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\SlimDrivers\SlimDrivers.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\Arquivos de programas\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [Acronis Serviço Scheduler2] "C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Arquivos de programas\Arquivos comuns\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [slimDrivers] "C:\Arquivos de programas\SlimDrivers\SlimDrivers.exe" -boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} (SurveillanceCtrl Control) - http://fabiodvr1.sytes.net:37779/webrec.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Acronis Serviço Scheduler2 (AcrSch2Svc) - Acronis - C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedul2.exe O23 - Service: Serviço de Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 9852 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 18, 2012 Boa Tarde! Edvan |- Iniciemos somente os diagnósticos,envolvendo ferramentas especializadas! /////°°°°°///// |- Baixe: < GabKiller > ( ... par 2011N2 ) |- Salve-o no desktop! |- Feche pastas que estejam abertas e execute a ferramenta. |- Para Windows Vista ou 7,clique direito e execute como administrador. |- Escolha a opção 1. Rechercher -> Aperte Enter! |- Aguarde a conclusão e poste o relatório: Rapport de recherche de GabKiller |- Para sair,aperte a opção "4. Quitter" -> Enter! /////°°°°°///// |- Baixe: < UsbFix > ( ...de C_XX & El Desaparecido ) |- Salve-o no desktop! |- Siga com sua instalação. |- Execute o arquivo UsbFix.exe,com um duplo clique. |- Escolha a opção "Recherche". |- Aguarde a conclusão e poste o relatório. ( C:\UsbFix.txt ) Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Janeiro 19, 2012 Mais uma vez obrigado pela força caro Digram, no final de tudo queria algumas orientações sua...pode ser? ====================================== Informations ====================================== Rapport de recherche de GabKiller Outil développé par 2011N2 Contact : lot12@hotmail.fr Site : http://2011n2.forumgratuit.fr/ Mis à jour le : 04/08/2011 à 13h | 1.45 par 2011N2 Début du scan de recherche : 17:10:58 Nom du PC : FUN0055 Système d'exploitation : VERSION 3.0 Système d'exploitation : Microsoft Windows XP Internet Explorer : VERSION 3.0 Internet Explorer : 8.0.6001.18702 Mozilla Firefox : VERSION 3.0 Mozilla Firefox : 9.0.1 (pt-BR) Mozilla Firefox : version 5 Mozilla Firefox : version 6 ############################# Éléments infectieux ############################# ============================ Section HKLM ============================ Présent : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkCrawler\Objects\WorkgroupCrawler Présent : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkCrawler\Objects\WorkgroupCrawler Présent : HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF} Présent : HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF} Présent : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkCrawler\Objects\WorkgroupCrawler Présent : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkCrawler\Objects\WorkgroupCrawler Présent : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkCrawler\Objects\WorkgroupCrawler Présent : HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF} Présent : HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF} Présent : HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF} Présent : HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF} Présent : HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF} Présent : HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661} ============================ Section HKCU ============================ ============================ Section HKCR ============================ ========================== Dossiers/Fichiers ========================== ================================================================================================ Fin du scan de recherche : 17:15:42 Copyright © 2011. Tous droits réservés. ############### EOF ############### ----------------x------------------------------- ############################## | UsbFix V 7.078 | [Pesquisa] Usuário: f003589 (Administrador) # FUN0055 Atualizado em 06/01/2012 por El Desaparecido Começou em 17:37:29 | 18/01/2012 Site: http://eldesaparecido.com Arquivo suspeito ? : http://eldesaparecido.com/upload.html Contato: contact@eldesaparecido.com PC: Intel (DG41WV) (X86-based PC) # Desktop Computer CPU: Processador Intel Pentium III Xeon (2593) RAM -> [ Total : 2009 | Free : 664 ] BIOS: BIOS Date: 01/07/09 15:28:41 Ver: 08.00.10 BOOT: Normal boot OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3 WB: Windows Internet Explorer 8.0.6001.18702 SC: Security Center Service [ Enabled ] WU: Windows Update Service [ Enabled ] FW: Windows FireWall Service [ Enabled ] C:\ (%systemdrive%) -> Disco fixo # 233 Gb (191 Mb livre - 82%) [] # NTFS D:\ -> CD-ROM F:\ -> Disco removível # 4 Gb (448 Mb livre - 12%) [EDVAN] # FAT32 ################## | Processos Ativos | C:\WINDOWS\System32\smss.exe (952) C:\WINDOWS\system32\csrss.exe (1020) C:\WINDOWS\system32\winlogon.exe (1044) C:\WINDOWS\system32\services.exe (1088) C:\WINDOWS\system32\lsass.exe (1100) C:\ARQUIV~1\GbPlugin\GbpSv.exe (1272) C:\WINDOWS\system32\svchost.exe (1348) C:\WINDOWS\system32\svchost.exe (1420) C:\WINDOWS\System32\svchost.exe (1544) C:\WINDOWS\system32\svchost.exe (1688) C:\WINDOWS\system32\svchost.exe (1784) C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (1896) C:\WINDOWS\system32\spoolsv.exe (504) C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedul2.exe (756) C:\Arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe (792) C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe (824) C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe (1016) C:\WINDOWS\system32\wdfmgr.exe (1224) C:\WINDOWS\System32\alg.exe (2688) C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe (1756) C:\WINDOWS\Explorer.EXE (2624) C:\WINDOWS\RTHDCPL.EXE (2964) C:\WINDOWS\system32\igfxtray.exe (2132) C:\WINDOWS\system32\hkcmd.exe (2904) C:\WINDOWS\system32\igfxpers.exe (3508) C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe (2276) C:\WINDOWS\system32\igfxsrvc.exe (3688) C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (936) C:\Arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe (2976) C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe (3332) C:\WINDOWS\system32\ctfmon.exe (2788) C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe (1764) C:\WINDOWS\system32\wuauclt.exe (4092) C:\Arquivos de programas\SlimDrivers\SlimDrivers.exe (1288) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1144) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1208) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1652) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1668) C:\Arquivos de programas\Internet Explorer\iexplore.exe (2316) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3344) C:\Arquivos de programas\Internet Explorer\iexplore.exe (728) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1564) C:\Arquivos de programas\Internet Explorer\iexplore.exe (2416) C:\Arquivos de programas\Internet Explorer\iexplore.exe (804) C:\Arquivos de programas\Internet Explorer\iexplore.exe (800) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3824) C:\Arquivos de programas\Internet Explorer\iexplore.exe (5736) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3944) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4348) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4264) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3560) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4780) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1192) C:\Arquivos de programas\Internet Explorer\iexplore.exe (5440) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4996) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4148) C:\Arquivos de programas\Adobe\Reader 8.0\Reader\AcroRd32.exe (5964) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3700) C:\Arquivos de programas\Internet Explorer\iexplore.exe (5656) C:\WINDOWS\system32\wbem\wmiprvse.exe (2148) C:\UsbFix\Go.exe (5180) ################## | Ficheiros # pastas infeciosos | Presente ! S:\Recycler\S-1-5-21-1482476501-3352491937-682996330-1013\server.exe Presente ! F:\AUTORUN.INF ################## | Registro | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{00ad370e-2ca3-11e1-a031-7071bc658018} Shell\AutoRun\Command = E:\AutoRun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{00ad3711-2ca3-11e1-a031-7071bc658018} Shell\AutoRun\Command = E:\AutoRun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{9310918c-2cd9-11e1-a032-7071bc658018} Shell\AutoRun\Command = E:\urDrive.exe HKCU\.\.\.\.\Explorer\MountPoints2\{b43cbff7-272c-11e1-a028-7071bc658018} Shell\AutoRun\Command = E:\urDrive.exe HKCU\.\.\.\.\Explorer\MountPoints2\{c1533f15-4051-11e1-b56e-7071bc658018} Shell\AutoRun\Command = Play.exe ################## | Vaccin | (!) Este computador não é vacinada! ################## | E.O.F | Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 19, 2012 Bom Dia! Edvan Mais uma vez obrigado pela força caro Digram, no final de tudo queria algumas orientações sua...pode ser? |- Se estiver ao meu alcance...lhe darei as orientações! /////°°°°°///// |- Lance,novamente,as ferramentas e escolha a opção Suppression. |- Poste seus relatórios! /////°°°°°///// |- Baixe: < > ( ...by OldTimer Tools ) |- Clique em Salvar! < > |- Salve-o no desktop! < > |- Duplo clique em OTL.exe --> Executar: |- Configure "Verificação de Arquivos",segundo a screenshot! |- Ps: Faça o mesmo para estes! |- Em "Exame Extra do Registro",assinale "Nenhum". netsvcs%SYSTEMDRIVE%\*.* %systemdrive%\drivers\*.exe %systemroot%\system32\drivers\*.* /64 %PROGRAMFILES%\*.* %LOCALAPPDATA%\*.exe %LOCALAPPDATA%\*.txt %LOCALAPPDATA%\*.ini %LOCALAPPDATA%\*.dll %LOCALAPPDATA%\*.dat %USERPROFILE%\*.exe %USERPROFILE%\*.txt %USERPROFILE%\*.ini %USERPROFILE%\*.dll %USERPROFILE%\*.dat /30 %systemroot%\system32\tasks\*.* /s /64 %windir%\tasks\*.* /s CREATERESTOREPOINT HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP /md5start iexplore.exe /md5stop SAVEMBR:0 |- Cole estas informações,que estão em vermelho,para o campo "Exames Personalizados/Correções". |- Clique em Verificar< > |- Concluindo,poste o relatório: OTL.txt Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Janeiro 19, 2012 =========== Informations =========== Mis à jour le : 07/08/2011 à 16h12 | 1.45 par 2011N2 Rapport de suppression de GabKiller par 2011N2 Contact : lot12@hotmail.fr Site : http://2011n2.forumgratuit.fr/ Début du nettoyage : 9:55:28 ###################################### Clés supprimées #################################### ============================ Section HKLM ============================ supprimé !! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkCrawler\Objects\WorkgroupCrawler supprimé !! HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF} supprimé !! HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661} ============================ Section HKCU ============================ ============================ Section HKCR ============================ ========================== Dossiers/Fichiers ======================== =================================== Fin du nettoyage : 10:01:04 Copyright © 2011. Tous droits réservés. ======== EOF ======== ############################## | UsbFix V 7.078 | [supressão] Usuário: f003589 (Administrador) # FUN0055 Atualizado em 06/01/2012 por El Desaparecido Começou em 10:02:11 | 19/01/2012 Site: http://eldesaparecido.com Arquivo suspeito ? : http://eldesaparecido.com/upload.html Contato: contact@eldesaparecido.com PC: Intel (DG41WV) (X86-based PC) # Desktop Computer CPU: Processador Intel Pentium III Xeon (2593) RAM -> [ Total : 2009 | Free : 510 ] BIOS: BIOS Date: 01/07/09 15:28:41 Ver: 08.00.10 BOOT: Normal boot OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3 WB: Windows Internet Explorer 8.0.6001.18702 SC: Security Center Service [ Enabled ] WU: Windows Update Service [ Enabled ] FW: Windows FireWall Service [ Enabled ] C:\ (%systemdrive%) -> Disco fixo # 233 Gb (191 Mb livre - 82%) [] # NTFS D:\ -> CD-ROM F:\ -> Disco removível # 4 Gb (448 Mb livre - 12%) [EDVAN] # FAT32 ################## | Processos Ativos | C:\WINDOWS\System32\smss.exe (952) C:\WINDOWS\system32\csrss.exe (1020) C:\WINDOWS\system32\winlogon.exe (1044) C:\WINDOWS\system32\services.exe (1088) C:\WINDOWS\system32\lsass.exe (1100) C:\ARQUIV~1\GbPlugin\GbpSv.exe (1272) C:\WINDOWS\system32\svchost.exe (1348) C:\WINDOWS\system32\svchost.exe (1420) C:\WINDOWS\System32\svchost.exe (1544) C:\WINDOWS\system32\svchost.exe (1688) C:\WINDOWS\system32\svchost.exe (1784) C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (1896) C:\WINDOWS\system32\spoolsv.exe (504) C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedul2.exe (756) C:\Arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe (792) C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe (824) C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe (1016) C:\WINDOWS\system32\wdfmgr.exe (1224) C:\WINDOWS\System32\alg.exe (2688) C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe (1756) C:\WINDOWS\Explorer.EXE (2624) C:\WINDOWS\RTHDCPL.EXE (2964) C:\WINDOWS\system32\igfxtray.exe (2132) C:\WINDOWS\system32\hkcmd.exe (2904) C:\WINDOWS\system32\igfxpers.exe (3508) C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe (2276) C:\WINDOWS\system32\igfxsrvc.exe (3688) C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (936) C:\Arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe (2976) C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe (3332) C:\WINDOWS\system32\ctfmon.exe (2788) C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe (1764) C:\WINDOWS\system32\wuauclt.exe (4092) C:\Arquivos de programas\SlimDrivers\SlimDrivers.exe (1288) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1144) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1208) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1652) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1668) C:\Arquivos de programas\Internet Explorer\iexplore.exe (2316) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3344) C:\Arquivos de programas\Internet Explorer\iexplore.exe (728) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1564) C:\Arquivos de programas\Internet Explorer\iexplore.exe (2416) C:\Arquivos de programas\Internet Explorer\iexplore.exe (804) C:\Arquivos de programas\Internet Explorer\iexplore.exe (800) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3824) C:\Arquivos de programas\Internet Explorer\iexplore.exe (5736) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3944) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4348) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4264) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3560) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4780) C:\Arquivos de programas\Internet Explorer\iexplore.exe (1192) C:\Arquivos de programas\Internet Explorer\iexplore.exe (5440) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4996) C:\Arquivos de programas\Internet Explorer\iexplore.exe (4148) C:\Arquivos de programas\Adobe\Reader 8.0\Reader\AcroRd32.exe (5964) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3700) C:\Arquivos de programas\Internet Explorer\iexplore.exe (5656) C:\Arquivos de programas\Internet Explorer\iexplore.exe (5256) C:\Arquivos de programas\Internet Explorer\iexplore.exe (3320) C:\UsbFix\Go.exe (3052) C:\WINDOWS\system32\wbem\wmiprvse.exe (812) ################## | Processos parados | Parado! C:\ARQUIV~1\GbPlugin\GbpSv.exe (1272) Parado! C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (1896) Parado! C:\WINDOWS\system32\spoolsv.exe (504) Parado! C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedul2.exe (756) Parado! C:\Arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe (792) Parado! C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe (824) Parado! C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe (1016) Parado! C:\WINDOWS\system32\wdfmgr.exe (1224) Parado! C:\WINDOWS\System32\alg.exe (2688) Parado! C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe (1756) Parado! C:\WINDOWS\Explorer.EXE (2624) Parado! C:\WINDOWS\RTHDCPL.EXE (2964) Parado! C:\WINDOWS\system32\igfxtray.exe (2132) Parado! C:\WINDOWS\system32\hkcmd.exe (2904) Parado! C:\WINDOWS\system32\igfxpers.exe (3508) Parado! C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe (2276) Parado! C:\WINDOWS\system32\igfxsrvc.exe (3688) Parado! C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (936) Parado! C:\Arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe (2976) Parado! C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe (3332) Parado! C:\WINDOWS\system32\ctfmon.exe (2788) Parado! C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe (1764) Parado! C:\WINDOWS\system32\wuauclt.exe (4092) Parado! C:\Arquivos de programas\SlimDrivers\SlimDrivers.exe (1288) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (1144) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (1208) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (1652) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (1668) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (2316) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (3344) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (728) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (1564) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (2416) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (800) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (3824) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (5736) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (3944) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (4348) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (4264) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (3560) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (4780) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (1192) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (5440) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (4996) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (4148) Parado! C:\Arquivos de programas\Adobe\Reader 8.0\Reader\AcroRd32.exe (5964) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (3700) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (5656) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (5256) Parado! C:\Arquivos de programas\Internet Explorer\iexplore.exe (3320) ################## | Ficheiros # pastas infeciosos | Supprimido ! C:\Recycler\S-1-5-21-2586132527-314635491-3328972525-21404 Supprimido ! C:\Recycler\S-1-5-21-57989841-1326574676-725345543-1003 Supprimido ! P:\Recycler\S-1-5-21-1482476501-3352491937-682996330-1013 Supprimido ! S:\Recycler\S-1-5-21-1482476501-3352491937-682996330-1013\server.exe Supprimido ! S:\Recycler\S-1-5-21-1482476501-3352491937-682996330-1013 Supprimido ! X:\Recycler\S-1-5-21-1482476501-3352491937-682996330-1013 Não supprimido ! F:\AUTORUN.INF (!) Ficheiros temporários suprimido. ################## | Registro | ################## | Mountpoints2 | Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{00ad370e-2ca3-11e1-a031-7071bc658018} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{9310918c-2cd9-11e1-a032-7071bc658018} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{b43cbff7-272c-11e1-a028-7071bc658018} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{c1533f15-4051-11e1-b56e-7071bc658018} ################## | Listing | [14/12/2011 - 12:55:31 | D ] C:\$NtUninstallXPSEP$ [17/01/2012 - 10:48:25 | D ] C:\Arquivos de programas [14/12/2011 - 12:25:48 | N | 0] C:\AUTOEXEC.BAT [14/12/2011 - 12:22:09 | N | 211] C:\boot.ini [02/03/2006 - 09:00:00 | N | 4952] C:\Bootfont.bin [14/12/2011 - 12:25:48 | N | 0] C:\CONFIG.SYS [14/12/2011 - 13:32:43 | D ] C:\Diskeeper [14/12/2011 - 14:34:34 | D ] C:\Documents and Settings [19/01/2012 - 10:01:04 | N | 1055] C:\Gabkiller_supp.txt [18/01/2012 - 14:26:54 | N | 388608] C:\HiJackThis.exe [18/01/2012 - 14:30:12 | N | 9853] C:\hijackthis.log [14/12/2011 - 12:32:24 | D ] C:\Intel [14/12/2011 - 12:25:48 | N | 0] C:\IO.SYS [14/12/2011 - 12:25:48 | N | 0] C:\MSDOS.SYS [14/12/2011 - 12:57:08 | RHD ] C:\MSOCache [02/03/2006 - 09:00:00 | N | 47564] C:\NTDETECT.COM [14/12/2011 - 13:21:41 | N | 251696] C:\ntldr [16/01/2012 - 07:31:47 | ASH | 2145386496] C:\pagefile.sys [17/01/2012 - 11:51:01 | D ] C:\Program Files [19/01/2012 - 09:55:14 | N | 2433] C:\Rapport Gabkiller.txt [19/01/2012 - 11:11:27 | SHD ] C:\RECYCLER [16/01/2012 - 07:57:37 | D ] C:\Sigap [14/12/2011 - 12:28:10 | SHD ] C:\System Volume Information [14/12/2011 - 12:43:21 | D ] C:\TempEI4 [19/01/2012 - 11:11:27 | D ] C:\UsbFix [19/01/2012 - 11:11:27 | A | 8543] C:\UsbFix.txt [17/01/2012 - 10:49:23 | D ] C:\WINDOWS [24/05/2011 - 12:15:52 | N | 126000384] F:\TrueImage2010_d_pt.exe [16/12/2011 - 17:22:40 | D ] F:\Treinamento-Funpec [16/12/2011 - 17:23:12 | D ] F:\Fotos-Funpec [18/12/2011 - 18:15:30 | N | 17155031] F:\PhotoScapeSetup_V3.5.rar [20/12/2011 - 08:42:14 | D ] F:\Windows 7 Loader [07/01/2012 - 18:55:30 | D ] F:\Fotos da Lagoa de Jacumã [07/01/2012 - 19:04:14 | N | 39401336] F:\QuickTimeInstaller.exe [16/05/2008 - 16:13:50 | N | 22894592] F:\AdbeRdr810_pt_BR.exe [16/05/2008 - 16:14:34 | N | 2917376] F:\wrar371br.exe [07/11/2011 - 17:50:42 | D ] F:\Avast [07/11/2011 - 17:50:58 | D ] F:\pdfcreator [07/11/2011 - 17:51:22 | D ] F:\AIDA64 Extreme Edition 1.6 - www.bestuniom.com - Upload por Gabriel B [06/09/2011 - 07:18:14 | N | 16958832] F:\IE8-WindowsXP-x86-PTB.exe [20/05/2010 - 16:48:06 | N | 16529184] F:\java.exe [18/11/2011 - 10:08:50 | D ] F:\Office2007 [20/05/2010 - 17:38:34 | N | 38808920] F:\Convert2007.exe [08/12/2011 - 10:32:20 | N | 722784] F:\slimdrivers-setup.exe [18/11/2011 - 10:17:32 | D ] F:\Desfragmentador [18/11/2011 - 10:17:34 | D ] F:\MV RegClean 6.0 e CCleaner [16/06/2011 - 19:42:30 | N | 14713542] F:\K-Lite_Codec_Pack_720_Full.exe [18/06/2011 - 04:43:16 | N | 42176845] F:\FFSetup270.exe [18/11/2011 - 10:21:46 | D ] F:\www.baixemuito.com.Photoshop.CS4 Crack.Original [28/11/2011 - 09:24:40 | D ] F:\1_Service Pack [30/11/2011 - 20:39:56 | H | 16] F:\AUTORUN.INF [27/12/2010 - 10:21:06 | D ] P:\nadia [06/09/2011 - 08:30:27 | D ] P:\Compras e Licitação [15/12/2011 - 16:01:41 | D ] P:\JORGE [22/07/2008 - 17:49:28 | N | 27648] P:\Diligência da Bienal do livro 2007.doc [26/06/2009 - 07:57:00 | N | 89106] P:\segurança_de_cd_03.jpg [14/04/2008 - 15:21:18 | N | 623845] P:\Importação Complemento0001.pdf [01/06/2010 - 09:10:51 | N | 20089] P:\Maria del Pilar.pdf [21/10/2011 - 09:55:48 | D ] P:\zo [08/11/2011 - 11:38:40 | N | 68608] P:\Plan_contrat_Venc_97_2003.xls [16/01/2012 - 16:15:02 | D ] P:\EXTRATOS BANCARIOS B BRASIL 2011 [29/12/2011 - 11:14:59 | D ] P:\Assad [18/02/2011 - 17:17:34 | N | 460038] P:\rendimentos 2011.txt [01/11/2011 - 10:32:00 | D ] P:\IÊDO [17/01/2012 - 17:58:02 | D ] P:\RH [30/11/2011 - 11:20:38 | D ] P:\Helaine [23/10/2009 - 11:09:18 | D ] P:\SICAP - DEFESA MPRN [15/04/2010 - 09:38:30 | N | 20480] P:\Pasta1.xls [20/04/2009 - 11:02:56 | D ] P:\caixa [09/06/2010 - 11:54:32 | N | 353262] P:\oficio pnud.pdf [19/12/2011 - 07:37:25 | D ] P:\CONFRATERNIZAÇÃO SÃO JOÃO FUNPEC 2011 [12/03/2010 - 08:31:36 | N | 254464] P:\Oficios 476.2010- Linux 1.doc [19/01/2012 - 10:39:10 | D ] P:\Verônica [09/06/2010 - 17:10:00 | N | 1654272] P:\SINTEC MODELO.xls [20/09/2010 - 17:50:29 | D ] P:\Relatório e Plano de Providências - Severino Cesario [13/01/2012 - 11:51:22 | D ] P:\CPL - IMPORTAÇÃO - CONTROLE DE CONTRATOS [19/01/2010 - 08:35:00 | N | 264704] P:\IMOBILIZADO HANNA 2009.xls [05/11/2009 - 10:13:48 | N | 481280] P:\orelhas.doc [09/01/2012 - 08:17:44 | D ] P:\George [29/11/2011 - 16:08:03 | N | 5320104] P:\PROPOSTA PORTOSEGURO0001.pdf [16/10/2009 - 11:57:14 | N | 78336] P:\Doc FM.doc [16/12/2011 - 15:48:37 | D ] P:\FOTOS - FUNPEC Natal Solidario 2011 [22/08/2011 - 16:21:44 | D ] P:\Treinamento FUNPEC [29/07/2011 - 07:46:29 | D ] P:\Sim Shalom [22/08/2011 - 16:01:21 | N | 5222] P:\DIPJ 2011 - Recibo.pdf [23/02/2010 - 10:21:25 | D ] P:\EXTRATOS BANCARIOS B BRASIL 2009 [11/03/2010 - 14:09:06 | N | 68096] P:\TELEFONES FUNPEC 2010 - GRUPO CONTABILIDADE.xls [02/07/2010 - 15:34:47 | N | 24576] P:\requisões rub. 36.doc [20/12/2011 - 14:34:11 | D ] P:\Emerson [18/02/2011 - 15:28:27 | N | 1802184] P:\Dirf.txt [09/04/2010 - 11:54:23 | N | 80384] P:\Ofício nº 04 - Ministerio da Saude.doc [01/10/2010 - 16:31:01 | D ] P:\EXTRATOS BNB 2009 [19/01/2011 - 16:42:13 | D ] P:\EXTRATOS BANCARIOS CEF 2009 [07/12/2011 - 11:10:55 | N | 20090] P:\Joseane 2008.pdf [12/03/2010 - 08:29:35 | N | 21504] P:\Oficio Linus.doc [25/03/2011 - 11:59:15 | N | 129649689] P:\EXTRATOS BANCARIOS B BRASIL 2010.rar [02/09/2010 - 17:41:31 | N | 78336] P:\contrato clt.xls [14/10/2009 - 16:31:00 | N | 10229] P:\http.docx [05/05/2011 - 09:15:53 | N | 34304] P:\Oficio CEF - Caução.doc [22/09/2010 - 17:27:11 | D ] P:\ROBERTA-extratos [20/12/2011 - 09:58:56 | D ] P:\Patrícia Pontes [15/07/2011 - 17:43:39 | D ] P:\Documento [31/05/2011 - 10:49:37 | N | 87552] P:\Ofício ENVIO 1319-2011.doc [19/01/2012 - 09:49:00 | D ] P:\SETOR DE EMPENHOS [17/05/2010 - 15:09:21 | | 3318784] P:\Contatos.pst [03/01/2012 - 15:04:45 | N | 36864] P:\INVENTARIO LOJINHA - 2011.xls [13/12/2011 - 09:26:33 | D ] P:\CPD [07/07/2010 - 11:33:06 | D ] P:\ACOMPANHAMENTOS DE OBRA - CPL [22/12/2011 - 18:01:58 | N | 191488] P:\Movimento de Saída de Processos.xls [18/04/2011 - 14:36:27 | N | 41483] P:\Consulta Contribuinte Municipal - FUNPEC.pdf [16/09/2010 - 11:01:57 | N | 76800] P:\Dilig.034 Conv.138-2006-NUPLAN.doc [24/05/2010 - 09:20:18 | N | 1083710] P:\Documentos - Juridico.PDF [01/02/2010 - 06:53:08 | N | 847625] P:\CopSeg.cmp [12/03/2010 - 08:24:39 | N | 254464] P:\Oficios 476.2010- Linux.doc [18/02/2011 - 15:29:28 | N | 880263] P:\rendimentos 2010.txt [09/10/2009 - 08:52:23 | D ] P:\certidoes [14/03/2011 - 08:56:28 | D ] P:\Andrea [10/02/2011 - 15:15:02 | N | 20992] P:\Declaração FUNPEC - ECOBIO.doc [28/02/2011 - 10:57:26 | D ] P:\Parte da Conciliação de projetos vigentes-ARQUIVO [04/05/2011 - 10:50:28 | N | 81408] P:\Controle de provisões.xls [16/04/2009 - 11:09:39 | N | 261120] P:\SIPAC 2006.xls [13/01/2012 - 11:48:28 | D ] P:\Fernando [16/01/2012 - 16:03:15 | D ] P:\Homologação - CPL [13/10/2011 - 17:42:51 | D ] P:\SECRETARIA [03/04/2008 - 16:29:58 | N | 891839] P:\Contratos novo0001.pdf [18/01/2012 - 16:56:48 | D ] P:\CONCILIACAO [27/01/2011 - 16:36:00 | D ] P:\EXTRATOS CREDSUPER 2010 [07/05/2009 - 16:11:42 | N | 363937] P:\marconi.pdf [14/12/2011 - 11:21:14 | D ] P:\Nova pasta (2) [11/05/2011 - 11:08:57 | D ] P:\MICHELY - IMPORTAÇÃO [24/08/2011 - 14:07:59 | N | 115712] P:\Planilha Levantamento Projetos - com detalhamento V1.2.xls [21/12/2011 - 07:39:38 | D ] P:\talita [13/12/2011 - 11:55:59 | D ] P:\GPD [30/12/2010 - 11:33:34 | D ] P:\DOAÇÃO NO VARELA SANTIAGO DIA 27-12-2010 [11/05/2009 - 14:00:58 | N | 29696] P:\3ª Reunião Ordinária do Conselho - 17.07.08.doc [23/10/2009 - 14:49:38 | | 27136] P:\Reunião Ordinária realizada em.doc [09/04/2010 - 15:54:11 | N | 1172480] P:\Ofício nº 05 2010.doc [03/01/2012 - 08:45:56 | D ] P:\MUSICAS Compras [14/10/2008 - 16:59:42 | N | 1288657] P:\importacao.pdf [15/12/2011 - 14:51:47 | N | 327168] P:\HARABELLO 0712.xls [02/01/2012 - 08:57:06 | D ] P:\ALEUDA [15/12/2011 - 10:19:22 | D ] P:\Etiquetas [15/12/2011 - 10:52:17 | D ] P:\EXTRATOS CREDUPER 2011 [09/05/2011 - 09:57:35 | D ] P:\EXTRATOS BANCARIOS B BRASIL 2010 [06/10/2011 - 17:38:57 | D ] P:\FOTOS PALESTRA HIPERTENSÃO E DIABETES [08/09/2011 - 16:52:31 | D ] P:\EXTRATOS BNB 2011 [30/08/2011 - 10:39:13 | N | 301056] P:\Planilha de Custos - Versão II.xls [29/03/2011 - 08:06:41 | N | 10719] P:\Marcos Alexandre.pdf [04/01/2011 - 10:43:43 | D ] P:\Diana Rocha [26/03/2009 - 09:09:05 | D ] P:\SICAP [16/08/2011 - 09:38:50 | D ] P:\Roberta [04/06/2010 - 17:35:27 | N | 79872] P:\MODELO DE DOCUMENTOS FUNPEC.doc [29/08/2011 - 17:52:39 | D ] P:\COMPRAS PESQUISA DE MERCADO [28/02/2008 - 11:57:57 | N | 26624] P:\Plano de Trabalho-Consult. REGESUS-fevereiro2008.doc [20/01/2010 - 08:38:29 | N | 280064] P:\Modelo de RELATORIO DE VIAGEM.doc [03/01/2012 - 08:44:25 | D ] P:\JOANA [12/12/2011 - 16:28:43 | N | 189440] P:\SUPRIMENTO 2011.xls [20/04/2011 - 08:37:29 | D ] P:\CONFRATERNIZAÇÃO NATALINA 2010 [07/10/2011 - 11:29:24 | D ] P:\Nova pasta [10/06/2010 - 13:39:31 | N | 1346048] P:\MODELO SINTEC.xls [17/11/2009 - 16:11:05 | N | 84480] P:\IMOBILIZADO 2009 - ADRIANA.xls [22/08/2011 - 16:00:44 | N | 24896] P:\DIPJ 2011.pdf [24/05/2010 - 09:21:26 | N | 226532] P:\Estatuto Social - FUNPEC.PDF [26/10/2011 - 09:39:54 | D ] P:\OBRAS [10/03/2010 - 10:24:05 | N | 58880] P:\Cadastro Grupo Contabiliade.xls [19/03/2008 - 09:03:29 | N | 22528] P:\Ofício a MEJC atraso entrega de bem licitação notificação.doc [24/09/2010 - 12:19:03 | D ] P:\Nadson [11/03/2010 - 10:28:34 | N | 23552] P:\LISTA DE PROJETOS - ROBERTA.xls [06/04/2011 - 15:30:30 | D ] P:\Anny [08/07/2011 - 10:53:56 | D ] P:\Ofícios 2007 [09/08/2011 - 14:58:00 | D ] P:\allan [26/03/2008 - 08:50:26 | D ] P:\MEC-UNESCO - PIC [21/05/2008 - 16:17:29 | D ] P:\SICAP_ANtigo [16/09/2011 - 08:54:06 | N | 257536] P:\x - Cunho da pesquisa 252011 UN-RNCE.doc [09/01/2009 - 17:01:26 | N | 241] P:\Conta Corrente.url [27/07/2011 - 11:47:27 | D ] P:\GRAFICOS RELATORIO 2009 [07/10/2011 - 11:30:19 | D ] P:\YOARA [25/03/2011 - 09:25:09 | N | 10677] P:\Alvaro Fernandes.pdf [24/02/2011 - 09:10:34 | N | 24064] P:\Mensagem declaração IR..doc [22/08/2011 - 15:12:24 | N | 330752] P:\Planilha de Custos - Projeto de Pesquisa - Versão Ia.xls [05/05/2011 - 08:29:25 | D ] P:\PASTA DA CONTABILIDADE 2011 [09/12/2009 - 12:23:02 | N | 42496] P:\MODELO GECON-trabalho 3 unidade.doc [30/10/2009 - 11:06:41 | N | 168777] P:\Digitalizar0001.pdf [16/10/2009 - 11:23:30 | N | 33169] P:\Doc FM.docx [04/12/2009 - 09:38:14 | N | 24064] P:\Oficio Gustavo.doc [22/04/2010 - 10:50:33 | D ] P:\Edilson [28/12/2011 - 11:46:42 | D ] P:\COMPRAS [19/01/2012 - 11:08:48 | D ] P:\RECYCLER [23/11/2011 - 10:42:14 | N | 147590] P:\NF TRES CORAÇÕES_10001.pdf [07/12/2011 - 11:09:25 | N | 20500] P:\Joseane 2007.pdf [07/10/2010 - 09:14:36 | N | 440653] P:\SICAP 2009 FUNPEC.pdf [17/06/2011 - 15:37:39 | D ] P:\EXTRATOS BANCARIOS CEF 2010 [19/10/2010 - 10:01:13 | D ] P:\AJU [22/12/2010 - 16:38:33 | D ] P:\Gratificação curso e concurso [26/12/2011 - 14:55:35 | N | 10851] P:\Hostina Maria.pdf [09/05/2011 - 09:58:08 | D ] P:\EXTRATOS BNB 2010 [13/12/2011 - 12:38:06 | D ] P:\Importação [23/04/2010 - 16:42:59 | N | 1347483] P:\FINEP INFRA ESTRUTURA II.PDF [23/09/2011 - 08:53:45 | N | 102] P:\site.txt [28/06/2011 - 08:22:28 | D ] P:\lista 2011 de projetos dos funcionários da contabilidade [15/10/2011 - 10:02:04 | N | 50176] P:\ESPELHO SIGAP DA PASTA.doc [17/01/2012 - 09:53:40 | D ] P:\FOTOS FINANCEIRO [18/01/2012 - 10:50:20 | D ] P:\CEIÇA [16/03/2010 - 17:37:58 | N | 585579] P:\Scan_Pic0002.jpg [30/11/2011 - 15:16:35 | D ] P:\MARIANA [21/07/2010 - 14:06:35 | D ] P:\ELETROBRAS [21/01/2010 - 08:40:40 | N | 108544] P:\IMOBILIZADO Vanessa 2009.xls [09/11/2011 - 14:11:28 | D ] P:\Leila [07/10/2011 - 11:58:47 | D ] P:\Lilian [13/01/2012 - 10:28:01 | D ] P:\Clebson [02/08/2010 - 17:41:45 | N | 75891] P:\ISS%20na%20loca%C3%A7%C3%A3o%20bens%20m%C3%B3veis%20e%20procedimentos%20fiscais%20-%20Parecer.pdf [22/11/2010 - 12:34:05 | D ] P:\Adriana Aguiar [21/01/2011 - 09:56:25 | D ] P:\Hortevan [23/11/2011 - 08:51:08 | N | 25837] P:\Fatura Cosern - Arquivo Funpec - Novembro.pdf [08/02/2011 - 10:47:56 | D ] P:\EXTRATOS BANCARIOS CEF 2011 [28/04/2011 - 09:50:20 | N | 19820] P:\Ana Karina.pdf [11/02/2010 - 16:09:42 | D ] P:\Dirf2010 [08/11/2011 - 09:43:48 | D ] P:\LUCIANA CPL [11/11/2011 - 15:49:28 | N | 5207277] P:\HARABELLO 1 - ANDREIA.xlsx [22/07/2010 - 15:02:10 | N | 257024] P:\Despacho para empenho.doc [12/01/2012 - 13:13:11 | D ] P:\Vanessa [11/04/2008 - 08:47:01 | N | 84480] P:\LISTA DE PROJETOS - ADAILTON - 2008.xls [25/04/2011 - 11:20:12 | N | 11388] P:\GRACIANA OLIVEIRA.pdf [26/12/2011 - 15:43:04 | D ] P:\Exec [24/05/2010 - 15:33:35 | D ] P:\Junior [11/02/2010 - 13:59:10 | N | 24691] P:\INSS 012010.pdf [21/05/2008 - 17:27:50 | N | 19968] P:\Gaiola dos Saguis0001.pdf.doc [13/01/2012 - 15:45:52 | N | 13] S:\Versao.log [13/01/2012 - 15:45:31 | N | 34015232] S:\Funpec.new [25/03/2011 - 09:20:47 | N | 2885069] S:\PrintScreen45_Setup.exe [04/08/2011 - 12:03:16 | D ] S:\imagens_sistema [07/01/2011 - 08:20:20 | D ] S:\dll [04/08/2008 - 15:13:18 | N | 104] S:\atualiza.bat [26/07/2010 - 10:35:10 | N | 24] S:\Funpec.ini [19/01/2012 - 11:08:48 | D ] S:\RECYCLER [08/06/2009 - 11:49:28 | N | 68] S:\sigap.Ini [16/05/2008 - 15:29:58 | N | 414208] S:\Swap.exe [10/06/2011 - 16:41:33 | A | 155857] X:\Solicitação de Proposta.pdf [28/09/2011 - 15:54:13 | A | 91602] X:\ITM_16_WORKINFORMÁTICA.pdf [19/03/2010 - 09:09:17 | D ] X:\CTAP [30/11/2011 - 16:44:09 | D ] X:\Samsung_I5510_USB_Drivers [19/01/2012 - 11:06:42 | D ] X:\19012012_1000 [19/01/2012 - 09:30:54 | A | 145436] X:\HP Scanjet N8400 2.JPG [23/03/2011 - 17:47:24 | D ] X:\Backup_Usuarios [17/10/2011 - 15:07:44 | D ] X:\etc [04/01/2012 - 11:26:34 | D ] X:\Acronis [16/11/2011 - 09:29:36 | D ] X:\Suporte [28/09/2011 - 17:34:00 | A | 48218] X:\Pasta1.xlsx [28/09/2011 - 17:36:12 | A | 48213] X:\zo1.xlsx [24/04/2011 - 05:48:38 | D ] X:\Diversos [18/11/2011 - 11:40:14 | D ] X:\Colocar senha em pastas [05/09/2011 - 17:56:00 | D ] X:\Usuários [19/01/2012 - 09:29:28 | A | 2764854] X:\HP Scanjet N8400.bmp [17/10/2011 - 11:52:27 | A | 69120] X:\ativar numlock.doc [16/01/2012 - 14:34:56 | A | 575328] X:\SlimDrivers-setup.exe [02/12/2011 - 12:03:45 | A | 94936] X:\erro na url.JPG [18/11/2011 - 15:57:58 | D ] X:\redes [06/12/2011 - 08:53:09 | A | 56320] X:\Pessoal estamos estudando o caso do avast.doc [18/01/2012 - 16:24:03 | A | 1455] X:\comprovante.pdf [09/12/2010 - 10:34:36 | D ] X:\Imagens_CD [19/01/2012 - 11:08:48 | D ] X:\RECYCLER [17/01/2012 - 10:10:40 | D ] X:\Desenvolvimento [28/09/2011 - 15:56:06 | D ] X:\Documentos [20/11/2008 - 16:07:26 | D ] X:\Apostilas [14/06/2011 - 17:17:17 | A | 16695] X:\Requisitos para Software de Gestão de Fundações.docx [03/08/2011 - 15:15:40 | D ] X:\DVD Decrypter [15/04/2009 - 15:21:30 | D ] Z:\cerberos [12/07/2011 - 08:02:50 | D ] Z:\Log [28/06/2010 - 09:10:36 | D ] Z:\Scripts [16/07/2008 - 16:02:09 | D ] Z:\lost+found [16/12/2011 - 13:08:52 | D ] Z:\icaro [23/12/2008 - 09:17:04 | D ] Z:\hsperfdata_tomcat5 [25/03/2011 - 21:11:19 | D ] Z:\atlas [07/04/2011 - 11:53:47 | D ] Z:\hermes ################## | Vaccin | C:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido) P:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido) S:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido) X:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido) ################## | Upload | Favor enviar o arquivo: C:\UsbFix_Upload_Me_FUN0055.zip http://eldesaparecido.com/upload.html Obrigado pela sua contribuição. ################## | E.O.F | OTL logfile created on: 19/01/2012 12:28:50 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\f003589\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 1,96 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 72,04% Memory free 3,81 Gb Paging File | 3,49 Gb Available in Paging File | 91,59% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 232,88 Gb Total Space | 189,79 Gb Free Space | 81,50% Space Free | Partition Type: NTFS Drive F: | 3,72 Gb Total Space | 0,44 Gb Free Space | 11,75% Space Free | Partition Type: FAT32 Drive P: | 204,24 Gb Total Space | 10,36 Gb Free Space | 5,07% Space Free | Partition Type: NTFS Drive S: | 204,24 Gb Total Space | 10,36 Gb Free Space | 5,07% Space Free | Partition Type: NTFS Drive X: | 204,24 Gb Total Space | 10,36 Gb Free Space | 5,07% Space Free | Partition Type: NTFS Drive Z: | 1833,77 Gb Total Space | 996,44 Gb Free Space | 54,34% Space Free | Partition Type: NTFS Computer Name: FUN0055 | User Name: f003589 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 14 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\f003589\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Arquivos de programas\GbPlugin\gbpsv.exe ( ) PRC - C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) PRC - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Arquivos de programas\Alwil Software\Avast5\defs\12011901\algo.dll () MOD - C:\Arquivos de programas\Alwil Software\Avast5\defs\12011900\algo.dll () MOD - C:\Arquivos de programas\Alwil Software\Avast5\defs\12011700\algo.dll () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- File not found SRV - (GbpSv) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe ( ) SRV - (afcdpsrv) -- C:\Arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe (Acronis) SRV - (AcrSch2Svc) -- C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (avast! Web Scanner) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Antivirus) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (Diskeeper) -- C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation) SRV - (NMIndexingService) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe (Nero AG) SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (SWDUMon) -- C:\WINDOWS\system32\drivers\SWDUMon.sys () DRV - (NdisrdMP) -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys (GAS Tecnologia) DRV - (Ndisrd) -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys (GAS Tecnologia) DRV - (GbpKm) -- C:\WINDOWS\system32\drivers\gbpkm.sys (GAS Tecnologia) DRV - (afcdp) -- C:\WINDOWS\system32\drivers\afcdp.sys (Acronis) DRV - (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) -- C:\WINDOWS\system32\DRIVERS\tdrpm273.sys (Acronis) DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis) DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis) DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys () DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\SOFTWARE\Microsoft\Internet Explorer\Main,Start page = http://fr.msn.com/ IE - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br IE - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FE F5 C5 EA FC D5 CC 01 [binary data] IE - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.com.br" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Arquivos de programas\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Arquivos de programas\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2012/01/03 10:15:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2011/12/15 07:46:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\f003589\Dados de aplicativos\Mozilla\Extensions [2012/01/09 13:03:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\f003589\Dados de aplicativos\Mozilla\Firefox\Profiles\rkkgbsp8.default\extensions [2012/01/03 10:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions () (No name found) -- C:\DOCUMENTS AND SETTINGS\F003589\DADOS DE APLICATIVOS\MOZILLA\FIREFOX\PROFILES\RKKGBSP8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011/12/21 05:04:21 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browsercomps.dll [2011/12/21 02:07:30 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml [2011/12/21 02:07:30 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml [2011/12/21 01:46:39 | 000,002,040 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\twitter.xml [2011/12/21 02:07:30 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml [2011/12/21 02:07:30 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml O1 HOSTS File: ([2011/12/26 14:28:42 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Facilitador de Leitor de Link Adobe PDF) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [Acronis Serviço Scheduler2] C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [APSDaemon] C:\Arquivos de programas\Arquivos comuns\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [NBKeyScan] C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe () O4 - HKU\S-1-5-21-2586132527-314635491-3328972525-21404..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKU\S-1-5-21-2586132527-314635491-3328972525-21404..\Run: [slimDrivers] C:\Arquivos de programas\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.) O4 - HKLM..\RunOnce: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O15 - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis) O15 - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis) O15 - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis) O15 - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis) O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} http://fabiodvr1.sytes.net:37779/webrec.cab (SurveillanceCtrl Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.4.65.16 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90C820C4-79C8-4BC6-B182-24563355F095}: DhcpNameServer = 10.4.65.16 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil) O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Alegria.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Alegria.bmp O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/12/14 12:25:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012/01/19 11:12:52 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/11/30 20:39:56 | 000,000,016 | -H-- | M] () - F:\AUTORUN.INF -- [ FAT32 ] O32 - AutoRun File - [2012/01/19 11:12:11 | 000,000,000 | ---D | M] - P:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012/01/19 11:12:11 | 000,000,000 | ---D | M] - S:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012/01/19 11:13:38 | 000,000,000 | ---D | M] - X:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{00ad3711-2ca3-11e1-a031-7071bc658018}\Shell - "" = AutoRun O33 - MountPoints2\{00ad3711-2ca3-11e1-a031-7071bc658018}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1046" /heur:80 /pup /archives /IA:0 /KBD:2 /dir:"C:\Arquivos de programas\Alwil Software\Avast5") O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 14 Days ========== [2012/01/19 11:12:52 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2012/01/19 09:48:46 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\f003589\Desktop\OTL.exe [2012/01/18 17:17:16 | 000,000,000 | ---D | C] -- C:\UsbFix [2012/01/18 17:16:47 | 001,257,293 | ---- | C] (El Desaparecido) -- C:\Documents and Settings\f003589\Desktop\UsbFix.exe [2012/01/18 14:26:53 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\HiJackThis.exe [2012/01/17 10:49:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\AVIFiles [2012/01/17 10:48:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\v8200 [2012/01/17 10:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\DMMultiView v8200 [2012/01/17 10:46:49 | 000,057,344 | ---- | C] (GeoVision Inc.) -- C:\WINDOWS\System32\GeoADPCM.acm [2012/01/17 10:46:49 | 000,024,576 | ---- | C] ( ) -- C:\WINDOWS\GV_AccessIni_Memory.dll [2012/01/17 10:46:48 | 001,150,976 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GXAVCD.dll [2012/01/17 10:46:48 | 001,150,976 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GXAVC.dll [2012/01/17 10:46:48 | 000,397,312 | ---- | C] (GeoVision Inc.) -- C:\WINDOWS\System32\GXGM20.dll [2012/01/17 10:46:48 | 000,364,544 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GXJPG.dll [2012/01/17 10:46:47 | 001,007,616 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GXAMP4D.dll [2012/01/17 10:46:47 | 001,007,616 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GXAMP4.dll [2012/01/17 10:46:47 | 000,757,760 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GX264D.dll [2012/01/17 10:46:47 | 000,757,760 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GX264.dll [2012/01/17 10:46:46 | 000,585,728 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GeoCodecD.dll [2012/01/17 10:46:46 | 000,585,728 | ---- | C] (GeoVision) -- C:\WINDOWS\System32\GeoCodec.dll [2012/01/17 10:46:46 | 000,577,536 | R--- | C] (GeoVision) -- C:\WINDOWS\GeoCodec.dll [2012/01/17 10:46:46 | 000,348,160 | ---- | C] (GeoVision) -- C:\WINDOWS\GeoImageEnhance.dll [2012/01/17 10:46:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\v8200 [2012/01/17 10:46:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\v8110 [2012/01/17 10:46:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\v8200 [2012/01/17 10:46:19 | 010,927,257 | ---- | C] (MV_LocalInstall ) -- C:\Documents and Settings\f003589\Desktop\DMMultiView.exe [2012/01/16 14:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2012/01/16 14:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\f003589\Configurações locais\Dados de aplicativos\SlimWare Utilities Inc [2012/01/16 14:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\SlimDrivers [2012/01/16 14:35:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\SlimDrivers [2012/01/16 14:35:25 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Downloaded Installers [2012/01/11 13:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\NVIDIA Corporation [2012/01/11 13:23:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\AGEIA Technologies [2012/01/11 13:23:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2012/01/11 13:22:52 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard [2012/01/11 13:22:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview [2012/01/11 12:41:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\f003589\Desktop\Boleto RNLink-Edivan Ferreira de Lima [2012/01/09 14:57:47 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft.NET [2012/01/09 11:58:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Adobe [2012/01/09 11:58:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dados de aplicativos\Google [2012/01/09 11:58:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Google [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 14 Days ========== [2012/01/19 13:00:00 | 000,000,470 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{574B30E2-4577-4F9C-A381-753CAB709F73}.job [2012/01/19 13:00:00 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F855FE1F-9329-4BCE-A55D-319E65995CB4}.job [2012/01/19 12:37:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/01/19 12:27:01 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/01/19 12:10:55 | 1279,480,668 | ---- | M] () -- C:\UsbFix_Upload_Me_FUN0055.zip [2012/01/19 10:28:22 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A1D022CB-E4A2-40A5-94EB-036A15C5A62D}.job [2012/01/19 09:48:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\f003589\Desktop\OTL.exe [2012/01/18 17:16:54 | 001,257,293 | ---- | M] (El Desaparecido) -- C:\Documents and Settings\f003589\Desktop\UsbFix.exe [2012/01/18 17:09:39 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\f003589\Desktop\GabKiller.exe [2012/01/18 14:27:03 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/01/18 14:26:54 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\HiJackThis.exe [2012/01/17 11:06:49 | 000,000,140 | ---- | M] () -- C:\WINDOWS\multiview.ini [2012/01/17 10:48:25 | 000,001,501 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DMMultiView v8200.lnk [2012/01/17 10:46:27 | 010,927,257 | ---- | M] (MV_LocalInstall ) -- C:\Documents and Settings\f003589\Desktop\DMMultiView.exe [2012/01/16 14:35:35 | 000,012,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2012/01/16 14:35:31 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SlimDrivers.lnk [2012/01/16 14:33:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/01/16 14:33:31 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\f003589\NTUSER.DAT [2012/01/16 14:33:31 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\f003589\ntuser.ini [2012/01/16 07:32:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012/01/16 07:31:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/01/11 13:27:08 | 000,200,819 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012/01/11 13:14:02 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012/01/09 14:59:15 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2012/01/07 12:23:00 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/01/19 12:37:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/01/19 12:05:47 | 1279,480,668 | ---- | C] () -- C:\UsbFix_Upload_Me_FUN0055.zip [2012/01/18 17:09:38 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\f003589\Desktop\GabKiller.exe [2012/01/17 10:48:25 | 000,001,501 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DMMultiView v8200.lnk [2012/01/17 10:46:49 | 000,200,704 | ---- | C] () -- C:\WINDOWS\JxIni.dll [2012/01/17 10:46:49 | 000,139,264 | ---- | C] () -- C:\WINDOWS\GV_GeoPTZini.dll [2012/01/17 10:46:49 | 000,139,264 | ---- | C] () -- C:\WINDOWS\GeoEditAVIDll.dll [2012/01/17 10:46:49 | 000,115,202 | ---- | C] () -- C:\WINDOWS\IG_STable.xml [2012/01/17 10:46:49 | 000,077,158 | ---- | C] () -- C:\WINDOWS\PTZConfigTable.xml [2012/01/17 10:46:49 | 000,032,280 | ---- | C] () -- C:\WINDOWS\IA_STable_001.xml [2012/01/17 10:46:49 | 000,003,971 | ---- | C] () -- C:\WINDOWS\GvMegaPixelViewer.xml [2012/01/17 10:46:49 | 000,001,977 | ---- | C] () -- C:\WINDOWS\PCDStable_8200.xml [2012/01/17 10:46:46 | 000,007,675 | ---- | C] () -- C:\WINDOWS\GeoImageEnhance.xml [2012/01/17 10:46:41 | 000,270,401 | ---- | C] () -- C:\WINDOWS\Stable_8200.xml [2012/01/17 10:46:32 | 000,000,140 | ---- | C] () -- C:\WINDOWS\multiview.ini [2012/01/16 14:35:35 | 000,012,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2012/01/16 14:35:31 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SlimDrivers.lnk [2012/01/11 13:22:38 | 000,200,819 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml [2012/01/11 13:22:12 | 000,018,477 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu [2012/01/11 13:14:02 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2012/01/09 14:59:14 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011/12/15 16:16:53 | 000,045,328 | ---- | C] () -- C:\Documents and Settings\f003589\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT [2011/12/15 10:54:48 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe [2011/12/15 10:54:48 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe [2011/12/15 10:54:48 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2011/12/15 10:54:48 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2011/12/15 10:54:48 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2011/12/14 17:50:00 | 004,847,204 | -H-- | C] () -- C:\Documents and Settings\f003589\Configurações locais\Dados de aplicativos\IconCache.db [2011/12/14 14:38:35 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\libpq74.dll [2011/12/14 14:38:35 | 000,051,016 | ---- | C] () -- C:\WINDOWS\System32\libintl-2.dll [2011/12/14 14:38:35 | 000,000,070 | ---- | C] () -- C:\WINDOWS\System32\sigap.Ini [2011/12/14 14:38:34 | 000,916,849 | ---- | C] () -- C:\WINDOWS\System32\libiconv-2.dll [2011/12/14 12:54:23 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011/12/14 12:38:41 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2011/12/14 12:38:03 | 000,982,196 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2011/12/14 12:38:03 | 000,417,344 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2011/12/14 12:27:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011/12/14 12:25:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2011/12/14 12:25:05 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2011/12/14 12:25:01 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2011/12/14 12:23:33 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011/12/14 12:23:26 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2011/12/14 12:23:26 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2011/12/14 12:22:56 | 000,026,931 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2011/12/14 12:22:56 | 000,003,828 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2008/12/31 22:11:54 | 000,848,252 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2008/12/31 22:11:53 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008/12/31 22:10:44 | 000,189,000 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008/10/07 02:33:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008/10/07 02:33:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008/10/07 02:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008/10/07 02:33:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2008/10/07 02:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008/10/07 02:33:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008/10/07 02:33:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2008/10/07 02:33:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008/10/07 02:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008/06/05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2006/03/02 09:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006/03/02 09:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2006/03/02 09:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2006/03/02 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006/03/02 09:00:00 | 000,425,426 | ---- | C] () -- C:\WINDOWS\System32\perfh016.dat [2006/03/02 09:00:00 | 000,392,432 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006/03/02 09:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2006/03/02 09:00:00 | 000,301,776 | ---- | C] () -- C:\WINDOWS\System32\perfi016.dat [2006/03/02 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006/03/02 09:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2006/03/02 09:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll [2006/03/02 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006/03/02 09:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2006/03/02 09:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2006/03/02 09:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2006/03/02 09:00:00 | 000,070,750 | ---- | C] () -- C:\WINDOWS\System32\edit.com [2006/03/02 09:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2006/03/02 09:00:00 | 000,067,450 | ---- | C] () -- C:\WINDOWS\System32\perfc016.dat [2006/03/02 09:00:00 | 000,058,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006/03/02 09:00:00 | 000,054,048 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2006/03/02 09:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2006/03/02 09:00:00 | 000,052,472 | ---- | C] () -- C:\WINDOWS\System32\command.com [2006/03/02 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006/03/02 09:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2006/03/02 09:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2006/03/02 09:00:00 | 000,039,386 | ---- | C] () -- C:\WINDOWS\System32\mem.exe [2006/03/02 09:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2006/03/02 09:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2006/03/02 09:00:00 | 000,035,178 | ---- | C] () -- C:\WINDOWS\System32\perfd016.dat [2006/03/02 09:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2006/03/02 09:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2006/03/02 09:00:00 | 000,033,984 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2006/03/02 09:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2006/03/02 09:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2006/03/02 09:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2006/03/02 09:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2006/03/02 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006/03/02 09:00:00 | 000,027,900 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2006/03/02 09:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2006/03/02 09:00:00 | 000,021,130 | ---- | C] () -- C:\WINDOWS\System32\debug.exe [2006/03/02 09:00:00 | 000,021,111 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2006/03/02 09:00:00 | 000,019,918 | ---- | C] () -- C:\WINDOWS\System32\graphics.com [2006/03/02 09:00:00 | 000,015,799 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2006/03/02 09:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2006/03/02 09:00:00 | 000,014,950 | ---- | C] () -- C:\WINDOWS\System32\kb16.com [2006/03/02 09:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2006/03/02 09:00:00 | 000,013,712 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2006/03/02 09:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2006/03/02 09:00:00 | 000,013,106 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe [2006/03/02 09:00:00 | 000,012,578 | ---- | C] () -- C:\WINDOWS\System32\append.exe [2006/03/02 09:00:00 | 000,011,995 | ---- | C] () -- C:\WINDOWS\System32\setver.exe [2006/03/02 09:00:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2006/03/02 09:00:00 | 000,009,032 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2006/03/02 09:00:00 | 000,008,600 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe [2006/03/02 09:00:00 | 000,007,132 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe [2006/03/02 09:00:00 | 000,006,107 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2006/03/02 09:00:00 | 000,004,896 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2006/03/02 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006/03/02 09:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006/03/02 09:00:00 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2006/03/02 09:00:00 | 000,003,258 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe [2006/03/02 09:00:00 | 000,003,043 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2006/03/02 09:00:00 | 000,002,924 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2006/03/02 09:00:00 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2006/03/02 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006/03/02 09:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2006/03/02 09:00:00 | 000,001,300 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2006/03/02 09:00:00 | 000,001,153 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com [2006/03/02 09:00:00 | 000,001,144 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe [2006/03/02 09:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe [2006/03/02 09:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe [2006/03/02 09:00:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe [2006/03/02 09:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2006/03/02 09:00:00 | 000,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2006/03/02 09:00:00 | 000,000,361 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2006/03/02 09:00:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [2001/09/05 20:50:34 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe [2001/09/05 20:50:20 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll ========== LOP Check ========== [2011/12/16 10:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Acronis [2011/12/14 12:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alwil Software [2011/12/14 12:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Diskeeper Corporation [2012/01/19 10:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin [2011/12/16 10:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\f003589\Dados de aplicativos\Acronis [2011/12/20 15:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\f003589\Dados de aplicativos\TeamViewer [2011/12/15 07:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\f003589\Dados de aplicativos\Thunderbird [2011/12/14 12:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fun0055\Dados de aplicativos\InterTrust [2012/01/19 13:00:00 | 000,000,470 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{574B30E2-4577-4F9C-A381-753CAB709F73}.job [2012/01/19 10:28:22 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A1D022CB-E4A2-40A5-94EB-036A15C5A62D}.job [2012/01/19 13:00:00 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F855FE1F-9329-4BCE-A55D-319E65995CB4}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/12/14 12:25:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011/12/14 12:22:09 | 000,000,211 | ---- | M] () -- C:\boot.ini [2006/03/02 09:00:00 | 000,004,952 | ---- | M] () -- C:\Bootfont.bin [2011/12/14 12:25:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2012/01/19 10:01:04 | 000,001,055 | ---- | M] () -- C:\Gabkiller_supp.txt [2012/01/18 14:26:54 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\HiJackThis.exe [2012/01/18 14:30:12 | 000,009,853 | ---- | M] () -- C:\hijackthis.log [2011/12/14 12:25:48 | 000,000,000 | ---- | M] () -- C:\IO.SYS [2011/12/14 12:25:48 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2006/03/02 09:00:00 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM [2011/12/14 13:21:41 | 000,251,696 | ---- | M] () -- C:\ntldr [2012/01/16 07:31:47 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2012/01/19 12:37:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/01/19 09:55:14 | 000,002,433 | ---- | M] () -- C:\Rapport Gabkiller.txt [2012/01/19 12:13:20 | 000,025,070 | ---- | M] () -- C:\UsbFix.txt [2012/01/19 12:10:55 | 1279,480,668 | ---- | M] () -- C:\UsbFix_Upload_Me_FUN0055.zip < %systemdrive%\drivers\*.exe > < %systemroot%\system32\drivers\*.* /64 > [2010/03/09 08:08:15 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys [2008/04/13 18:50:06 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpi.sys [2006/03/02 09:00:00 | 000,011,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpiec.sys [2008/04/13 19:20:24 | 000,004,255 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll [2008/04/13 19:20:24 | 000,003,967 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll [2008/04/13 19:20:24 | 000,003,615 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll [2008/04/13 19:20:24 | 000,003,647 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll [2008/04/13 19:20:24 | 000,003,135 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll [2008/04/13 19:20:24 | 000,003,711 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll [2008/04/13 19:20:24 | 000,003,775 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll [2008/04/13 09:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys [2011/12/15 10:57:43 | 000,167,968 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\afcdp.sys [2008/04/13 12:19:24 | 000,138,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\afd.sys [2008/04/13 11:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\agp440.sys [2008/04/13 11:36:40 | 000,044,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\agpcpq.sys [2008/04/13 11:36:40 | 000,042,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\alim1541.sys [2009/11/17 20:16:00 | 001,691,480 | ---- | M] (Creative) -- C:\WINDOWS\system32\drivers\Ambfilt.sys [2008/04/13 11:36:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\drivers\amdagp.sys [2008/04/13 18:51:12 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk6.sys [2008/04/13 18:51:14 | 000,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys [2008/04/13 11:51:26 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\arp1394.sys [2010/03/09 08:08:30 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010/03/09 08:08:38 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon.sys [2010/03/09 08:08:41 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys [2010/03/09 08:09:08 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys [2010/03/09 08:12:33 | 000,162,640 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys [2010/03/09 08:12:54 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys [2008/04/13 11:57:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\asyncmac.sys [2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys [2008/04/13 09:34:18 | 000,056,623 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1btxx.sys [2008/04/13 09:34:18 | 000,011,615 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys [2008/04/13 09:34:18 | 000,012,047 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys [2008/04/13 09:34:18 | 000,030,671 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys [2008/04/13 09:34:18 | 000,063,663 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys [2008/04/13 09:34:18 | 000,026,367 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys [2008/04/13 09:34:18 | 000,021,343 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys [2008/04/13 09:34:18 | 000,036,463 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys [2008/04/13 09:34:20 | 000,029,455 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys [2008/04/13 09:34:20 | 000,034,735 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys [2008/04/13 18:52:02 | 000,327,040 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys [2008/04/13 18:52:04 | 000,701,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [2008/04/13 09:34:18 | 000,057,856 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinbtxx.sys [2008/04/13 09:34:18 | 000,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys [2008/04/13 09:34:18 | 000,014,336 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys [2008/04/13 09:34:18 | 000,052,224 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinraxx.sys [2008/04/13 09:34:18 | 000,104,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys [2008/04/13 09:34:18 | 000,028,672 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys [2008/04/13 09:34:18 | 000,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinttxx.sys [2008/04/13 09:34:18 | 000,073,216 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atintuxx.sys [2008/04/13 09:34:20 | 000,031,744 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys [2008/04/13 09:34:20 | 000,063,488 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys [2006/12/29 07:51:08 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod [2008/04/13 11:51:26 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmarpc.sys [2006/03/02 09:00:00 | 000,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmepvc.sys [2008/04/13 11:51:32 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmlane.sys [2006/03/02 09:00:00 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmuni.sys [2008/04/13 19:20:26 | 000,021,183 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll [2008/04/13 19:20:26 | 000,011,359 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll [2008/04/13 19:20:26 | 000,025,471 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll [2008/04/13 19:20:26 | 000,014,143 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll [2008/04/13 19:20:26 | 000,017,279 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll [2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\audstub.sys [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\beep.sys [2008/04/13 11:53:24 | 000,071,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bridge.sys [2008/04/13 11:46:34 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthenum.sys [2008/04/13 11:46:34 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthmodem.sys [2008/04/13 11:51:36 | 000,101,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthpan.sys [2008/04/13 18:53:48 | 000,273,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys [2008/04/13 11:46:32 | 000,036,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthprint.sys [2008/04/13 11:46:30 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthusb.sys [2006/03/02 09:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cbidf2k.sys [2006/03/02 09:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdaudio.sys [2008/04/13 12:14:22 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdfs.sys [2009/07/14 21:04:12 | 000,009,336 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys [2009/07/14 21:04:12 | 000,009,464 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdralw2k.sys [2008/04/13 11:40:48 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdrom.sys [2008/04/13 19:20:26 | 000,015,423 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll [2006/03/02 09:00:00 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [2008/04/13 12:16:24 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\classpnp.sys [2006/03/02 09:00:00 | 000,011,776 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [2008/04/13 18:57:18 | 000,040,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\crusoe.sys [2007/04/02 09:06:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty [2008/04/13 11:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\disk.sys [2008/04/13 11:40:46 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\diskdump.sys [2008/04/13 18:59:02 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmboot.sys [2008/04/13 18:59:08 | 000,153,984 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmio.sys [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\system32\drivers\dmload.sys [2008/04/13 11:45:02 | 000,052,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dmusic.sys [2008/04/13 11:45:16 | 000,060,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmk.sys [2008/04/13 11:45:14 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys [2006/03/02 09:00:00 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxapi.sys [2008/04/13 11:38:30 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxg.sys [2006/03/02 09:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxgthk.sys [2008/09/26 18:00:06 | 000,024,448 | R--- | M] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\system32\drivers\ewdcsc.sys [2008/09/26 18:01:02 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys [2008/09/26 18:01:14 | 000,113,664 | R--- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\system32\drivers\ewusbnet.sys [2008/04/13 12:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fastfat.sys [2008/04/13 11:40:26 | 000,027,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fdc.sys [2008/04/13 18:52:44 | 000,044,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fips.sys [2008/04/13 11:40:26 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\flpydisk.sys [2008/04/13 11:33:00 | 000,129,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fltmgr.sys [2006/03/02 09:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys [2006/03/02 09:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fs_rec.sys [2006/03/02 09:00:00 | 000,125,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ftdisk.sys [2008/04/13 11:36:42 | 000,046,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gagp30kx.sys [2011/12/21 16:32:06 | 000,045,896 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\system32\drivers\gbpkm.sys [2012/01/03 16:11:54 | 000,042,192 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys [2006/03/02 09:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls [2006/03/02 09:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt [2008/04/13 09:36:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [2005/01/07 16:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [2008/04/13 18:54:36 | 000,025,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidbth.sys [2008/04/13 11:45:28 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidclass.sys [2008/04/13 11:45:28 | 000,019,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidir.sys [2008/04/13 11:45:24 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidparse.sys [2008/04/13 11:23:50 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys [2008/04/13 11:23:52 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys [2008/04/13 11:23:54 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys [2008/04/13 11:53:54 | 000,264,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\http.sys [2008/04/13 18:55:20 | 000,053,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\i8042prt.sys [2009/11/18 02:32:50 | 001,770,528 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [2007/11/21 17:31:48 | 000,011,304 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\system32\drivers\imagedrv.sys [2007/11/21 17:31:48 | 000,132,904 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\system32\drivers\imagesrv.sys [2008/04/13 11:41:00 | 000,042,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\imapi.sys [2008/04/13 18:57:14 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelppm.sys [2008/04/13 11:53:36 | 000,036,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ip6fw.sys [2006/03/02 09:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys [2008/04/13 11:57:08 | 000,020,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipinip.sys [2008/04/13 11:57:16 | 000,152,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipnat.sys [2008/04/13 12:19:44 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipsec.sys [2008/04/13 11:45:36 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irbus.sys [2008/04/13 11:54:30 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irenum.sys [2008/04/13 18:58:04 | 000,037,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\isapnp.sys [2008/04/13 18:58:36 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdclass.sys [2008/04/13 11:45:10 | 000,172,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys [2008/04/13 12:16:38 | 000,141,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ks.sys [2008/04/13 11:31:44 | 000,092,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ksecdd.sys [2006/03/02 09:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mcd.sys [2008/04/13 11:23:58 | 000,011,868 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [2008/04/13 11:36:42 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mf.sys [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mnmdd.sys [2008/09/26 18:01:32 | 000,621,056 | R--- | M] (DiBcom SA) -- C:\WINDOWS\system32\drivers\mod7700.sys [2008/04/13 18:50:06 | 000,030,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\modem.sys [2009/11/17 20:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\Monfilt.sys [2008/04/13 18:50:12 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouclass.sys [2008/04/13 11:39:48 | 000,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mountmgr.sys [2008/04/13 11:39:46 | 000,092,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mqac.sys [2008/04/13 11:32:46 | 000,180,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxdav.sys [2008/04/13 12:17:02 | 000,456,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys [2008/04/13 11:32:40 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msfs.sys [2008/04/13 11:56:34 | 000,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msgpc.sys [2008/04/13 11:39:54 | 000,007,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mskssrv.sys [2008/04/13 11:39:52 | 000,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mspclock.sys [2008/04/13 11:39:52 | 000,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mspqm.sys [2008/04/13 11:36:48 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mssmbios.sys [2008/04/13 11:23:42 | 000,126,686 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys [2008/04/13 11:23:40 | 001,309,184 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\mtlstrm.sys [2008/04/13 09:34:28 | 000,452,736 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys [2008/04/13 12:17:06 | 000,105,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mup.sys [2008/04/13 11:43:56 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mutohpen.sys [2008/04/13 12:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndis.sys [2008/04/13 11:57:28 | 000,010,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys [2008/04/13 11:56:00 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndisuio.sys [2008/04/13 12:20:44 | 000,091,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndiswan.sys [2008/04/13 11:57:30 | 000,040,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys [2008/04/13 11:56:04 | 000,034,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbios.sys [2008/04/13 12:21:02 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbt.sys [2006/12/29 07:32:50 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img [2008/04/13 11:51:26 | 000,061,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nic1394.sys [2006/03/02 09:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\nikedrv.sys [2008/04/13 11:53:10 | 000,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys [2008/04/13 11:32:40 | 000,030,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\npfs.sys [2008/04/13 12:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ntfs.sys [2008/04/13 11:23:42 | 000,180,360 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys [2006/03/02 09:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\null.sys [2008/10/07 02:33:00 | 006,133,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [2006/03/02 09:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys [2006/03/02 09:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys [2008/04/13 11:56:08 | 000,088,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys [2006/03/02 09:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys [2006/03/02 09:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys [2008/04/13 11:34:14 | 000,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwrdr.sys [2006/03/02 09:00:00 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\oprghdlr.sys [2008/04/13 19:02:24 | 000,046,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\p3.sys [2008/04/13 19:02:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parport.sys [2008/04/13 11:40:50 | 000,019,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\partmgr.sys [2006/03/02 09:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parvdm.sys [2008/04/13 19:02:30 | 000,068,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pci.sys [2001/09/05 22:17:14 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciide.sys [2008/04/13 11:40:30 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciidex.sys [2008/04/13 19:02:32 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pcmcia.sys [2008/04/13 12:19:42 | 000,146,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\portcls.sys [2008/04/13 18:51:48 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\processr.sys [2008/04/13 11:56:40 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\psched.sys [2006/03/02 09:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys [2009/07/14 21:04:12 | 000,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys [2006/03/02 09:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasacd.sys [2008/04/13 12:19:44 | 000,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasl2tp.sys [2008/04/13 11:57:34 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspppoe.sys [2008/04/13 12:19:50 | 000,048,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspptp.sys [2006/03/02 09:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspti.sys [2006/03/02 09:00:00 | 000,034,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rawwan.sys [2008/04/13 12:28:40 | 000,175,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdbss.sys [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpcdd.sys [2008/04/13 11:32:52 | 000,196,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpdr.sys [2008/04/13 19:21:52 | 000,139,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys [2008/04/13 11:23:44 | 000,013,776 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\recagent.sys [2008/04/13 18:53:18 | 000,058,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\redbook.sys [2008/04/13 11:46:34 | 000,059,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rfcomm.sys [2006/03/02 09:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\rio8drv.sys [2006/03/02 09:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\riodrv.sys [2008/04/13 11:55:10 | 000,202,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rmcast.sys [2008/04/13 11:56:50 | 000,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rndismp.sys [2008/04/13 11:56:50 | 000,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rndismpx.sys [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys [2009/11/27 04:20:06 | 000,177,152 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [2009/12/25 07:26:30 | 006,039,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008/04/13 09:34:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys [2008/04/13 11:40:32 | 000,096,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\scsiport.sys [2008/04/13 11:36:46 | 000,079,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys [2008/04/13 09:39:18 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys [2008/04/13 11:40:14 | 000,015,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serenum.sys [2008/04/13 18:55:22 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serial.sys [2008/04/13 11:40:48 | 000,011,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys [2008/04/13 11:40:50 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_mmc.sys [2008/04/13 11:40:48 | 000,011,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys [2008/04/13 11:40:50 | 000,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sfloppy.sys [2008/04/13 19:20:42 | 000,003,901 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll [2008/04/13 11:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisagp.sys [2008/04/13 11:23:44 | 000,129,535 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slnt7554.sys [2008/04/13 11:23:46 | 000,404,990 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slntamr.sys [2008/04/13 11:23:48 | 000,095,424 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slnthal.sys [2008/04/13 11:23:48 | 000,013,240 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slwdmsup.sys [2008/04/13 11:36:36 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\smbali.sys [2006/03/02 09:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\smclib.sys [2011/12/15 10:57:32 | 000,170,464 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\snapman.sys [2008/04/13 11:46:08 | 000,025,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sonydcam.sys [2008/04/13 11:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys [2008/04/13 19:02:38 | 000,073,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sr.sys [2008/04/13 12:15:12 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys [2008/04/13 11:45:16 | 000,049,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\stream.sys [2012/01/16 14:35:35 | 000,012,984 | ---- | M] () -- C:\WINDOWS\system32\drivers\SWDUMon.sys [2008/04/13 11:39:54 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swenum.sys [2008/04/13 11:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys [2008/04/13 12:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys [2008/04/13 11:40:52 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tape.sys [2008/04/13 12:20:18 | 000,361,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip.sys [2008/04/13 12:00:04 | 000,225,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys [2008/04/13 12:00:06 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdi.sys [2008/04/13 19:21:50 | 000,012,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdpipe.sys [2011/12/15 10:57:39 | 000,752,128 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tdrpm273.sys [2008/04/13 19:21:50 | 000,021,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdtcp.sys [2008/04/13 19:21:50 | 000,040,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\termdd.sys [2011/12/15 10:57:38 | 000,581,984 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\timntr.sys [2006/03/02 09:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tosdvd.sys [2006/03/02 09:00:00 | 000,021,376 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [2008/04/13 11:56:02 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tunmp.sys [2008/04/13 11:36:42 | 000,044,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\uagp35.sys [2008/04/13 11:32:38 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\udfs.sys [2008/04/13 11:39:48 | 000,384,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\update.sys [2008/04/13 11:56:50 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys [2008/04/13 11:56:50 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023x.sys [2008/04/13 11:45:42 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd.sys [2008/04/13 11:45:42 | 000,025,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd2.sys [2008/04/13 11:45:40 | 000,032,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbccgp.sys [2006/03/02 09:00:00 | 000,004,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbd.sys [2008/04/13 11:45:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys [2008/04/13 11:45:38 | 000,059,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbhub.sys [2008/04/13 11:45:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbintel.sys [2008/04/13 11:45:38 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbport.sys [2008/04/13 11:45:40 | 000,026,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBSTOR.SYS [2008/04/13 11:45:36 | 000,020,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbuhci.sys [2008/04/13 11:46:22 | 000,121,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbvideo.sys [2008/04/13 19:20:42 | 000,011,325 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll [2006/03/02 09:00:00 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [2008/04/13 11:44:42 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vga.sys [2008/04/13 11:36:42 | 000,042,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\viaagp.sys [2008/04/13 11:44:42 | 000,081,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\videoprt.sys [2008/04/13 18:53:02 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\volsnap.sys [2008/04/13 11:43:56 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wacompen.sys [2008/04/13 09:34:28 | 000,011,807 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wadv07nt.sys [2008/04/13 09:34:28 | 000,011,295 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wadv08nt.sys [2008/04/13 09:34:28 | 000,011,871 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wadv09nt.sys [2008/04/13 09:34:30 | 000,011,935 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wadv11nt.sys [2008/04/13 11:57:22 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wanarp.sys [2008/04/13 09:34:30 | 000,022,271 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\watv06nt.sys [2008/04/13 09:34:30 | 000,025,471 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\watv10nt.sys [2008/04/13 12:17:20 | 000,083,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys [2006/03/02 09:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmilib.sys [2004/08/11 01:45:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wpdusb.sys [2006/03/02 09:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %PROGRAMFILES%\*.* > Invalid Environment Variable: LOCALAPPDATA Invalid Environment Variable: LOCALAPPDATA Invalid Environment Variable: LOCALAPPDATA Invalid Environment Variable: LOCALAPPDATA Invalid Environment Variable: LOCALAPPDATA < %USERPROFILE%\*.exe > < %USERPROFILE%\*.txt > < %USERPROFILE%\*.ini > [2012/01/16 14:33:31 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\f003589\ntuser.ini < %USERPROFILE%\*.dll > < %USERPROFILE%\*.dat /30 > [2012/01/16 14:33:31 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\f003589\NTUSER.DAT < %systemroot%\system32\tasks\*.* /s /64 > < %windir%\tasks\*.* /s > [2012/01/07 12:23:00 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2006/03/02 09:00:00 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\tasks\desktop.ini [2012/01/18 14:27:03 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/01/19 12:27:01 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/01/16 07:32:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012/01/19 13:00:00 | 000,000,470 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{574B30E2-4577-4F9C-A381-753CAB709F73}.job [2012/01/19 10:28:22 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A1D022CB-E4A2-40A5-94EB-036A15C5A62D}.job [2012/01/19 13:00:00 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F855FE1F-9329-4BCE-A55D-319E65995CB4}.job < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections > "DefaultConnectionSettings" = [binary data over 100 bytes] "SavedLegacySettings" = [binary data over 100 bytes] < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations > < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments > < HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP > < MD5 for: IEXPLORE.EXE > [2008/04/13 19:21:02 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=04CABAD69BE78EB9C03CD4346D776DA5 -- C:\WINDOWS\ie8\iexplore.exe [2008/04/13 19:21:02 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=04CABAD69BE78EB9C03CD4346D776DA5 -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe [2006/03/02 09:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=69E3202DCB3F4C432262100A2175BDD5 -- C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Arquivos de programas\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:9B05E988_Bb.gbp @Alternate Data Stream - 157 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst < End of report > Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 19, 2012 Boa Tarde! Edvan ################## | Upload | Favor enviar o arquivo: C:\UsbFix_Upload_Me_FUN0055.zip http://eldesaparecido.com/upload.html Obrigado pela sua contribuição. ################## | E.O.F | |- Contribua enviando o arquivo ( UsbFix_Upload_Me_FUN0055.zip ) ao link sugerido. ////°°°°//// |- Baixe: < RogueKiller > ( ... par tigzy ) |- Salve-o no desktop! |- Feche aplicativos que estejam abertos! |- Abra a ferramenta RogueKiller e lance a opção 2. Suppression ou Delete. |- Poste: RKreport[1].txt ////°°°°//// |- Execute o OTL.exe. |- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" ) :OTLSRV - (HidServ) -- File not found IE - HKU\S-1-5-21-2586132527-314635491-3328972525-21404\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FE F5 C5 EA FC D5 CC 01 [binary data] O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\RunOnce: [] File not found O33 - MountPoints2\{00ad3711-2ca3-11e1-a031-7071bc658018}\Shell - "" = AutoRun O33 - MountPoints2\{00ad3711-2ca3-11e1-a031-7071bc658018}\Shell\AutoRun\command - "" = E:\AutoRun.exe [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] :Commands [emptyflash] [emptytemp] [reboot] |- Clique no botão Consertar. |- Ps: A ferramenta irá reiniciar o computador. |- Ao surgir,clique em executar. |- Poste o relatório: C:\_OTL\MovedFiles\*.log Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Janeiro 19, 2012 Boa Tarde! Edvan ################## | Upload | Favor enviar o arquivo: C:\UsbFix_Upload_Me_FUN0055.zip http://eldesaparecido.com/upload.html Obrigado pela sua contribuição. ################## | E.O.F | |- Contribua enviando o arquivo ( UsbFix_Upload_Me_FUN0055.zip ) ao link sugerido. Boa tarde Digram; Esse arquivo é muito grande para fazer o upload dele, ele está com 1,19GB, posso excluir ele direto? All processes killed ========== OTL ========== Service HidServ stopped successfully! Service HidServ deleted successfully! File File not found not found. HKU\S-1-5-21-2586132527-314635491-3328972525-21404\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00ad3711-2ca3-11e1-a031-7071bc658018}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00ad3711-2ca3-11e1-a031-7071bc658018}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00ad3711-2ca3-11e1-a031-7071bc658018}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00ad3711-2ca3-11e1-a031-7071bc658018}\ not found. File E:\AutoRun.exe not found. C:\WINDOWS\002913_.tmp deleted successfully. C:\WINDOWS\SET25.tmp deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. C:\WINDOWS\SET4.tmp deleted successfully. C:\WINDOWS\SET8.tmp deleted successfully. C:\WINDOWS\System32\CONFIG.TMP deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: Administrador User: All Users User: Default User User: f003589 ->Flash cache emptied: 470 bytes User: Fun0055 User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: Administrador ->Temp folder emptied: 667644 bytes ->Temporary Internet Files folder emptied: 6705481 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: f003589 ->Temp folder emptied: 21710792 bytes ->Temporary Internet Files folder emptied: 50317736 bytes ->FireFox cache emptied: 54702603 bytes ->Flash cache emptied: 0 bytes User: Fun0055 ->Temp folder emptied: 728055224 bytes ->Temporary Internet Files folder emptied: 6226280 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 328864 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1317730 bytes RecycleBin emptied: 216065 bytes Total Files Cleaned = 830,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 01192012_145437 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... ................................................... RogueKiller V6.2.4 [01/12/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: f003589 [Admin rights] Mode: Remove -- Date : 01/19/2012 14:50:26 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 1 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 83b749a7f23739dc11ed23d7fabe0699 [bSP] 0371758ea59b3510627f81cf169b3875 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 63 | Size: 250048 Mo 1 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 488376000 | Size: 8 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 19, 2012 Boa Tarde! Edvan Esse arquivo é muito grande para fazer o upload dele, ele está com 1,19GB, posso excluir ele direto? |- Sim! Pode deletar essa pasta ou arquivo. ////°°°°//// |- Abra o OTL.exe -> Clique em Limpeza. <-- Confirme! |- Ps: O computador irá reiniciar! ////°°°°//// |- Informe a situação da máquina! |- Poste: HijackThis atualizado! Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Janeiro 19, 2012 Olá Digram! A maquina está bem melhor amigo.. :thumbsup: O que estava ocasionando esses travamentos era virus de pendrive mesmo? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:12:57, on 19/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\ARQUIV~1\GbPlugin\GbpSv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedul2.exe C:\Arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe C:\Arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe C:\Arquivos de programas\SlimDrivers\SlimDrivers.exe C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [Acronis Serviço Scheduler2] "C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Arquivos de programas\Arquivos comuns\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [slimDrivers] "C:\Arquivos de programas\SlimDrivers\SlimDrivers.exe" -boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} (SurveillanceCtrl Control) - http://fabiodvr1.sytes.net:37779/webrec.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Acronis Serviço Scheduler2 (AcrSch2Svc) - Acronis - C:\Arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedul2.exe O23 - Service: Serviço de Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Arquivos de programas\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8413 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 19, 2012 Boa Noite! Edvan O que estava ocasionando esses travamentos era virus de pendrive mesmo? |- Sim! Havia,basicamente,infecções por worms de pendrive. |- Ps: Recomendo formatar o pendrive que infectou seu computador! ////°°°°//// |- Baixe: < > (...par A.Rothstein & dj Quiou ) |- Clique em "Télécharger",para o download. |- Salve-o no desktop! |- Feche programas que estejam abertos,e execute a ferramenta. |- Clique no botão Recherche,para iniciar o scan. |- Ao concluir,teremos relacionados as ferramentas que serão removidas. |- Clique,à seguir,no botão "Supression" para remover os itens encontrados. |- Clique em Quitter para sair! --> OK. |- Caso queira,poste os relatórios: Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) |- Selecione e copie para o Bloco de Notas. ////°°°°//// |- Seus logs estão limpos! Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Janeiro 19, 2012 Então rapaz, minha pergunta era justamente essa, porque sempre surge pessoas aqui com pendrives infectados, então queria saber de você uma forma de conectar um pendrive que esteja infectado na minha maquina sem que a mesma pegue virus.. entendeu?? P.S: Esses dias precisei usar essa dica do link abaixo para remover um virus do pendrive, só que acabei me prejudicando... sera que conectar o pendriver infectado numa MV (maquina virtual) resolve?: Link: http://www.tecmundo.com.br/6544-como-remover-virus-de-pendrive-que-converte-arquivos-e-pastas-em-atalhos.htm [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\HijackThis.exe: trouvé ! C:\hijackthis.log: trouvé ! C:\UsbFix: trouvé ! --------------------------------- --> Suppression: C:\HijackThis.exe: supprimé ! C:\hijackthis.log: supprimé ! C:\UsbFix: supprimé ! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 19, 2012 Boa Noite! Edvan P.S: Esses dias precisei usar essa dica do link abaixo para remover um virus do pendrive, só que acabei me prejudicando... sera que conectar o pendriver infectado numa MV (maquina virtual) resolve?: |- Essa é uma boa opção,mas não seria o caso de utilizarmos uma granada para matar uma barata? |- A melhor forma de se proteger do Vírus de pendrive é desativando o Auto-executar do Windows. |- Vá em Iniciar --> Executar --> Digite: gpedit.msc |- Diretiva Computador Local --> Configurações do Computador --> Modelos Administrativos --> Sistema. |- No Painel direito,dê um duplo-clique em Desativar Auto-Executar. |- Marque: Ativado --> Selecione: Todas as unidades --> Ok. |- Assim,você não será infectado ao conectar pendrives infectados. |- Caso queira um utilitário que faça isso de modo automático,temos o "AutoPlayConfig". |- Acesse este endereço: < Vírus em pendrive > |- Baixe: AutoPlayConfig.zip,para o seu desktop. <- Descompacte-o! |- Ps: Siga as recomendações do Tutorial,ao utilizá-lo! |- Ps: A grande vantagem,é a extrema simplicidade de ativar e/ou desativar a autoexecução. |- Complemente sua proteção,vacinando seu PC. |- O UsbFix,se não me engano,já implementou esse recurso. |- Mais informes! < Ocorrencias > < Tutorial > < Coletâneas > Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Janeiro 20, 2012 Valeu Digram pode fechar o tópico amigo! :thumbsup: Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 20, 2012 Valeu Digram pode fechar o tópico amigo! :thumbsup: Opa! Caro Edvan |- Somente este esclarecimento! ////°°°°//// P.S: Esses dias precisei usar essa dica do link abaixo para remover um virus do pendrive, só que acabei me prejudicando... sera que conectar o pendriver infectado numa MV (maquina virtual) resolve?:Link: http://www.tecmundo....-em-atalhos.htm |- Expor os arquivos ocultos,do pendrive,utilizando o comando attrib é uma boa tentativa de remover manualmente os arquivos maliciosos. |- Ps: O que falhou no seu caso? Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Janeiro 20, 2012 Opa!! então Digram nao falhou, eu conseguir remover os virus e recuperar todas as pastas que estavam como atalhos por conta do virus, usei o comando attrib -h -r -s /s /d F:\*.*, esse comando mostrou minhas pastas originais e as pastas que estavam como atalhos daí eu excluir manualmente as pastas infectadas, deixando só as pastas originais.. Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 20, 2012 Opa!! então Digram nao falhou, eu conseguir remover os virus e recuperar todas as pastas que estavam como atalhos por conta do virus, usei o comando attrib -h -r -s /s /d F:\*.*, esse comando mostrou minhas pastas originais e as pastas que estavam como atalhos daí eu excluir manualmente as pastas infectadas, deixando só as pastas originais.. Valeuu...Edvan. |- Boa dica para os usuários! :thumbsup: |- Baixou o AutoPlayConfig? Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Edvan 30 Denunciar post Postado Janeiro 20, 2012 Sim, já estou usando o AutoPlayConfig, valeu pelas dicas amigo.. Um abraço. :thumbsup: Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 21, 2012 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites
