Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 5 usuários online :: 0 registrados, 0 invisíveis e 5 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Help! Perdida com os mais de 100 vírus detectados pelo Avira AntiVir...
3 participantes
Página 1 de 1
Help! Perdida com os mais de 100 vírus detectados pelo Avira AntiVir...
[b]Olá, bom dia!
Tenho o meu pc há muito tempo, uns quatro anos, mas nunca passei nada de antivirus. Porém tenho notado ele muito lento, decidi passar o Avira AntiVir que detectou 110 ameaças. Como não faço a mínima idéia de como proceder depois de passar o antivirus decidi postar aqui para pedir uma ajuda.
Agradeço desde já,
Fernanda
DDS (Ver_10-03-17.01) - NTFSx86
Run by Fernanda at 16:55:59,10 on dom 01/01/2006
Internet Explorer: 6.0.2600.0000 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.0.1252.55.1046.18.1215.621 [GMT -3]
============== Running Processes ===============
E:\ARQUIV~1\GbPlugin\GbpSv.exe
E:\WINDOWS\system32\svchost -k rpcss
E:\WINDOWS\System32\svchost.exe -k netsvcs
E:\WINDOWS\System32\svchost.exe -k NetworkService
E:\WINDOWS\System32\svchost.exe -k LocalService
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
E:\WINDOWS\System32\VTTimer.exe
E:\WINDOWS\System32\VTtrayp.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Arquivos de programas\Java\jre6\bin\jusched.exe
E:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
E:\Arquivos de programas\Java\jre6\bin\jqs.exe
E:\WINDOWS\System32\svchost.exe -k imgsvc
E:\WINDOWS\System32\wdfmgr.exe
E:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
E:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe
E:\WINDOWS\System32\wuauclt.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe
E:\Arquivos de programas\Spyware Terminator\sp_rsser.exe
E:\Documents and Settings\Fernanda\Desktop\dds.scr
E:\WINDOWS\System32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uSearch Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uSearch Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uDefault_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uSearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uSearchURL,(Default) = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: {013a653b-49a6-4f76-8b68-e4875ea6ba54} - e:\windows\system32\cikubajj.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - e:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelper.dll
BHO: PsapiAnalyzer Object: {0a07916b-b841-4184-aad5-06fe2f75788c} - e:\windows\registration\crmlog\font.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - e:\arquiv~1\crawler\toolbar\ctbr.dll
BHO: ssh2 Class: {2e3c3651-b19c-4dd9-a979-901ec3e930af} - e:\arquivos de programas\scpad\scpsssh2.dll
BHO: Need2Find Bar BHO: {4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} - e:\arquivos de programas\need2find\bar\1.bin\ND2FNBAR.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - e:\arquivos de programas\java\jre6\bin\ssv.dll
BHO: {871a54c1-1eb3-48bd-a879-5dba4ef16be6} - e:\windows\system32\lwdbgvwe.dll
BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - e:\arquiv~1\gbplugin\gbiehabn.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Barra de Ferramentas &Crawler: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - e:\arquiv~1\crawler\toolbar\ctbr.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Faixa de mídia: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
uRun: [CTFMON.EXE] e:\windows\system32\ctfmon.exe
uRun: [PcSync] e:\arquivos de programas\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "e:\arquivos de programas\arquivos comuns\ahead\lib\NMBgMonitor.exe"
uRun: [Steam] "e:\arquivos de programas\steam\Steam.exe" -silent
uRun: [ares] "e:\arquivos de programas\ares\Ares.exe" -h
uRun: [Picasa Media Detector] e:\arquivos de programas\picasa2\PicasaMediaDetector.exe
uRun: [SpywareTerminatorUpdate] "e:\arquivos de programas\spyware terminator\SpywareTerminatorUpdate.exe"
mRun: [VTTimer] VTTimer.exe
mRun: [VTTrayp] VTtrayp.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NeroFilterCheck] e:\arquivos de programas\arquivos comuns\ahead\lib\NeroCheck.exe
mRun: [AVG7_CC] e:\arquiv~1\grisoft\avgfre~1\avgcc.exe /STARTUP
mRun: [SunJavaUpdateSched] "e:\arquivos de programas\java\jre6\bin\jusched.exe"
mRun: [\windows\siswin.exe] \windows\siswin.exe
mRun: [ISUSPM Startup] "e:\arquivos de programas\arquivos comuns\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "e:\arquivos de programas\arquivos comuns\installshield\updateservice\issch.exe" -start
mRun: [ABAEnglish MiniCourse] c:\abaenglishminicourse\ABAEnglishMiniCourse.exe
mRun: [Adobe Reader Speed Launcher] "e:\arquivos de programas\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [avgnt] "e:\arquivos de programas\avira\antivir desktop\avgnt.exe" /min
dRun: [CTFMON.EXE] e:\windows\system32\CTFMON.EXE
dRun: [AVG7_Run] e:\arquiv~1\grisoft\avgfre~1\avgw.exe /RUNONCE
StartupFolder: e:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\micros~1.lnk - e:\arquivos de programas\microsoft office\office10\OSA.EXE
IE: &Download All using 4shared Desktop - e:\arquivos de programas\4shared desktop\down_all.htm
IE: &Search - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: Crawler Search - tbr:iemenu
IE: E&xportar para o Microsoft Excel - e:\arquiv~1\micros~2\office10\EXCEL.EXE/3000
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
DPF: {4B48D5DF-9021-45F7-A240-60304302A215} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
TCP: {C7400E71-916D-4087-8C92-1A9E4D9CB971} = 192.168.6.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - e:\arquivos de programas\arquivos comuns\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - e:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - e:\arquiv~1\crawler\toolbar\ctbr.dll
Notify: GbPluginAbn - e:\arquiv~1\gbplugin\gbiehabn.dll
Notify: font - e:\windows\registration\crmlog\font.dll
SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - e:\arquivos de programas\scpad\scpLIB.dll
STS: compIB Class: {a3717295-941d-416f-9384-ed1736729f1c} - e:\arquivos de programas\scpad\scpLIB.dll
SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - e:\arquiv~1\gbplugin\gbiehabn.dll
SecurityProviders: msapsspc.dll, schannel.dll, msnsspc.dll, digest.dll
================= FIREFOX ===================
FF - ProfilePath - e:\docume~1\fernanda\dadosd~1\mozilla\firefox\profiles\9g6xlap9.default\
FF - prefs.js: browser.search.defaulturl - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF - prefs.js: keyword.URL -
FF - plugin: e:\arquivos de programas\google\google earth\plugin\npgeplugin.dll
FF - plugin: e:\arquivos de programas\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: e:\arquivos de programas\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: e:\arquivos de programas\picasa2\npPicasa2.dll
FF - plugin: e:\documents and settings\fernanda\dados de aplicativos\mozilla\firefox\profiles\9g6xlap9.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: e:\documents and settings\fernanda\meus documentos\minhas imagens\2008-11-20\nova pasta\google\picasa3\npPicasa2.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 avgntmgr;avgntmgr;e:\windows\system32\drivers\avgntmgr.sys [2006-1-1 22360]
R0 GbpKm;Gbp KernelMode;e:\windows\system32\drivers\GbpKm.sys [2009-4-28 31080]
R1 Avg7RsW;AVG7 Wrap Driver;e:\windows\system32\drivers\avg7rsw.sys [2006-8-4 4288]
R1 avgntdd;avgntdd;e:\windows\system32\drivers\avgntdd.sys [2006-1-1 45416]
R1 sp_rsdrv2;Spyware Terminator Driver 2;e:\windows\system32\drivers\sp_rsdrv2.sys [2006-1-1 142592]
R2 AntiVirSchedulerService;Avira AntiVir Programador;e:\arquivos de programas\avira\antivir desktop\sched.exe [2006-1-1 108289]
R2 AntiVirService;Avira AntiVir Guard;e:\arquivos de programas\avira\antivir desktop\avguard.exe [2006-1-1 185089]
R2 AvgTdi;AVG Network Redirector;e:\windows\system32\drivers\avgtdi.sys [2006-8-4 4992]
R2 GbpSv;Gbp Service;e:\arquiv~1\gbplugin\GbpSv.exe [2009-11-23 54376]
S1 Avg7Core;AVG7 Kernel;e:\windows\system32\drivers\avg7core.sys [2006-8-4 778656]
S1 Avg7RsXP;AVG7 Resident Driver XP;e:\windows\system32\drivers\avg7rsxp.sys [2006-8-4 27904]
S2 Avg7Alrt;AVG7 Alert Manager Server;e:\arquiv~1\grisoft\avgfre~1\avgamsvr.exe --> e:\arquiv~1\grisoft\avgfre~1\avgamsvr.exe [?]
S2 Avg7UpdSvc;AVG7 Update Service;e:\arquiv~1\grisoft\avgfre~1\avgupsvc.exe --> e:\arquiv~1\grisoft\avgfre~1\avgupsvc.exe [?]
S2 AVGEMS;AVG E-mail Scanner;e:\arquiv~1\grisoft\avgfre~1\avgemc.exe --> e:\arquiv~1\grisoft\avgfre~1\avgemc.exe [?]
S2 gupdate;Google Update Service (gupdate);e:\arquivos de programas\google\update\GoogleUpdate.exe [2010-6-20 136176]
S3 DCamUSBPremier;USB Video Camera;e:\windows\system32\drivers\MPIXVID.SYS [2006-9-1 81921]
S3 usb2vcom;DKU-5 Connectivity Adapter Cable;e:\windows\system32\drivers\usb2vcom.sys [2006-11-18 30272]
============== File Associations ===============
regfile="regedit.exe" "%1"
=============== Created Last 30 ================
2010-08-04 20:02:53 26 ----a-w- e:\windows\WAR2R.INI
2010-08-01 18:50:58 421888 ----a-w- e:\windows\system32\ac3filter.acm
2010-08-01 18:50:42 0 dc----w- e:\arquivos de programas\XP Codec Pack
2010-07-04 00:24:39 0 d-----w- e:\docume~1\fernanda\dadosd~1\DVD Flick
2010-07-04 00:09:42 81920 ----a-w- e:\windows\system32\mbmouse.ocx
2010-07-04 00:09:42 36864 ----a-w- e:\windows\system32\trayicon.ocx
2010-07-04 00:09:39 662288 ----a-w- e:\windows\system32\mscomct2.ocx
2010-07-04 00:09:39 212240 ----a-w- e:\windows\system32\richtx32.ocx
2010-07-02 15:44:55 0 dc----w- e:\arquivos de programas\Conduit
2010-06-04 15:13:39 165376 ----a-w- e:\windows\system32\unrar.dll
2010-06-04 15:13:38 38 ----a-w- e:\windows\avisplitter.ini
2010-06-04 15:13:36 232448 ----a-w- e:\windows\system32\mp3fhg.acm
2010-06-04 15:13:36 151552 ----a-w- e:\windows\system32\ac3acm.acm
2010-06-04 15:13:35 217088 ----a-w- e:\windows\system32\yv12vfw.dll
2010-06-04 15:13:34 94208 ----a-w- e:\windows\system32\dpl100.dll
2010-06-04 15:13:34 881664 ----a-w- e:\windows\system32\xvidcore.dll
2010-06-04 15:13:34 720384 ----a-w- e:\windows\system32\divx.dll
2010-06-04 15:13:34 205824 ----a-w- e:\windows\system32\xvidvfw.dll
2010-06-04 15:13:25 0 dc----w- e:\arquivos de programas\K-Lite Codec Pack
2010-06-04 15:12:10 0 dc----w- e:\arquivos de programas\Ares
2010-06-04 14:51:05 0 dc----w- E:\My Shared Folder
2010-05-09 12:34:20 0 dc----w- e:\arquivos de programas\Picasa2
2010-04-04 06:01:51 0 d-----w- e:\windows\048298C9A4D3490B9FF9AB023A9238F3.TMP
2010-04-04 05:29:56 0 dc----w- e:\arquivos de programas\PokerStars
2010-04-01 05:00:19 0 d-----w- e:\windows\LogFiles
2010-03-12 22:18:28 0 dc----w- e:\arquivos de programas\FreeTime
2009-11-24 14:24:00 0 dc----w- e:\arquivos de programas\TagScanner
2009-11-24 14:13:08 0 dc----w- e:\arquivos de programas\GCstar
2009-07-09 00:28:14 0 dc----w- E:\videos
2009-06-24 14:39:26 1003520 ----a-w- e:\windows\system32\VSFilter.dll
2009-05-22 16:54:18 0 dc----w- e:\arquivos de programas\Real Alternative
2009-05-22 16:53:34 0 d-----w- e:\docume~1\fernanda\dadosd~1\uTorrent
2009-04-28 19:51:34 31080 ----a-w- e:\windows\system32\drivers\GbpKm.sys
2009-04-13 01:57:28 225280 ----a-w- e:\windows\system32\rewire.dll
2009-04-13 01:57:13 1294336 ----a-w- e:\windows\system32\vorbis.acm
2009-04-13 01:56:18 0 dc----w- e:\arquivos de programas\Outsim
2009-04-13 01:53:51 0 dc----w- e:\arquivos de programas\Image-Line
2009-03-24 00:41:27 0 dc----w- e:\arquivos de programas\InterActual
2009-03-22 22:29:42 279 -c--a-w- E:\Atalho para Disco local (E).lnk
2009-03-10 23:24:54 303616 ----a-w- e:\windows\IsUninst.exe
2009-02-17 03:37:40 0 d-----w- e:\docume~1\fernanda\dadosd~1\Downloaded Installations
2009-02-10 06:07:54 0 dc----w- e:\arquivos de programas\Yamaha
2009-02-10 06:07:35 0 d-----w- e:\windows\Downloaded Installations
2009-02-06 23:31:33 210032 ----a-w- e:\windows\system32\DBCLIENT.DLL
2009-02-06 23:31:33 183808 ----a-w- e:\windows\system32\BDEADMIN.CPL
2009-02-06 23:31:33 0 dc----w- e:\arquivos de programas\arquivos comuns\Borland Shared
2009-02-06 07:36:10 77878 ----a-w- e:\windows\system32\temp.005
2009-02-06 07:36:10 77878 ----a-w- e:\windows\system32\temp.002
2009-02-06 07:36:10 65024 ----a-w- e:\windows\system32\temp.003
2009-02-06 07:36:10 65024 ----a-w- e:\windows\system32\temp.000
2009-02-06 07:36:10 152064 ----a-w- e:\windows\system32\temp.004
2009-02-06 07:36:10 152064 ----a-w- e:\windows\system32\temp.001
2009-02-06 07:36:05 132096 ----a-w- e:\windows\system32\ZipDLL.dll
2009-02-06 07:36:05 117760 ----a-w- e:\windows\system32\Unzdll.dll
2009-02-06 07:36:03 0 dc----w- e:\arquivos de programas\arquivos comuns\Opus Shared
2009-02-04 23:45:52 410984 ----a-w- e:\windows\system32\deploytk.dll
2009-02-02 06:18:14 0 dc----w- e:\arquivos de programas\Mediafour
2009-01-23 00:15:58 98304 ----a-w- e:\windows\system32\CmdLineExt.dll
2009-01-22 01:33:43 151 ----a-w- e:\windows\PhotoSnapViewer.INI
2009-01-18 05:21:22 0 dc----w- e:\arquivos de programas\Valve
2009-01-17 23:10:06 630 ----a-w- e:\documents and settings\fernanda\default.pls
2009-01-17 22:46:12 0 dc----w- e:\arquivos de programas\Nero
2009-01-17 22:46:12 0 dc----w- e:\arquivos de programas\arquivos comuns\Ahead
2009-01-17 22:46:12 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Nero
2008-12-19 16:26:06 2625536 ----a-w- e:\windows\system32\ffdshow.ax
2008-12-19 15:15:58 4338246 ----a-w- e:\windows\system32\libavcodec.dll
2008-12-19 02:21:04 0 d-s---w- e:\windows\system32\Microsoft
2008-12-19 02:20:23 0 d-----w- e:\windows\system32\Adobe
2008-12-17 21:00:41 0 d--h--w- e:\windows\PIF
2008-12-17 17:41:18 884237 ----a-w- e:\windows\system32\ff_x264.dll
2008-12-17 17:22:58 93184 ----a-w- e:\windows\system32\ff_wmv9.dll
2008-12-17 17:22:48 57344 ----a-w- e:\windows\system32\ff_vfw.dll
2008-12-17 17:17:34 239247 ----a-w- e:\windows\system32\ff_theora.dll
2008-12-17 16:59:54 560802 ----a-w- e:\windows\system32\libmplayer.dll
2008-12-11 11:27:02 547 ----a-w- e:\windows\system32\ffdshow.ax.manifest
2008-12-11 11:27:02 547 ----a-w- e:\windows\system32\ff_vfw.dll.manifest
2008-12-06 21:49:34 7335872 -c--a-w- e:\arquivos de programas\Firefox Setup 3.0.4.exe
2008-12-06 20:19:05 0 d-----w- e:\windows\system32\IOSUBSYS
2008-12-06 20:15:59 6108728 -c--a-w- e:\arquivos de programas\picasaweb-current-setup.exe
2008-12-06 16:12:06 0 dc----w- E:\Programs
2008-12-06 16:12:01 0 dc----w- E:\Plugins
2008-12-06 16:11:39 0 dc----w- E:\Phnom Penh Image Scaler
2008-12-06 16:11:39 0 dc----w- E:\Paraben
2008-12-06 16:11:38 0 dc----w- E:\Outlook Express
2008-12-06 16:10:34 0 dc----w- E:\NetMeeting
2008-12-06 16:10:33 0 dc----w- E:\MYMA Decoder and Viewer
2008-12-06 16:10:33 0 dc----w- E:\Multi_Media_Brazil
2008-12-06 16:09:56 0 dc----w- E:\Mozilla Firefox
2008-12-06 16:09:56 0 dc----w- E:\Movie Maker
2008-12-06 16:08:41 0 dc----w- E:\Microsoft Office
2008-12-06 16:08:41 0 dc----w- E:\microsoft frontpage
2008-12-06 16:07:54 0 dc----w- E:\Languages
2008-12-06 16:07:54 0 dc----w- E:\KrachaMaker
2008-12-06 16:07:54 0 dc----w- E:\Kaspersky Lab
2008-12-06 16:06:47 0 dc----w- E:\Java
2008-12-06 16:06:46 0 dc----w- E:\Internet Explorer
2008-12-06 16:06:45 0 dc-h--w- E:\InstallShield Installation Information
2008-12-06 16:06:45 0 dc----w- E:\Grisoft
2008-12-06 16:06:44 0 dc----w- E:\Google
2008-11-07 15:25:04 4648960 ----a-w- e:\windows\system32\ls9-qt-mt336.dll
2008-11-07 15:25:00 94208 ----a-w- e:\windows\system32\ls9_utilities.dll
2008-11-07 15:25:00 917504 ----a-w- e:\windows\system32\ls9_console.dll
2008-11-07 15:25:00 81920 ----a-w- e:\windows\system32\ls9_memapi.dll
2008-11-07 15:25:00 57344 ----a-w- e:\windows\system32\ls9_transport.dll
2008-11-07 15:25:00 45056 ----a-w- e:\windows\system32\ls9_qtoptserver.dll
2008-11-07 15:25:00 1507328 ----a-w- e:\windows\system32\ls9_widgets.dll
2008-11-07 13:49:12 77824 ----a-w- e:\windows\system32\m7cl_utilities.dll
2008-11-07 13:49:12 69632 ----a-w- e:\windows\system32\m7cl_memapi.dll
2008-11-07 13:49:12 4628480 ----a-w- e:\windows\system32\m7cl-qt-mt333.dll
2008-11-07 13:49:12 45056 ----a-w- e:\windows\system32\m7cl_transport.dll
2008-11-07 13:49:12 36864 ----a-w- e:\windows\system32\m7cl_qtoptserver.dll
2008-11-07 13:49:12 1310720 ----a-w- e:\windows\system32\m7cl_widgets.dll
2008-11-07 13:49:10 765952 ----a-w- e:\windows\system32\m7cl_console.dll
2008-10-23 02:03:55 220160 -c--a-w- e:\windows\system32\dllcache\srrstr.dll
2008-10-23 02:03:55 220160 ----a-w- e:\windows\system32\srrstr.dll
2008-09-26 03:02:18 456656 ----a-w- e:\documents and settings\fernanda\mmp3.mp3
2008-09-26 02:56:01 0 d-----w- e:\docume~1\fernanda\dadosd~1\AccurateRip
2008-09-26 02:55:46 5052280 ----a-w- e:\windows\system32\SpoonUninstall.exe
2008-09-18 12:11:11 246784 ----a-w- e:\windows\system32\ActiveSkin.ocx
2008-09-18 12:11:11 112 ----a-w- e:\windows\ActiveSkin.INI
2008-07-31 22:17:04 43872 ----a-w- e:\windows\system32\drivers\pxhelp20.sys
2008-07-30 13:47:46 33792 -csha-w- E:\Thumbs.db
2008-07-29 08:58:12 589824 ----a-w- e:\windows\system32\AXPBObjects.dll
2008-06-03 21:39:56 7552 -c--a-w- e:\windows\system32\dllcache\sonypvu1.sys
2008-06-03 21:39:56 7552 ----a-w- e:\windows\system32\drivers\SONYPVU1.SYS
2008-05-27 02:00:15 0 d-----w- e:\docume~1\alluse~1\dadosd~1\VistaCodecs
2008-05-21 12:02:39 0 d-----w- e:\arquivos de programas\GbPlugin
2008-05-21 12:01:00 0 d-----w- e:\docume~1\alluse~1\dadosd~1\GbPlugin
2008-05-15 23:34:32 17408 ----a-w- e:\windows\system32\smh-qtoptserver.dll
2008-05-15 23:34:20 5607424 ----a-w- e:\windows\system32\smh-qt-mt336.dll
2008-05-13 01:12:11 14556 ----a-w- e:\windows\FontData.fdb
2008-05-13 00:32:46 104 --sh--r- e:\windows\system32\87553A18B2.sys
2008-05-13 00:13:29 0 d-----w- e:\windows\system32\appmgmt
2008-05-12 23:58:15 3350 --sha-w- e:\windows\system32\KGyGaAvL.sys
2008-05-05 04:14:56 947 ----a-w- e:\documents and settings\fernanda\Instructions.nfo
2008-05-05 04:14:56 253952 ----a-w- e:\documents and settings\fernanda\setup.exe
2008-05-05 04:14:56 1822520 ----a-w- e:\documents and settings\fernanda\instmsiw.exe
2008-05-05 04:14:56 1139008 ----a-w- e:\documents and settings\fernanda\mobile PhoneTools.msi
2008-05-05 04:14:55 5495 ----a-w- e:\documents and settings\fernanda\0x0409.ini
2008-05-05 04:14:55 27 ----a-w- e:\documents and settings\fernanda\Autorun.inf
2008-05-05 04:14:55 1708856 ----a-w- e:\documents and settings\fernanda\instmsia.exe
2008-05-05 04:14:55 0 d-----w- e:\documents and settings\fernanda\Windows
2008-05-05 04:14:33 0 d-----w- e:\documents and settings\fernanda\program files
2008-05-05 03:27:07 0 d-----r- e:\windows\Offline Web Pages
2008-05-05 03:24:59 56832 ----a-w- e:\windows\system32\mshtmler.dll
2008-05-04 18:54:14 0 d--h--w- E:\DBBackup
2008-05-04 18:46:51 0 d-----w- e:\arquivos de programas\Need2Find
2008-05-04 18:34:12 10 ----a-w- e:\windows\smdat32m.sys
2008-05-04 18:34:12 0 ----a-w- e:\windows\smdat32a.sys
2008-05-04 18:34:09 0 d-----w- E:\Program Files
2008-04-30 16:49:43 5361 ----a-w- e:\windows\DesinstWRecnet.ini
2008-04-30 16:49:43 128000 ----a-w- e:\windows\DesinstWRecnet.exe
2008-04-30 16:49:43 122880 ----a-w- e:\windows\DesinstRecnet.exe
2008-04-24 11:48:25 0 d-----w- e:\arquivos de programas\arquivos comuns\Serviços
2008-04-24 11:38:08 0 d-----w- e:\windows\Arquivos de instalação do Windows Update
2008-04-24 11:38:00 0 d-----w- e:\windows\Histórico
2008-04-20 03:19:26 0 d-----w- e:\arquivos de programas\PC Connectivity Solution
2008-04-15 23:18:08 0 d-----w- e:\docume~1\fernanda\dadosd~1\LimeWire
2008-04-05 22:17:52 5632 ----a-w- e:\windows\system32\ptpusb.dll
2008-04-05 22:17:52 146944 ----a-w- e:\windows\system32\ptpusd.dll
2008-04-05 22:17:52 13824 -c--a-w- e:\windows\system32\dllcache\usbscan.sys
2008-04-05 22:17:52 13824 ----a-w- e:\windows\system32\drivers\usbscan.sys
2008-04-03 15:53:59 57856 ----a-w- e:\windows\system32\mpeg2data.ax
2008-02-17 21:40:00 0 d-----w- e:\arquivos de programas\arquivos comuns\ODBC
2008-02-14 21:00:41 32 ----a-w- e:\docume~1\alluse~1\dadosd~1\ezsid.dat
2008-02-14 20:59:52 0 d-----w- e:\arquivos de programas\Skype
2008-02-12 21:39:36 7174 ----a-w- e:\documents and settings\fernanda\1202852376-USBMOT2000.INF
2008-02-12 21:39:36 5891 ----a-w- e:\documents and settings\fernanda\1202852376-oem12.inf
2008-02-12 21:39:36 5877 ----a-w- e:\documents and settings\fernanda\1202852376-oem11.inf
2008-02-12 21:39:36 12828 ----a-w- e:\documents and settings\fernanda\1202852376-oem11.PNF
2008-02-12 21:39:36 12554 ----a-w- e:\documents and settings\fernanda\1202852376-oem12.PNF
2008-02-12 21:39:35 7195 ----a-w- e:\documents and settings\fernanda\1202852374-oem10.inf
2008-02-12 21:39:35 14302 ----a-w- e:\documents and settings\fernanda\1202852374-oem10.PNF
2008-02-12 20:48:34 7195 ----a-w- e:\documents and settings\fernanda\USBMOT2000.INF
2008-02-12 20:48:34 5891 ----a-w- e:\documents and settings\fernanda\USBMOT2000XP.INF
2008-02-12 20:48:34 5877 ----a-w- e:\documents and settings\fernanda\USB_CMCS_2000.INF
2008-02-12 20:48:34 24192 ----a-w- e:\documents and settings\fernanda\usbsermptxp.sys
2008-02-12 20:48:34 22768 ----a-w- e:\windows\system32\drivers\usbsermpt.sys
2008-02-12 20:48:34 22768 ----a-w- e:\documents and settings\fernanda\usbsermpt.sys
2008-02-12 20:48:18 5798 ----a-w- e:\documents and settings\fernanda\1202849298-oem12.inf
2008-02-12 20:48:18 12828 ----a-w- e:\documents and settings\fernanda\1202849297-oem11.PNF
2008-02-12 20:48:18 12474 ----a-w- e:\documents and settings\fernanda\1202849298-oem12.PNF
2008-02-12 20:48:17 7194 ----a-w- e:\documents and settings\fernanda\1202849295-oem10.inf
2008-02-12 20:48:17 5877 ----a-w- e:\documents and settings\fernanda\1202849297-oem11.inf
2008-02-12 20:48:17 14294 ----a-w- e:\documents and settings\fernanda\1202849295-oem10.PNF
2008-02-12 20:47:41 0 d-----w- e:\arquivos de programas\arquivos comuns\InstallShield
2008-01-24 19:26:38 73728 ----a-w- e:\windows\system32\javacpl.cpl
2008-01-16 20:55:21 0 d-sh--w- e:\documents and settings\all users\DRM
2008-01-16 20:31:52 0 d-----w- E:\Windows Media Player
2008-01-15 03:55:21 0 d-s---w- e:\documents and settings\fernanda\UserData
2008-01-15 03:54:34 0 d-----w- e:\documents and settings\fernanda\Contacts
2008-01-15 03:53:49 0 d-----r- e:\documents and settings\all users\Documentos
2008-01-15 03:45:53 0 d-----w- e:\documents and settings\all users\Modelos
2008-01-15 03:45:53 0 d-----w- e:\documents and settings\all users\Dados de aplicativos
2008-01-15 03:43:34 23256 ----a-w- e:\windows\system32\wucltui.dll.mui
2008-01-15 03:43:34 18144 ----a-w- e:\windows\system32\wuaueng.dll.mui
2008-01-15 03:43:34 15584 ----a-w- e:\windows\system32\wuaucpl.cpl.mui
2008-01-15 03:43:34 15584 ----a-w- e:\windows\system32\wuapi.dll.mui
2008-01-15 03:28:06 0 d-----w- e:\documents and settings\fernanda\Menu Iniciar
2008-01-15 03:28:06 0 d-----w- e:\documents and settings\all users\Menu iniciar
2008-01-15 03:28:06 0 d-----w- e:\arquivos de programas\arquivos comuns\speechengines
2008-01-15 03:28:06 0 d-----w- e:\arquivos de programas\arquivos comuns\mssoap
2008-01-15 03:28:06 0 d-----r- e:\documents and settings\fernanda\Favoritos
2008-01-15 03:28:04 0 d-----w- e:\arquivos de programas\windows nt
2008-01-15 03:28:03 0 d-----w- e:\arquivos de programas\msn gaming zone
2007-11-22 19:03:32 61474 ----a-w- e:\windows\system32\logo7.png
2007-10-07 22:15:42 380928 ----a-w- e:\windows\system32\AviSplitter.ax
2007-09-18 14:29:08 446464 ----a-w- e:\windows\system32\MatroskaSplitter.ax
2007-09-18 14:27:38 434176 ----a-w- e:\windows\system32\RealMediaSplitter.ax
2007-08-21 15:45:24 34304 --sha-w- e:\documents and settings\fernanda\Thumbs.db
2007-06-28 21:55:18 77824 ----a-w- e:\windows\system32\xvid.ax
2007-06-28 14:44:18 148992 ----a-w- e:\windows\system32\nsesetup.dll
2007-06-28 14:44:14 90624 ----a-w- e:\windows\system32\nmwcdcls.dll
2007-06-08 17:39:44 287744 ----a-w- e:\windows\system32\divxa32.acm
2007-06-01 13:23:46 972336 ----a-w- e:\windows\UNNeroMediaHome.exe
2007-05-15 12:45:14 972336 ----a-w- e:\windows\UNNeroVision.exe
2007-04-23 19:42:50 972336 ----a-w- e:\windows\UNRecode.exe
2007-03-21 00:22:04 972336 ----a-w- e:\windows\UNNeroBackItUp.exe
2007-03-05 20:00:18 95864 ----a-w- e:\windows\system32\NeroCo.dll
2007-02-28 19:41:02 972336 ----a-w- e:\windows\UNNeroShowTime.exe
2006-12-11 13:05:54 0 d-----w- e:\docume~1\fernanda\dadosd~1\EvidenceEraserPro
2006-12-11 13:05:13 1667072 ----a-w- e:\windows\setup.exe
2006-12-08 03:23:46 0 ----a-w- e:\windows\23.dat
2006-12-04 13:46:46 22969624 -c--a-w- e:\arquivos de programas\AdbeRdr708_pt_BR.exe
2006-11-20 13:20:47 268 -c-ha-w- E:\sqmdata03.sqm
2006-11-20 13:20:47 244 -c-ha-w- E:\sqmnoopt03.sqm
2006-11-19 00:36:26 30272 ----a-r- e:\windows\system32\drivers\usb2vcom.sys
2006-11-02 16:10:16 80912 ----a-w- e:\windows\system32\sherlock2.exe
2006-10-23 09:19:02 268 -c-ha-w- E:\sqmdata02.sqm
2006-10-23 09:19:02 244 -c-ha-w- E:\sqmnoopt02.sqm
2006-10-12 16:39:52 176 ----a-w- e:\windows\wininit.ini
2006-10-08 14:40:44 159744 ----a-w- e:\windows\system32\lfpng13n.dll
2006-10-06 16:49:57 244 -c-ha-w- E:\sqmnoopt01.sqm
2006-10-06 16:49:57 232 -c-ha-w- E:\sqmdata01.sqm
2006-10-06 16:30:39 244 -c-ha-w- E:\sqmnoopt00.sqm
2006-10-06 16:30:39 232 -c-ha-w- E:\sqmdata00.sqm
2006-09-26 00:17:43 3320 ----a-w- e:\windows\mozver.dat
2006-09-24 12:37:11 116 ----a-w- e:\windows\NeroDigital.ini
2006-09-24 12:10:50 69632 ----a-w- e:\windows\system32\lfgif13n.dll
2006-09-24 12:10:49 57344 ----a-w- e:\windows\system32\lfbmp13n.dll
2006-09-24 12:10:49 450560 ----a-w- e:\windows\system32\ltimg13n.dll
2006-09-24 12:10:49 401408 ----a-w- e:\windows\system32\lfcmp13n.dll
2006-09-24 12:10:49 299008 ----a-w- e:\windows\system32\ltdis13n.dll
2006-09-24 12:10:49 206336 ----a-w- e:\windows\system32\ltefx13n.dll
2006-09-24 12:10:49 163840 ----a-w- e:\windows\system32\ltfil13n.dll
2006-09-24 12:10:48 462848 ----a-w- e:\windows\system32\ltkrn13n.dll
2006-09-19 15:35:48 26272 ----a-w- e:\docume~1\fernanda\dadosd~1\GDIPFONTCACHEV1.DAT
2006-09-02 02:44:51 0 d--h--w- e:\arquivos de programas\Zero G Registry
2006-09-02 02:38:39 57344 ----a-w- e:\windows\uneng.exe
2006-09-02 02:38:38 49152 ----a-w- e:\windows\system32\cdrtc.dll
2006-09-02 02:38:38 45056 ----a-w- e:\windows\system32\cdral.dll
2006-09-02 02:31:11 21760 -c--a-w- e:\windows\system32\dllcache\usbstor.sys
2006-09-02 02:27:06 8192 -c--a-w- e:\windows\system32\dllcache\tsbyuv.dll
2006-09-02 02:27:06 8192 ----a-w- e:\windows\system32\tsbyuv.dll
2006-09-02 02:27:06 50688 -c--a-w- e:\windows\system32\dllcache\vfwwdm32.dll
2006-09-02 02:27:06 50688 ----a-w- e:\windows\system32\vfwwdm32.dll
2006-09-02 02:27:03 286720 ----a-w- e:\windows\system32\msh263.drv
2006-09-02 02:27:02 4096 -c--a-w- e:\windows\system32\dllcache\ksuser.dll
2006-09-02 02:26:58 45568 -c--a-w- e:\windows\system32\dllcache\iyuv_32.dll
2006-09-02 02:26:58 45568 ----a-w- e:\windows\system32\iyuv_32.dll
2006-09-02 02:26:57 18944 -c--a-w- e:\windows\system32\dllcache\dshowext.ax
2006-09-02 02:26:57 18944 ----a-w- e:\windows\system32\dshowext.ax
2006-09-02 02:19:10 81921 ----a-w- e:\windows\system32\drivers\MPIXVID.SYS
2006-09-02 02:19:10 25575 ----a-w- e:\windows\system32\drivers\USBCamAT.sys
2006-09-01 12:44:48 212480 ------w- e:\windows\pcdlib32.dll
2006-09-01 12:34:40 8704 -c--a-w- e:\windows\system32\dllcache\kbdjpn.dll
2006-09-01 12:34:40 8704 ----a-w- e:\windows\system32\kbdjpn.dll
2006-09-01 12:34:40 8192 -c--a-w- e:\windows\system32\dllcache\kbdkor.dll
2006-09-01 12:34:40 8192 ----a-w- e:\windows\system32\kbdkor.dll
2006-09-01 12:34:40 6144 -c--a-w- e:\windows\system32\dllcache\kbd106.dll
2006-09-01 12:34:40 6144 -c--a-w- e:\windows\system32\dllcache\kbd101c.dll
2006-09-01 12:34:40 6144 ----a-w- e:\windows\system32\kbd106.dll
2006-09-01 12:34:40 6144 ----a-w- e:\windows\system32\kbd101c.dll
2006-09-01 12:34:40 5632 -c--a-w- e:\windows\system32\dllcache\kbd103.dll
2006-09-01 12:34:40 5632 ----a-w- e:\windows\system32\kbd103.dll
2006-09-01 12:34:39 6144 -c--a-w- e:\windows\system32\dllcache\kbd101b.dll
2006-09-01 12:34:39 6144 ----a-w- e:\windows\system32\kbd101b.dll
2006-08-27 14:45:16 0 d-----w- e:\docume~1\fernanda\dadosd~1\Kazaa Lite
2006-08-12 00:47:16 135040 -c--a-w- e:\windows\system32\dllcache\portcls.sys
2006-08-12 00:47:16 135040 ----a-w- e:\windows\system32\drivers\portcls.sys
2006-08-12 00:47:15 57344 -c--a-w- e:\windows\system32\dllcache\drmk.sys
2006-08-12 00:47:15 57344 ----a-w- e:\windows\system32\drivers\drmk.sys
2006-08-12 00:27:58 24192 -c--a-w- e:\windows\system32\dllcache\usbser.sys
2006-08-12 00:27:58 24192 ----a-w- e:\windows\system32\drivers\usbser.sys
2006-08-12 00:27:58 24192 ----a-r- e:\windows\system32\drivers\OLD38.tmp
2006-08-11 21:11:23 0 d--h--w- e:\arquivos de programas\Scpad
2006-08-08 09:39:48 25600 ----a-w- e:\windows\system32\xpsp1hfm.exe
2006-08-08 09:39:48 0 dc-h--w- e:\windows\$xpsp1hfm$
2006-08-07 15:43:57 0 d-----w- e:\windows\system32\bits
2006-08-04 19:08:36 7680 -c----w- e:\windows\system32\dllcache\bitsprx2.dll
2006-08-04 19:08:36 7680 ------w- e:\windows\system32\bitsprx2.dll
2006-08-04 19:08:36 7168 -c----w- e:\windows\system32\dllcache\bitsprx3.dll
2006-08-04 19:08:36 7168 ------w- e:\windows\system32\bitsprx3.dll
2006-08-04 19:08:36 360960 -c--a-w- e:\windows\system32\dllcache\qmgr.dll
2006-08-04 19:08:36 331776 ----a-w- e:\windows\system32\winhttp.dll
2006-08-04 19:08:36 17408 -c--a-w- e:\windows\system32\dllcache\qmgrprxy.dll
2006-08-04 19:08:36 17408 ----a-w- e:\windows\system32\qmgrprxy.dll
2006-08-04 19:01:55 0 d-----w- e:\windows\system32\SoftwareDistribution
2006-08-04 18:57:49 217816 ----a-w- e:\windows\system32\wuaucpl.cpl
2006-08-04 18:57:49 194840 ----a-w- e:\windows\system32\wuaueng1.dll
2006-08-04 18:57:49 174872 ----a-w- e:\windows\system32\wuauclt1.exe
2006-08-04 07:44:04 2560 ------w- e:\windows\system32\drivers\cdralw2k.sys
2006-08-04 07:44:04 2432 ------w- e:\windows\system32\drivers\cdr4_xp.sys
2006-08-04 07:43:04 0 d-----w- e:\windows\RegisteredPackages
2006-08-04 07:31:39 0 d-----w- e:\docume~1\fernanda\dadosd~1\AVG7
2006-08-04 07:31:10 499712 ----a-w- e:\windows\system32\msvcp71.dll
2006-08-04 07:31:10 348160 ----a-w- e:\windows\system32\msvcr71.dll
2006-08-04 07:31:10 23424 ----a-w- e:\windows\system32\drivers\avgmfrs.sys
2006-08-02 23:21:58 316640 ----a-w- e:\windows\WMSysPr9.prx
2006-08-02 23:21:57 384512 ----a-w- e:\windows\system32\mp4sdmod.dll
2006-08-02 23:21:57 316040 ----a-w- e:\windows\system32\mp43dmod.dll
2006-08-02 23:21:57 241664 -c--a-w- e:\windows\system32\dllcache\mpg4dmod.dll
2006-08-02 23:21:57 241664 ----a-w- e:\windows\system32\mpg4dmod.dll
2006-08-02 23:21:52 9728 -c--a-w- e:\windows\system32\dllcache\npwmsdrm.dll
2006-08-02 23:21:52 217600 -c--a-w- e:\windows\system32\dllcache\npdrmv2.dll
2006-08-02 23:20:35 106496 ----a-w- e:\windows\system32\TwnLib20.dll
2006-08-02 23:20:30 38912 ------w- e:\windows\system32\picn20.dll
2006-08-02 23:20:28 155648 ----a-w- e:\windows\system32\NeroCheck.exe
2006-08-02 23:17:24 169 ----a-w- e:\windows\RtlRack.ini
2006-08-02 23:15:59 9389568 ----a-r- e:\windows\system32\RTLCPL.EXE
2006-08-02 23:15:54 141016 ----a-r- e:\windows\system32\ALSNDMGR.WAV
2006-08-02 23:15:49 18726912 ----a-r- e:\windows\system32\ALSNDMGR.CPL
2006-08-02 23:15:46 77824 ----a-r- e:\windows\SOUNDMAN.EXE
2006-08-02 23:15:46 2319680 ----a-r- e:\windows\system32\drivers\ALCXWDM.SYS
2006-08-02 23:15:44 22016 ----a-w- e:\windows\system32\wdmaud.drv
2006-08-02 23:15:36 164 ------r- e:\windows\avrack.ini
2006-08-02 23:15:30 40960 ------r- e:\windows\system32\ChCfg.exe
2006-08-02 23:15:19 294912 ------r- e:\windows\alcupd.exe
2006-08-02 23:15:18 200704 ------r- e:\windows\alcrmv.exe
2006-08-02 23:15:01 7040 ----a-r- e:\windows\system32\ntsim.sys
2006-08-02 23:12:25 27904 ----a-r- e:\windows\system32\drivers\VIAAGP1.SYS
2006-08-02 23:12:06 36224 -c--a-w- e:\windows\system32\dllcache\isapnp.sys
2006-08-02 23:12:06 36224 ----a-w- e:\windows\system32\drivers\isapnp.sys
2006-08-02 23:11:54 0 d-----w- e:\windows\system32\ReinstallBackups
2006-08-02 23:11:54 0 d-----w- e:\windows\LastGood.Tmp
2006-08-02 23:09:22 421 ----a-w- e:\windows\ODBC.INI
2006-08-02 23:07:14 0 d-----w- e:\windows\ShellNew
2006-08-02 23:04:04 0 d-sh--w- e:\windows\Installer
2006-08-02 23:03:51 212 --sh--w- e:\documents and settings\fernanda\ntuser.ini
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Modelos
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Dados de aplicativos
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Configurações locais
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Ambiente de rede
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Ambiente de impressão
2006-08-02 23:03:50 0 d-----r- e:\documents and settings\fernanda\Meus documentos
2006-08-02 23:01:33 8192 ----a-w- e:\windows\REGLOCS.OLD
2006-08-02 22:53:38 0 d--h--w- e:\arquivos de programas\WindowsUpdate
2006-01-02 09:07:08 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files
2006-01-01 19:33:48 0 dc----w- e:\arquivos de programas\Crawler
2006-01-01 19:33:42 0 d-----w- e:\docume~1\fernanda\dadosd~1\Spyware Terminator
2006-01-01 19:33:37 0 dc----w- e:\arquivos de programas\Spyware Terminator
2006-01-01 19:33:37 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Spyware Terminator
2006-01-01 04:49:45 0 dc----w- e:\arquivos de programas\Avira
2006-01-01 04:49:45 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Avira
==================== Find3M ====================
2010-01-19 19:24:36 19456 -csha-w- e:\arquivos de programas\Thumbs.db
2008-03-21 12:30:24 9940 ----a-w- e:\windows\fonts\Yamaha EBM 10.ttf
2008-03-10 20:37:36 46240 ----a-w- e:\windows\fonts\Yamaha EBM 8.ttf
2006-11-13 09:59:38 344380 ----a-w- e:\windows\system32\perfh016.dat
2006-11-13 09:59:37 48628 ----a-w- e:\windows\system32\perfc016.dat
2006-09-20 18:27:10 19020 ----a-w- e:\windows\fonts\Studio Manager Dot Font 3.TTF
2006-09-20 18:27:10 18784 ----a-w- e:\windows\fonts\Studio Manager Big Font.TTF
2006-09-20 18:27:10 18516 ----a-w- e:\windows\fonts\Studio Manager Dot Font 1.TTF
2006-09-20 18:27:10 13772 ----a-w- e:\windows\fonts\Studio Manager ChFont.TTF
2006-08-02 22:54:06 21844 ----a-w- e:\windows\system32\emptyregdb.dat
2006-01-31 17:48:56 28672 ----a-w- e:\windows\system32\sm2-qt333optserver.dll
2006-01-31 15:03:42 6713344 ----a-w- e:\windows\system32\sm2-dm1k_o1v96_resources.dll
2006-01-31 14:56:04 4198400 ----a-w- e:\windows\system32\sm2-qt-mt333.dll
2006-01-01 19:33:44 142592 -c--a-w- e:\windows\system32\drivers\sp_rsdrv2.sys
2004-07-22 13:51:34 3432656 -c--a-w- e:\arquivos de programas\ManagedDX.CAB
2004-07-20 01:58:36 1156363 -c--a-w- e:\arquivos de programas\BDANT.cab
2004-07-20 01:53:26 976020 -c--a-w- e:\arquivos de programas\BDAXP.cab
2004-07-09 17:17:16 13265040 -c--a-w- e:\arquivos de programas\dxnt.cab
2004-07-09 12:13:48 15493481 -c--a-w- e:\arquivos de programas\DirectX.cab
2004-07-09 12:13:46 703080 -c--a-w- e:\arquivos de programas\BDA.cab
2004-07-09 07:08:36 472576 -c--a-w- e:\arquivos de programas\dxsetup.exe
2004-07-09 07:08:34 2242560 -c--a-w- e:\arquivos de programas\dsetup32.dll
2004-07-09 06:03:10 62976 -c--a-w- e:\arquivos de programas\DSETUP.dll
============= FINISH: 16:56:23,05 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/8/2006 17:00:23
System Uptime: 1/1/2006 14:48:18 (2 hours ago)
Motherboard: | | P4M800-8237
Processor: Intel(R) Celeron(R) CPU 2.26GHz | Socket 478 | 2266/133mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 3,281 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 19 GiB total, 3,313 GiB free.
==== Disabled Device Manager Items =============
==== Installed Programs ======================
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
Ares 2.1.5
Avira AntiVir Personal - Free Antivirus
Crawler Toolbar with Web Security Guard
FormatFactory 2.20
Google Earth Plug-in
Google Update Helper
IL Download Manager
InterActual Player
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 11
Java(TM) 6 Update 3
K-Lite Mega Codec Pack 6.0.4
Microsoft Office XP Professional
Microsoft Office XP Professional com FrontPage
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.
MSVC80_x86
Need2Find Bar
Nero 7 Essentials
Nero Suite
neroxml
PC Connectivity Solution
Peer Points Manager
Picasa 2
Real Alternative 1.60
Realtek AC'97 Audio
Roxio PhotoSuite 5
S3GSetup
Skype 3.6
Spyware Terminator
Steam
TagScanner 5.1 build 553
Toxic Biohazard
Update Manager
VC80CRTRedist - 8.0.50727.4053
VIA/S3G Display Driver
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB842773
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q815021
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix Package [See Q329115 for more information]
WinRAR archiver
XP Codec Pack
YAMAHA 01V96 Editor
Yamaha LS9 Editor
Yamaha M7CL Editor
Yamaha Studio Manager
==== End Of File ===========================
GMER 1.0.15.15281 - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Rootkit scan 2006-01-01 19:49:18
Windows 5.1.2600
Running: gmer.exe; Driver: E:\DOCUME~1\Fernanda\CONFIG~1\Temp\fwayrpoc.sys
---- System - GMER 1.0.15 ----
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwClose [0xAFD7088E]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwCreateFile [0xAFD700EC]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwCreateKey [0xAFD6FDCE]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwCreateSection [0xAFD71938]
SSDT B87D928C ZwCreateThread
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwDeleteKey [0xAFD6FED8]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwDeleteValueKey [0xAFD6FFC2]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwLoadDriver [0xAFD70BBC]
SSDT B87D92AA ZwLoadKey
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwOpenFile [0xAFD703F4]
SSDT B87D9278 ZwOpenProcess
SSDT B87D927D ZwOpenThread
SSDT B87D92B4 ZwReplaceKey
SSDT B87D92AF ZwRestoreKey
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwSetInformationFile [0xAFD70526]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwSetValueKey [0xAFD6FBFC]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwTerminateProcess [0xAFD70B04]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwWriteFile [0xAFD7070C]
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!KeInitializeInterrupt + B79 804D4F8E 1 Byte [06]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 170 804FC688 4 Bytes [8E, 08, D7, AF]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1A0 804FC6B8 4 Bytes [EC, 00, D7, AF] {IN AL, DX ; ADD BH, DL; SCASD }
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1B0 804FC6C8 4 Bytes [CE, FD, D6, AF] {INTO ; STD ; SALC ; SCASD }
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1D4 804FC6EC 4 Bytes [38, 19, D7, AF] {CMP [ECX], BL; XLATB ; SCASD }
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1E0 804FC6F8 4 Bytes [8C, 92, 7D, B8]
.text ...
---- User code sections - GMER 1.0.15 ----
.text E:\WINDOWS\SYSTEM32\winlogon.exe[680] kernel32.dll!FreeLibraryAndExitThread 77E5D93D 5 Bytes JMP 1007A140 E:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco Real)
.text E:\WINDOWS\SYSTEM32\winlogon.exe[680] kernel32.dll!FreeLibrary 77E70618 5 Bytes JMP 1007A2A0 E:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco Real)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs avgntmgr.sys (Avira AntiVir File Filter Driver Manager/Avira GmbH)
Device \Driver\Tcpip \Device\Ip avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\Tcpip \Device\Tcp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\Tcpip \Device\Udp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\Tcpip \Device\RawIp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\Tcpip \Device\IPMULTICAST avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat avgntmgr.sys (Avira AntiVir File Filter Driver Manager/Avira GmbH)
---- EOF - GMER 1.0.15 ----
Tenho o meu pc há muito tempo, uns quatro anos, mas nunca passei nada de antivirus. Porém tenho notado ele muito lento, decidi passar o Avira AntiVir que detectou 110 ameaças. Como não faço a mínima idéia de como proceder depois de passar o antivirus decidi postar aqui para pedir uma ajuda.
Agradeço desde já,
Fernanda
DDS (Ver_10-03-17.01) - NTFSx86
Run by Fernanda at 16:55:59,10 on dom 01/01/2006
Internet Explorer: 6.0.2600.0000 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.0.1252.55.1046.18.1215.621 [GMT -3]
============== Running Processes ===============
E:\ARQUIV~1\GbPlugin\GbpSv.exe
E:\WINDOWS\system32\svchost -k rpcss
E:\WINDOWS\System32\svchost.exe -k netsvcs
E:\WINDOWS\System32\svchost.exe -k NetworkService
E:\WINDOWS\System32\svchost.exe -k LocalService
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
E:\WINDOWS\System32\VTTimer.exe
E:\WINDOWS\System32\VTtrayp.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Arquivos de programas\Java\jre6\bin\jusched.exe
E:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
E:\Arquivos de programas\Java\jre6\bin\jqs.exe
E:\WINDOWS\System32\svchost.exe -k imgsvc
E:\WINDOWS\System32\wdfmgr.exe
E:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
E:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe
E:\WINDOWS\System32\wuauclt.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe
E:\Arquivos de programas\Spyware Terminator\sp_rsser.exe
E:\Documents and Settings\Fernanda\Desktop\dds.scr
E:\WINDOWS\System32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uSearch Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uSearch Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uDefault_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uSearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uSearchURL,(Default) = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: {013a653b-49a6-4f76-8b68-e4875ea6ba54} - e:\windows\system32\cikubajj.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - e:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelper.dll
BHO: PsapiAnalyzer Object: {0a07916b-b841-4184-aad5-06fe2f75788c} - e:\windows\registration\crmlog\font.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - e:\arquiv~1\crawler\toolbar\ctbr.dll
BHO: ssh2 Class: {2e3c3651-b19c-4dd9-a979-901ec3e930af} - e:\arquivos de programas\scpad\scpsssh2.dll
BHO: Need2Find Bar BHO: {4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} - e:\arquivos de programas\need2find\bar\1.bin\ND2FNBAR.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - e:\arquivos de programas\java\jre6\bin\ssv.dll
BHO: {871a54c1-1eb3-48bd-a879-5dba4ef16be6} - e:\windows\system32\lwdbgvwe.dll
BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - e:\arquiv~1\gbplugin\gbiehabn.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Barra de Ferramentas &Crawler: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - e:\arquiv~1\crawler\toolbar\ctbr.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Faixa de mídia: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
uRun: [CTFMON.EXE] e:\windows\system32\ctfmon.exe
uRun: [PcSync] e:\arquivos de programas\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "e:\arquivos de programas\arquivos comuns\ahead\lib\NMBgMonitor.exe"
uRun: [Steam] "e:\arquivos de programas\steam\Steam.exe" -silent
uRun: [ares] "e:\arquivos de programas\ares\Ares.exe" -h
uRun: [Picasa Media Detector] e:\arquivos de programas\picasa2\PicasaMediaDetector.exe
uRun: [SpywareTerminatorUpdate] "e:\arquivos de programas\spyware terminator\SpywareTerminatorUpdate.exe"
mRun: [VTTimer] VTTimer.exe
mRun: [VTTrayp] VTtrayp.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NeroFilterCheck] e:\arquivos de programas\arquivos comuns\ahead\lib\NeroCheck.exe
mRun: [AVG7_CC] e:\arquiv~1\grisoft\avgfre~1\avgcc.exe /STARTUP
mRun: [SunJavaUpdateSched] "e:\arquivos de programas\java\jre6\bin\jusched.exe"
mRun: [\windows\siswin.exe] \windows\siswin.exe
mRun: [ISUSPM Startup] "e:\arquivos de programas\arquivos comuns\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "e:\arquivos de programas\arquivos comuns\installshield\updateservice\issch.exe" -start
mRun: [ABAEnglish MiniCourse] c:\abaenglishminicourse\ABAEnglishMiniCourse.exe
mRun: [Adobe Reader Speed Launcher] "e:\arquivos de programas\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [avgnt] "e:\arquivos de programas\avira\antivir desktop\avgnt.exe" /min
dRun: [CTFMON.EXE] e:\windows\system32\CTFMON.EXE
dRun: [AVG7_Run] e:\arquiv~1\grisoft\avgfre~1\avgw.exe /RUNONCE
StartupFolder: e:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\micros~1.lnk - e:\arquivos de programas\microsoft office\office10\OSA.EXE
IE: &Download All using 4shared Desktop - e:\arquivos de programas\4shared desktop\down_all.htm
IE: &Search - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: Crawler Search - tbr:iemenu
IE: E&xportar para o Microsoft Excel - e:\arquiv~1\micros~2\office10\EXCEL.EXE/3000
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
DPF: {4B48D5DF-9021-45F7-A240-60304302A215} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
TCP: {C7400E71-916D-4087-8C92-1A9E4D9CB971} = 192.168.6.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - e:\arquivos de programas\arquivos comuns\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - e:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - e:\arquiv~1\crawler\toolbar\ctbr.dll
Notify: GbPluginAbn - e:\arquiv~1\gbplugin\gbiehabn.dll
Notify: font - e:\windows\registration\crmlog\font.dll
SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - e:\arquivos de programas\scpad\scpLIB.dll
STS: compIB Class: {a3717295-941d-416f-9384-ed1736729f1c} - e:\arquivos de programas\scpad\scpLIB.dll
SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - e:\arquiv~1\gbplugin\gbiehabn.dll
SecurityProviders: msapsspc.dll, schannel.dll, msnsspc.dll, digest.dll
================= FIREFOX ===================
FF - ProfilePath - e:\docume~1\fernanda\dadosd~1\mozilla\firefox\profiles\9g6xlap9.default\
FF - prefs.js: browser.search.defaulturl - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF - prefs.js: keyword.URL -
FF - plugin: e:\arquivos de programas\google\google earth\plugin\npgeplugin.dll
FF - plugin: e:\arquivos de programas\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: e:\arquivos de programas\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: e:\arquivos de programas\picasa2\npPicasa2.dll
FF - plugin: e:\documents and settings\fernanda\dados de aplicativos\mozilla\firefox\profiles\9g6xlap9.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: e:\documents and settings\fernanda\meus documentos\minhas imagens\2008-11-20\nova pasta\google\picasa3\npPicasa2.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 avgntmgr;avgntmgr;e:\windows\system32\drivers\avgntmgr.sys [2006-1-1 22360]
R0 GbpKm;Gbp KernelMode;e:\windows\system32\drivers\GbpKm.sys [2009-4-28 31080]
R1 Avg7RsW;AVG7 Wrap Driver;e:\windows\system32\drivers\avg7rsw.sys [2006-8-4 4288]
R1 avgntdd;avgntdd;e:\windows\system32\drivers\avgntdd.sys [2006-1-1 45416]
R1 sp_rsdrv2;Spyware Terminator Driver 2;e:\windows\system32\drivers\sp_rsdrv2.sys [2006-1-1 142592]
R2 AntiVirSchedulerService;Avira AntiVir Programador;e:\arquivos de programas\avira\antivir desktop\sched.exe [2006-1-1 108289]
R2 AntiVirService;Avira AntiVir Guard;e:\arquivos de programas\avira\antivir desktop\avguard.exe [2006-1-1 185089]
R2 AvgTdi;AVG Network Redirector;e:\windows\system32\drivers\avgtdi.sys [2006-8-4 4992]
R2 GbpSv;Gbp Service;e:\arquiv~1\gbplugin\GbpSv.exe [2009-11-23 54376]
S1 Avg7Core;AVG7 Kernel;e:\windows\system32\drivers\avg7core.sys [2006-8-4 778656]
S1 Avg7RsXP;AVG7 Resident Driver XP;e:\windows\system32\drivers\avg7rsxp.sys [2006-8-4 27904]
S2 Avg7Alrt;AVG7 Alert Manager Server;e:\arquiv~1\grisoft\avgfre~1\avgamsvr.exe --> e:\arquiv~1\grisoft\avgfre~1\avgamsvr.exe [?]
S2 Avg7UpdSvc;AVG7 Update Service;e:\arquiv~1\grisoft\avgfre~1\avgupsvc.exe --> e:\arquiv~1\grisoft\avgfre~1\avgupsvc.exe [?]
S2 AVGEMS;AVG E-mail Scanner;e:\arquiv~1\grisoft\avgfre~1\avgemc.exe --> e:\arquiv~1\grisoft\avgfre~1\avgemc.exe [?]
S2 gupdate;Google Update Service (gupdate);e:\arquivos de programas\google\update\GoogleUpdate.exe [2010-6-20 136176]
S3 DCamUSBPremier;USB Video Camera;e:\windows\system32\drivers\MPIXVID.SYS [2006-9-1 81921]
S3 usb2vcom;DKU-5 Connectivity Adapter Cable;e:\windows\system32\drivers\usb2vcom.sys [2006-11-18 30272]
============== File Associations ===============
regfile="regedit.exe" "%1"
=============== Created Last 30 ================
2010-08-04 20:02:53 26 ----a-w- e:\windows\WAR2R.INI
2010-08-01 18:50:58 421888 ----a-w- e:\windows\system32\ac3filter.acm
2010-08-01 18:50:42 0 dc----w- e:\arquivos de programas\XP Codec Pack
2010-07-04 00:24:39 0 d-----w- e:\docume~1\fernanda\dadosd~1\DVD Flick
2010-07-04 00:09:42 81920 ----a-w- e:\windows\system32\mbmouse.ocx
2010-07-04 00:09:42 36864 ----a-w- e:\windows\system32\trayicon.ocx
2010-07-04 00:09:39 662288 ----a-w- e:\windows\system32\mscomct2.ocx
2010-07-04 00:09:39 212240 ----a-w- e:\windows\system32\richtx32.ocx
2010-07-02 15:44:55 0 dc----w- e:\arquivos de programas\Conduit
2010-06-04 15:13:39 165376 ----a-w- e:\windows\system32\unrar.dll
2010-06-04 15:13:38 38 ----a-w- e:\windows\avisplitter.ini
2010-06-04 15:13:36 232448 ----a-w- e:\windows\system32\mp3fhg.acm
2010-06-04 15:13:36 151552 ----a-w- e:\windows\system32\ac3acm.acm
2010-06-04 15:13:35 217088 ----a-w- e:\windows\system32\yv12vfw.dll
2010-06-04 15:13:34 94208 ----a-w- e:\windows\system32\dpl100.dll
2010-06-04 15:13:34 881664 ----a-w- e:\windows\system32\xvidcore.dll
2010-06-04 15:13:34 720384 ----a-w- e:\windows\system32\divx.dll
2010-06-04 15:13:34 205824 ----a-w- e:\windows\system32\xvidvfw.dll
2010-06-04 15:13:25 0 dc----w- e:\arquivos de programas\K-Lite Codec Pack
2010-06-04 15:12:10 0 dc----w- e:\arquivos de programas\Ares
2010-06-04 14:51:05 0 dc----w- E:\My Shared Folder
2010-05-09 12:34:20 0 dc----w- e:\arquivos de programas\Picasa2
2010-04-04 06:01:51 0 d-----w- e:\windows\048298C9A4D3490B9FF9AB023A9238F3.TMP
2010-04-04 05:29:56 0 dc----w- e:\arquivos de programas\PokerStars
2010-04-01 05:00:19 0 d-----w- e:\windows\LogFiles
2010-03-12 22:18:28 0 dc----w- e:\arquivos de programas\FreeTime
2009-11-24 14:24:00 0 dc----w- e:\arquivos de programas\TagScanner
2009-11-24 14:13:08 0 dc----w- e:\arquivos de programas\GCstar
2009-07-09 00:28:14 0 dc----w- E:\videos
2009-06-24 14:39:26 1003520 ----a-w- e:\windows\system32\VSFilter.dll
2009-05-22 16:54:18 0 dc----w- e:\arquivos de programas\Real Alternative
2009-05-22 16:53:34 0 d-----w- e:\docume~1\fernanda\dadosd~1\uTorrent
2009-04-28 19:51:34 31080 ----a-w- e:\windows\system32\drivers\GbpKm.sys
2009-04-13 01:57:28 225280 ----a-w- e:\windows\system32\rewire.dll
2009-04-13 01:57:13 1294336 ----a-w- e:\windows\system32\vorbis.acm
2009-04-13 01:56:18 0 dc----w- e:\arquivos de programas\Outsim
2009-04-13 01:53:51 0 dc----w- e:\arquivos de programas\Image-Line
2009-03-24 00:41:27 0 dc----w- e:\arquivos de programas\InterActual
2009-03-22 22:29:42 279 -c--a-w- E:\Atalho para Disco local (E).lnk
2009-03-10 23:24:54 303616 ----a-w- e:\windows\IsUninst.exe
2009-02-17 03:37:40 0 d-----w- e:\docume~1\fernanda\dadosd~1\Downloaded Installations
2009-02-10 06:07:54 0 dc----w- e:\arquivos de programas\Yamaha
2009-02-10 06:07:35 0 d-----w- e:\windows\Downloaded Installations
2009-02-06 23:31:33 210032 ----a-w- e:\windows\system32\DBCLIENT.DLL
2009-02-06 23:31:33 183808 ----a-w- e:\windows\system32\BDEADMIN.CPL
2009-02-06 23:31:33 0 dc----w- e:\arquivos de programas\arquivos comuns\Borland Shared
2009-02-06 07:36:10 77878 ----a-w- e:\windows\system32\temp.005
2009-02-06 07:36:10 77878 ----a-w- e:\windows\system32\temp.002
2009-02-06 07:36:10 65024 ----a-w- e:\windows\system32\temp.003
2009-02-06 07:36:10 65024 ----a-w- e:\windows\system32\temp.000
2009-02-06 07:36:10 152064 ----a-w- e:\windows\system32\temp.004
2009-02-06 07:36:10 152064 ----a-w- e:\windows\system32\temp.001
2009-02-06 07:36:05 132096 ----a-w- e:\windows\system32\ZipDLL.dll
2009-02-06 07:36:05 117760 ----a-w- e:\windows\system32\Unzdll.dll
2009-02-06 07:36:03 0 dc----w- e:\arquivos de programas\arquivos comuns\Opus Shared
2009-02-04 23:45:52 410984 ----a-w- e:\windows\system32\deploytk.dll
2009-02-02 06:18:14 0 dc----w- e:\arquivos de programas\Mediafour
2009-01-23 00:15:58 98304 ----a-w- e:\windows\system32\CmdLineExt.dll
2009-01-22 01:33:43 151 ----a-w- e:\windows\PhotoSnapViewer.INI
2009-01-18 05:21:22 0 dc----w- e:\arquivos de programas\Valve
2009-01-17 23:10:06 630 ----a-w- e:\documents and settings\fernanda\default.pls
2009-01-17 22:46:12 0 dc----w- e:\arquivos de programas\Nero
2009-01-17 22:46:12 0 dc----w- e:\arquivos de programas\arquivos comuns\Ahead
2009-01-17 22:46:12 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Nero
2008-12-19 16:26:06 2625536 ----a-w- e:\windows\system32\ffdshow.ax
2008-12-19 15:15:58 4338246 ----a-w- e:\windows\system32\libavcodec.dll
2008-12-19 02:21:04 0 d-s---w- e:\windows\system32\Microsoft
2008-12-19 02:20:23 0 d-----w- e:\windows\system32\Adobe
2008-12-17 21:00:41 0 d--h--w- e:\windows\PIF
2008-12-17 17:41:18 884237 ----a-w- e:\windows\system32\ff_x264.dll
2008-12-17 17:22:58 93184 ----a-w- e:\windows\system32\ff_wmv9.dll
2008-12-17 17:22:48 57344 ----a-w- e:\windows\system32\ff_vfw.dll
2008-12-17 17:17:34 239247 ----a-w- e:\windows\system32\ff_theora.dll
2008-12-17 16:59:54 560802 ----a-w- e:\windows\system32\libmplayer.dll
2008-12-11 11:27:02 547 ----a-w- e:\windows\system32\ffdshow.ax.manifest
2008-12-11 11:27:02 547 ----a-w- e:\windows\system32\ff_vfw.dll.manifest
2008-12-06 21:49:34 7335872 -c--a-w- e:\arquivos de programas\Firefox Setup 3.0.4.exe
2008-12-06 20:19:05 0 d-----w- e:\windows\system32\IOSUBSYS
2008-12-06 20:15:59 6108728 -c--a-w- e:\arquivos de programas\picasaweb-current-setup.exe
2008-12-06 16:12:06 0 dc----w- E:\Programs
2008-12-06 16:12:01 0 dc----w- E:\Plugins
2008-12-06 16:11:39 0 dc----w- E:\Phnom Penh Image Scaler
2008-12-06 16:11:39 0 dc----w- E:\Paraben
2008-12-06 16:11:38 0 dc----w- E:\Outlook Express
2008-12-06 16:10:34 0 dc----w- E:\NetMeeting
2008-12-06 16:10:33 0 dc----w- E:\MYMA Decoder and Viewer
2008-12-06 16:10:33 0 dc----w- E:\Multi_Media_Brazil
2008-12-06 16:09:56 0 dc----w- E:\Mozilla Firefox
2008-12-06 16:09:56 0 dc----w- E:\Movie Maker
2008-12-06 16:08:41 0 dc----w- E:\Microsoft Office
2008-12-06 16:08:41 0 dc----w- E:\microsoft frontpage
2008-12-06 16:07:54 0 dc----w- E:\Languages
2008-12-06 16:07:54 0 dc----w- E:\KrachaMaker
2008-12-06 16:07:54 0 dc----w- E:\Kaspersky Lab
2008-12-06 16:06:47 0 dc----w- E:\Java
2008-12-06 16:06:46 0 dc----w- E:\Internet Explorer
2008-12-06 16:06:45 0 dc-h--w- E:\InstallShield Installation Information
2008-12-06 16:06:45 0 dc----w- E:\Grisoft
2008-12-06 16:06:44 0 dc----w- E:\Google
2008-11-07 15:25:04 4648960 ----a-w- e:\windows\system32\ls9-qt-mt336.dll
2008-11-07 15:25:00 94208 ----a-w- e:\windows\system32\ls9_utilities.dll
2008-11-07 15:25:00 917504 ----a-w- e:\windows\system32\ls9_console.dll
2008-11-07 15:25:00 81920 ----a-w- e:\windows\system32\ls9_memapi.dll
2008-11-07 15:25:00 57344 ----a-w- e:\windows\system32\ls9_transport.dll
2008-11-07 15:25:00 45056 ----a-w- e:\windows\system32\ls9_qtoptserver.dll
2008-11-07 15:25:00 1507328 ----a-w- e:\windows\system32\ls9_widgets.dll
2008-11-07 13:49:12 77824 ----a-w- e:\windows\system32\m7cl_utilities.dll
2008-11-07 13:49:12 69632 ----a-w- e:\windows\system32\m7cl_memapi.dll
2008-11-07 13:49:12 4628480 ----a-w- e:\windows\system32\m7cl-qt-mt333.dll
2008-11-07 13:49:12 45056 ----a-w- e:\windows\system32\m7cl_transport.dll
2008-11-07 13:49:12 36864 ----a-w- e:\windows\system32\m7cl_qtoptserver.dll
2008-11-07 13:49:12 1310720 ----a-w- e:\windows\system32\m7cl_widgets.dll
2008-11-07 13:49:10 765952 ----a-w- e:\windows\system32\m7cl_console.dll
2008-10-23 02:03:55 220160 -c--a-w- e:\windows\system32\dllcache\srrstr.dll
2008-10-23 02:03:55 220160 ----a-w- e:\windows\system32\srrstr.dll
2008-09-26 03:02:18 456656 ----a-w- e:\documents and settings\fernanda\mmp3.mp3
2008-09-26 02:56:01 0 d-----w- e:\docume~1\fernanda\dadosd~1\AccurateRip
2008-09-26 02:55:46 5052280 ----a-w- e:\windows\system32\SpoonUninstall.exe
2008-09-18 12:11:11 246784 ----a-w- e:\windows\system32\ActiveSkin.ocx
2008-09-18 12:11:11 112 ----a-w- e:\windows\ActiveSkin.INI
2008-07-31 22:17:04 43872 ----a-w- e:\windows\system32\drivers\pxhelp20.sys
2008-07-30 13:47:46 33792 -csha-w- E:\Thumbs.db
2008-07-29 08:58:12 589824 ----a-w- e:\windows\system32\AXPBObjects.dll
2008-06-03 21:39:56 7552 -c--a-w- e:\windows\system32\dllcache\sonypvu1.sys
2008-06-03 21:39:56 7552 ----a-w- e:\windows\system32\drivers\SONYPVU1.SYS
2008-05-27 02:00:15 0 d-----w- e:\docume~1\alluse~1\dadosd~1\VistaCodecs
2008-05-21 12:02:39 0 d-----w- e:\arquivos de programas\GbPlugin
2008-05-21 12:01:00 0 d-----w- e:\docume~1\alluse~1\dadosd~1\GbPlugin
2008-05-15 23:34:32 17408 ----a-w- e:\windows\system32\smh-qtoptserver.dll
2008-05-15 23:34:20 5607424 ----a-w- e:\windows\system32\smh-qt-mt336.dll
2008-05-13 01:12:11 14556 ----a-w- e:\windows\FontData.fdb
2008-05-13 00:32:46 104 --sh--r- e:\windows\system32\87553A18B2.sys
2008-05-13 00:13:29 0 d-----w- e:\windows\system32\appmgmt
2008-05-12 23:58:15 3350 --sha-w- e:\windows\system32\KGyGaAvL.sys
2008-05-05 04:14:56 947 ----a-w- e:\documents and settings\fernanda\Instructions.nfo
2008-05-05 04:14:56 253952 ----a-w- e:\documents and settings\fernanda\setup.exe
2008-05-05 04:14:56 1822520 ----a-w- e:\documents and settings\fernanda\instmsiw.exe
2008-05-05 04:14:56 1139008 ----a-w- e:\documents and settings\fernanda\mobile PhoneTools.msi
2008-05-05 04:14:55 5495 ----a-w- e:\documents and settings\fernanda\0x0409.ini
2008-05-05 04:14:55 27 ----a-w- e:\documents and settings\fernanda\Autorun.inf
2008-05-05 04:14:55 1708856 ----a-w- e:\documents and settings\fernanda\instmsia.exe
2008-05-05 04:14:55 0 d-----w- e:\documents and settings\fernanda\Windows
2008-05-05 04:14:33 0 d-----w- e:\documents and settings\fernanda\program files
2008-05-05 03:27:07 0 d-----r- e:\windows\Offline Web Pages
2008-05-05 03:24:59 56832 ----a-w- e:\windows\system32\mshtmler.dll
2008-05-04 18:54:14 0 d--h--w- E:\DBBackup
2008-05-04 18:46:51 0 d-----w- e:\arquivos de programas\Need2Find
2008-05-04 18:34:12 10 ----a-w- e:\windows\smdat32m.sys
2008-05-04 18:34:12 0 ----a-w- e:\windows\smdat32a.sys
2008-05-04 18:34:09 0 d-----w- E:\Program Files
2008-04-30 16:49:43 5361 ----a-w- e:\windows\DesinstWRecnet.ini
2008-04-30 16:49:43 128000 ----a-w- e:\windows\DesinstWRecnet.exe
2008-04-30 16:49:43 122880 ----a-w- e:\windows\DesinstRecnet.exe
2008-04-24 11:48:25 0 d-----w- e:\arquivos de programas\arquivos comuns\Serviços
2008-04-24 11:38:08 0 d-----w- e:\windows\Arquivos de instalação do Windows Update
2008-04-24 11:38:00 0 d-----w- e:\windows\Histórico
2008-04-20 03:19:26 0 d-----w- e:\arquivos de programas\PC Connectivity Solution
2008-04-15 23:18:08 0 d-----w- e:\docume~1\fernanda\dadosd~1\LimeWire
2008-04-05 22:17:52 5632 ----a-w- e:\windows\system32\ptpusb.dll
2008-04-05 22:17:52 146944 ----a-w- e:\windows\system32\ptpusd.dll
2008-04-05 22:17:52 13824 -c--a-w- e:\windows\system32\dllcache\usbscan.sys
2008-04-05 22:17:52 13824 ----a-w- e:\windows\system32\drivers\usbscan.sys
2008-04-03 15:53:59 57856 ----a-w- e:\windows\system32\mpeg2data.ax
2008-02-17 21:40:00 0 d-----w- e:\arquivos de programas\arquivos comuns\ODBC
2008-02-14 21:00:41 32 ----a-w- e:\docume~1\alluse~1\dadosd~1\ezsid.dat
2008-02-14 20:59:52 0 d-----w- e:\arquivos de programas\Skype
2008-02-12 21:39:36 7174 ----a-w- e:\documents and settings\fernanda\1202852376-USBMOT2000.INF
2008-02-12 21:39:36 5891 ----a-w- e:\documents and settings\fernanda\1202852376-oem12.inf
2008-02-12 21:39:36 5877 ----a-w- e:\documents and settings\fernanda\1202852376-oem11.inf
2008-02-12 21:39:36 12828 ----a-w- e:\documents and settings\fernanda\1202852376-oem11.PNF
2008-02-12 21:39:36 12554 ----a-w- e:\documents and settings\fernanda\1202852376-oem12.PNF
2008-02-12 21:39:35 7195 ----a-w- e:\documents and settings\fernanda\1202852374-oem10.inf
2008-02-12 21:39:35 14302 ----a-w- e:\documents and settings\fernanda\1202852374-oem10.PNF
2008-02-12 20:48:34 7195 ----a-w- e:\documents and settings\fernanda\USBMOT2000.INF
2008-02-12 20:48:34 5891 ----a-w- e:\documents and settings\fernanda\USBMOT2000XP.INF
2008-02-12 20:48:34 5877 ----a-w- e:\documents and settings\fernanda\USB_CMCS_2000.INF
2008-02-12 20:48:34 24192 ----a-w- e:\documents and settings\fernanda\usbsermptxp.sys
2008-02-12 20:48:34 22768 ----a-w- e:\windows\system32\drivers\usbsermpt.sys
2008-02-12 20:48:34 22768 ----a-w- e:\documents and settings\fernanda\usbsermpt.sys
2008-02-12 20:48:18 5798 ----a-w- e:\documents and settings\fernanda\1202849298-oem12.inf
2008-02-12 20:48:18 12828 ----a-w- e:\documents and settings\fernanda\1202849297-oem11.PNF
2008-02-12 20:48:18 12474 ----a-w- e:\documents and settings\fernanda\1202849298-oem12.PNF
2008-02-12 20:48:17 7194 ----a-w- e:\documents and settings\fernanda\1202849295-oem10.inf
2008-02-12 20:48:17 5877 ----a-w- e:\documents and settings\fernanda\1202849297-oem11.inf
2008-02-12 20:48:17 14294 ----a-w- e:\documents and settings\fernanda\1202849295-oem10.PNF
2008-02-12 20:47:41 0 d-----w- e:\arquivos de programas\arquivos comuns\InstallShield
2008-01-24 19:26:38 73728 ----a-w- e:\windows\system32\javacpl.cpl
2008-01-16 20:55:21 0 d-sh--w- e:\documents and settings\all users\DRM
2008-01-16 20:31:52 0 d-----w- E:\Windows Media Player
2008-01-15 03:55:21 0 d-s---w- e:\documents and settings\fernanda\UserData
2008-01-15 03:54:34 0 d-----w- e:\documents and settings\fernanda\Contacts
2008-01-15 03:53:49 0 d-----r- e:\documents and settings\all users\Documentos
2008-01-15 03:45:53 0 d-----w- e:\documents and settings\all users\Modelos
2008-01-15 03:45:53 0 d-----w- e:\documents and settings\all users\Dados de aplicativos
2008-01-15 03:43:34 23256 ----a-w- e:\windows\system32\wucltui.dll.mui
2008-01-15 03:43:34 18144 ----a-w- e:\windows\system32\wuaueng.dll.mui
2008-01-15 03:43:34 15584 ----a-w- e:\windows\system32\wuaucpl.cpl.mui
2008-01-15 03:43:34 15584 ----a-w- e:\windows\system32\wuapi.dll.mui
2008-01-15 03:28:06 0 d-----w- e:\documents and settings\fernanda\Menu Iniciar
2008-01-15 03:28:06 0 d-----w- e:\documents and settings\all users\Menu iniciar
2008-01-15 03:28:06 0 d-----w- e:\arquivos de programas\arquivos comuns\speechengines
2008-01-15 03:28:06 0 d-----w- e:\arquivos de programas\arquivos comuns\mssoap
2008-01-15 03:28:06 0 d-----r- e:\documents and settings\fernanda\Favoritos
2008-01-15 03:28:04 0 d-----w- e:\arquivos de programas\windows nt
2008-01-15 03:28:03 0 d-----w- e:\arquivos de programas\msn gaming zone
2007-11-22 19:03:32 61474 ----a-w- e:\windows\system32\logo7.png
2007-10-07 22:15:42 380928 ----a-w- e:\windows\system32\AviSplitter.ax
2007-09-18 14:29:08 446464 ----a-w- e:\windows\system32\MatroskaSplitter.ax
2007-09-18 14:27:38 434176 ----a-w- e:\windows\system32\RealMediaSplitter.ax
2007-08-21 15:45:24 34304 --sha-w- e:\documents and settings\fernanda\Thumbs.db
2007-06-28 21:55:18 77824 ----a-w- e:\windows\system32\xvid.ax
2007-06-28 14:44:18 148992 ----a-w- e:\windows\system32\nsesetup.dll
2007-06-28 14:44:14 90624 ----a-w- e:\windows\system32\nmwcdcls.dll
2007-06-08 17:39:44 287744 ----a-w- e:\windows\system32\divxa32.acm
2007-06-01 13:23:46 972336 ----a-w- e:\windows\UNNeroMediaHome.exe
2007-05-15 12:45:14 972336 ----a-w- e:\windows\UNNeroVision.exe
2007-04-23 19:42:50 972336 ----a-w- e:\windows\UNRecode.exe
2007-03-21 00:22:04 972336 ----a-w- e:\windows\UNNeroBackItUp.exe
2007-03-05 20:00:18 95864 ----a-w- e:\windows\system32\NeroCo.dll
2007-02-28 19:41:02 972336 ----a-w- e:\windows\UNNeroShowTime.exe
2006-12-11 13:05:54 0 d-----w- e:\docume~1\fernanda\dadosd~1\EvidenceEraserPro
2006-12-11 13:05:13 1667072 ----a-w- e:\windows\setup.exe
2006-12-08 03:23:46 0 ----a-w- e:\windows\23.dat
2006-12-04 13:46:46 22969624 -c--a-w- e:\arquivos de programas\AdbeRdr708_pt_BR.exe
2006-11-20 13:20:47 268 -c-ha-w- E:\sqmdata03.sqm
2006-11-20 13:20:47 244 -c-ha-w- E:\sqmnoopt03.sqm
2006-11-19 00:36:26 30272 ----a-r- e:\windows\system32\drivers\usb2vcom.sys
2006-11-02 16:10:16 80912 ----a-w- e:\windows\system32\sherlock2.exe
2006-10-23 09:19:02 268 -c-ha-w- E:\sqmdata02.sqm
2006-10-23 09:19:02 244 -c-ha-w- E:\sqmnoopt02.sqm
2006-10-12 16:39:52 176 ----a-w- e:\windows\wininit.ini
2006-10-08 14:40:44 159744 ----a-w- e:\windows\system32\lfpng13n.dll
2006-10-06 16:49:57 244 -c-ha-w- E:\sqmnoopt01.sqm
2006-10-06 16:49:57 232 -c-ha-w- E:\sqmdata01.sqm
2006-10-06 16:30:39 244 -c-ha-w- E:\sqmnoopt00.sqm
2006-10-06 16:30:39 232 -c-ha-w- E:\sqmdata00.sqm
2006-09-26 00:17:43 3320 ----a-w- e:\windows\mozver.dat
2006-09-24 12:37:11 116 ----a-w- e:\windows\NeroDigital.ini
2006-09-24 12:10:50 69632 ----a-w- e:\windows\system32\lfgif13n.dll
2006-09-24 12:10:49 57344 ----a-w- e:\windows\system32\lfbmp13n.dll
2006-09-24 12:10:49 450560 ----a-w- e:\windows\system32\ltimg13n.dll
2006-09-24 12:10:49 401408 ----a-w- e:\windows\system32\lfcmp13n.dll
2006-09-24 12:10:49 299008 ----a-w- e:\windows\system32\ltdis13n.dll
2006-09-24 12:10:49 206336 ----a-w- e:\windows\system32\ltefx13n.dll
2006-09-24 12:10:49 163840 ----a-w- e:\windows\system32\ltfil13n.dll
2006-09-24 12:10:48 462848 ----a-w- e:\windows\system32\ltkrn13n.dll
2006-09-19 15:35:48 26272 ----a-w- e:\docume~1\fernanda\dadosd~1\GDIPFONTCACHEV1.DAT
2006-09-02 02:44:51 0 d--h--w- e:\arquivos de programas\Zero G Registry
2006-09-02 02:38:39 57344 ----a-w- e:\windows\uneng.exe
2006-09-02 02:38:38 49152 ----a-w- e:\windows\system32\cdrtc.dll
2006-09-02 02:38:38 45056 ----a-w- e:\windows\system32\cdral.dll
2006-09-02 02:31:11 21760 -c--a-w- e:\windows\system32\dllcache\usbstor.sys
2006-09-02 02:27:06 8192 -c--a-w- e:\windows\system32\dllcache\tsbyuv.dll
2006-09-02 02:27:06 8192 ----a-w- e:\windows\system32\tsbyuv.dll
2006-09-02 02:27:06 50688 -c--a-w- e:\windows\system32\dllcache\vfwwdm32.dll
2006-09-02 02:27:06 50688 ----a-w- e:\windows\system32\vfwwdm32.dll
2006-09-02 02:27:03 286720 ----a-w- e:\windows\system32\msh263.drv
2006-09-02 02:27:02 4096 -c--a-w- e:\windows\system32\dllcache\ksuser.dll
2006-09-02 02:26:58 45568 -c--a-w- e:\windows\system32\dllcache\iyuv_32.dll
2006-09-02 02:26:58 45568 ----a-w- e:\windows\system32\iyuv_32.dll
2006-09-02 02:26:57 18944 -c--a-w- e:\windows\system32\dllcache\dshowext.ax
2006-09-02 02:26:57 18944 ----a-w- e:\windows\system32\dshowext.ax
2006-09-02 02:19:10 81921 ----a-w- e:\windows\system32\drivers\MPIXVID.SYS
2006-09-02 02:19:10 25575 ----a-w- e:\windows\system32\drivers\USBCamAT.sys
2006-09-01 12:44:48 212480 ------w- e:\windows\pcdlib32.dll
2006-09-01 12:34:40 8704 -c--a-w- e:\windows\system32\dllcache\kbdjpn.dll
2006-09-01 12:34:40 8704 ----a-w- e:\windows\system32\kbdjpn.dll
2006-09-01 12:34:40 8192 -c--a-w- e:\windows\system32\dllcache\kbdkor.dll
2006-09-01 12:34:40 8192 ----a-w- e:\windows\system32\kbdkor.dll
2006-09-01 12:34:40 6144 -c--a-w- e:\windows\system32\dllcache\kbd106.dll
2006-09-01 12:34:40 6144 -c--a-w- e:\windows\system32\dllcache\kbd101c.dll
2006-09-01 12:34:40 6144 ----a-w- e:\windows\system32\kbd106.dll
2006-09-01 12:34:40 6144 ----a-w- e:\windows\system32\kbd101c.dll
2006-09-01 12:34:40 5632 -c--a-w- e:\windows\system32\dllcache\kbd103.dll
2006-09-01 12:34:40 5632 ----a-w- e:\windows\system32\kbd103.dll
2006-09-01 12:34:39 6144 -c--a-w- e:\windows\system32\dllcache\kbd101b.dll
2006-09-01 12:34:39 6144 ----a-w- e:\windows\system32\kbd101b.dll
2006-08-27 14:45:16 0 d-----w- e:\docume~1\fernanda\dadosd~1\Kazaa Lite
2006-08-12 00:47:16 135040 -c--a-w- e:\windows\system32\dllcache\portcls.sys
2006-08-12 00:47:16 135040 ----a-w- e:\windows\system32\drivers\portcls.sys
2006-08-12 00:47:15 57344 -c--a-w- e:\windows\system32\dllcache\drmk.sys
2006-08-12 00:47:15 57344 ----a-w- e:\windows\system32\drivers\drmk.sys
2006-08-12 00:27:58 24192 -c--a-w- e:\windows\system32\dllcache\usbser.sys
2006-08-12 00:27:58 24192 ----a-w- e:\windows\system32\drivers\usbser.sys
2006-08-12 00:27:58 24192 ----a-r- e:\windows\system32\drivers\OLD38.tmp
2006-08-11 21:11:23 0 d--h--w- e:\arquivos de programas\Scpad
2006-08-08 09:39:48 25600 ----a-w- e:\windows\system32\xpsp1hfm.exe
2006-08-08 09:39:48 0 dc-h--w- e:\windows\$xpsp1hfm$
2006-08-07 15:43:57 0 d-----w- e:\windows\system32\bits
2006-08-04 19:08:36 7680 -c----w- e:\windows\system32\dllcache\bitsprx2.dll
2006-08-04 19:08:36 7680 ------w- e:\windows\system32\bitsprx2.dll
2006-08-04 19:08:36 7168 -c----w- e:\windows\system32\dllcache\bitsprx3.dll
2006-08-04 19:08:36 7168 ------w- e:\windows\system32\bitsprx3.dll
2006-08-04 19:08:36 360960 -c--a-w- e:\windows\system32\dllcache\qmgr.dll
2006-08-04 19:08:36 331776 ----a-w- e:\windows\system32\winhttp.dll
2006-08-04 19:08:36 17408 -c--a-w- e:\windows\system32\dllcache\qmgrprxy.dll
2006-08-04 19:08:36 17408 ----a-w- e:\windows\system32\qmgrprxy.dll
2006-08-04 19:01:55 0 d-----w- e:\windows\system32\SoftwareDistribution
2006-08-04 18:57:49 217816 ----a-w- e:\windows\system32\wuaucpl.cpl
2006-08-04 18:57:49 194840 ----a-w- e:\windows\system32\wuaueng1.dll
2006-08-04 18:57:49 174872 ----a-w- e:\windows\system32\wuauclt1.exe
2006-08-04 07:44:04 2560 ------w- e:\windows\system32\drivers\cdralw2k.sys
2006-08-04 07:44:04 2432 ------w- e:\windows\system32\drivers\cdr4_xp.sys
2006-08-04 07:43:04 0 d-----w- e:\windows\RegisteredPackages
2006-08-04 07:31:39 0 d-----w- e:\docume~1\fernanda\dadosd~1\AVG7
2006-08-04 07:31:10 499712 ----a-w- e:\windows\system32\msvcp71.dll
2006-08-04 07:31:10 348160 ----a-w- e:\windows\system32\msvcr71.dll
2006-08-04 07:31:10 23424 ----a-w- e:\windows\system32\drivers\avgmfrs.sys
2006-08-02 23:21:58 316640 ----a-w- e:\windows\WMSysPr9.prx
2006-08-02 23:21:57 384512 ----a-w- e:\windows\system32\mp4sdmod.dll
2006-08-02 23:21:57 316040 ----a-w- e:\windows\system32\mp43dmod.dll
2006-08-02 23:21:57 241664 -c--a-w- e:\windows\system32\dllcache\mpg4dmod.dll
2006-08-02 23:21:57 241664 ----a-w- e:\windows\system32\mpg4dmod.dll
2006-08-02 23:21:52 9728 -c--a-w- e:\windows\system32\dllcache\npwmsdrm.dll
2006-08-02 23:21:52 217600 -c--a-w- e:\windows\system32\dllcache\npdrmv2.dll
2006-08-02 23:20:35 106496 ----a-w- e:\windows\system32\TwnLib20.dll
2006-08-02 23:20:30 38912 ------w- e:\windows\system32\picn20.dll
2006-08-02 23:20:28 155648 ----a-w- e:\windows\system32\NeroCheck.exe
2006-08-02 23:17:24 169 ----a-w- e:\windows\RtlRack.ini
2006-08-02 23:15:59 9389568 ----a-r- e:\windows\system32\RTLCPL.EXE
2006-08-02 23:15:54 141016 ----a-r- e:\windows\system32\ALSNDMGR.WAV
2006-08-02 23:15:49 18726912 ----a-r- e:\windows\system32\ALSNDMGR.CPL
2006-08-02 23:15:46 77824 ----a-r- e:\windows\SOUNDMAN.EXE
2006-08-02 23:15:46 2319680 ----a-r- e:\windows\system32\drivers\ALCXWDM.SYS
2006-08-02 23:15:44 22016 ----a-w- e:\windows\system32\wdmaud.drv
2006-08-02 23:15:36 164 ------r- e:\windows\avrack.ini
2006-08-02 23:15:30 40960 ------r- e:\windows\system32\ChCfg.exe
2006-08-02 23:15:19 294912 ------r- e:\windows\alcupd.exe
2006-08-02 23:15:18 200704 ------r- e:\windows\alcrmv.exe
2006-08-02 23:15:01 7040 ----a-r- e:\windows\system32\ntsim.sys
2006-08-02 23:12:25 27904 ----a-r- e:\windows\system32\drivers\VIAAGP1.SYS
2006-08-02 23:12:06 36224 -c--a-w- e:\windows\system32\dllcache\isapnp.sys
2006-08-02 23:12:06 36224 ----a-w- e:\windows\system32\drivers\isapnp.sys
2006-08-02 23:11:54 0 d-----w- e:\windows\system32\ReinstallBackups
2006-08-02 23:11:54 0 d-----w- e:\windows\LastGood.Tmp
2006-08-02 23:09:22 421 ----a-w- e:\windows\ODBC.INI
2006-08-02 23:07:14 0 d-----w- e:\windows\ShellNew
2006-08-02 23:04:04 0 d-sh--w- e:\windows\Installer
2006-08-02 23:03:51 212 --sh--w- e:\documents and settings\fernanda\ntuser.ini
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Modelos
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Dados de aplicativos
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Configurações locais
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Ambiente de rede
2006-08-02 23:03:50 0 d--h--w- e:\documents and settings\fernanda\Ambiente de impressão
2006-08-02 23:03:50 0 d-----r- e:\documents and settings\fernanda\Meus documentos
2006-08-02 23:01:33 8192 ----a-w- e:\windows\REGLOCS.OLD
2006-08-02 22:53:38 0 d--h--w- e:\arquivos de programas\WindowsUpdate
2006-01-02 09:07:08 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files
2006-01-01 19:33:48 0 dc----w- e:\arquivos de programas\Crawler
2006-01-01 19:33:42 0 d-----w- e:\docume~1\fernanda\dadosd~1\Spyware Terminator
2006-01-01 19:33:37 0 dc----w- e:\arquivos de programas\Spyware Terminator
2006-01-01 19:33:37 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Spyware Terminator
2006-01-01 04:49:45 0 dc----w- e:\arquivos de programas\Avira
2006-01-01 04:49:45 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Avira
==================== Find3M ====================
2010-01-19 19:24:36 19456 -csha-w- e:\arquivos de programas\Thumbs.db
2008-03-21 12:30:24 9940 ----a-w- e:\windows\fonts\Yamaha EBM 10.ttf
2008-03-10 20:37:36 46240 ----a-w- e:\windows\fonts\Yamaha EBM 8.ttf
2006-11-13 09:59:38 344380 ----a-w- e:\windows\system32\perfh016.dat
2006-11-13 09:59:37 48628 ----a-w- e:\windows\system32\perfc016.dat
2006-09-20 18:27:10 19020 ----a-w- e:\windows\fonts\Studio Manager Dot Font 3.TTF
2006-09-20 18:27:10 18784 ----a-w- e:\windows\fonts\Studio Manager Big Font.TTF
2006-09-20 18:27:10 18516 ----a-w- e:\windows\fonts\Studio Manager Dot Font 1.TTF
2006-09-20 18:27:10 13772 ----a-w- e:\windows\fonts\Studio Manager ChFont.TTF
2006-08-02 22:54:06 21844 ----a-w- e:\windows\system32\emptyregdb.dat
2006-01-31 17:48:56 28672 ----a-w- e:\windows\system32\sm2-qt333optserver.dll
2006-01-31 15:03:42 6713344 ----a-w- e:\windows\system32\sm2-dm1k_o1v96_resources.dll
2006-01-31 14:56:04 4198400 ----a-w- e:\windows\system32\sm2-qt-mt333.dll
2006-01-01 19:33:44 142592 -c--a-w- e:\windows\system32\drivers\sp_rsdrv2.sys
2004-07-22 13:51:34 3432656 -c--a-w- e:\arquivos de programas\ManagedDX.CAB
2004-07-20 01:58:36 1156363 -c--a-w- e:\arquivos de programas\BDANT.cab
2004-07-20 01:53:26 976020 -c--a-w- e:\arquivos de programas\BDAXP.cab
2004-07-09 17:17:16 13265040 -c--a-w- e:\arquivos de programas\dxnt.cab
2004-07-09 12:13:48 15493481 -c--a-w- e:\arquivos de programas\DirectX.cab
2004-07-09 12:13:46 703080 -c--a-w- e:\arquivos de programas\BDA.cab
2004-07-09 07:08:36 472576 -c--a-w- e:\arquivos de programas\dxsetup.exe
2004-07-09 07:08:34 2242560 -c--a-w- e:\arquivos de programas\dsetup32.dll
2004-07-09 06:03:10 62976 -c--a-w- e:\arquivos de programas\DSETUP.dll
============= FINISH: 16:56:23,05 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/8/2006 17:00:23
System Uptime: 1/1/2006 14:48:18 (2 hours ago)
Motherboard: | | P4M800-8237
Processor: Intel(R) Celeron(R) CPU 2.26GHz | Socket 478 | 2266/133mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 3,281 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 19 GiB total, 3,313 GiB free.
==== Disabled Device Manager Items =============
==== Installed Programs ======================
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
Ares 2.1.5
Avira AntiVir Personal - Free Antivirus
Crawler Toolbar with Web Security Guard
FormatFactory 2.20
Google Earth Plug-in
Google Update Helper
IL Download Manager
InterActual Player
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 11
Java(TM) 6 Update 3
K-Lite Mega Codec Pack 6.0.4
Microsoft Office XP Professional
Microsoft Office XP Professional com FrontPage
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.
MSVC80_x86
Need2Find Bar
Nero 7 Essentials
Nero Suite
neroxml
PC Connectivity Solution
Peer Points Manager
Picasa 2
Real Alternative 1.60
Realtek AC'97 Audio
Roxio PhotoSuite 5
S3GSetup
Skype 3.6
Spyware Terminator
Steam
TagScanner 5.1 build 553
Toxic Biohazard
Update Manager
VC80CRTRedist - 8.0.50727.4053
VIA/S3G Display Driver
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB842773
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q815021
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix Package [See Q329115 for more information]
WinRAR archiver
XP Codec Pack
YAMAHA 01V96 Editor
Yamaha LS9 Editor
Yamaha M7CL Editor
Yamaha Studio Manager
==== End Of File ===========================
GMER 1.0.15.15281 - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Rootkit scan 2006-01-01 19:49:18
Windows 5.1.2600
Running: gmer.exe; Driver: E:\DOCUME~1\Fernanda\CONFIG~1\Temp\fwayrpoc.sys
---- System - GMER 1.0.15 ----
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwClose [0xAFD7088E]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwCreateFile [0xAFD700EC]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwCreateKey [0xAFD6FDCE]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwCreateSection [0xAFD71938]
SSDT B87D928C ZwCreateThread
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwDeleteKey [0xAFD6FED8]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwDeleteValueKey [0xAFD6FFC2]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwLoadDriver [0xAFD70BBC]
SSDT B87D92AA ZwLoadKey
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwOpenFile [0xAFD703F4]
SSDT B87D9278 ZwOpenProcess
SSDT B87D927D ZwOpenThread
SSDT B87D92B4 ZwReplaceKey
SSDT B87D92AF ZwRestoreKey
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwSetInformationFile [0xAFD70526]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwSetValueKey [0xAFD6FBFC]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwTerminateProcess [0xAFD70B04]
SSDT \??\E:\WINDOWS\System32\drivers\sp_rsdrv2.sys ZwWriteFile [0xAFD7070C]
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!KeInitializeInterrupt + B79 804D4F8E 1 Byte [06]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 170 804FC688 4 Bytes [8E, 08, D7, AF]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1A0 804FC6B8 4 Bytes [EC, 00, D7, AF] {IN AL, DX ; ADD BH, DL; SCASD }
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1B0 804FC6C8 4 Bytes [CE, FD, D6, AF] {INTO ; STD ; SALC ; SCASD }
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1D4 804FC6EC 4 Bytes [38, 19, D7, AF] {CMP [ECX], BL; XLATB ; SCASD }
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1E0 804FC6F8 4 Bytes [8C, 92, 7D, B8]
.text ...
---- User code sections - GMER 1.0.15 ----
.text E:\WINDOWS\SYSTEM32\winlogon.exe[680] kernel32.dll!FreeLibraryAndExitThread 77E5D93D 5 Bytes JMP 1007A140 E:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco Real)
.text E:\WINDOWS\SYSTEM32\winlogon.exe[680] kernel32.dll!FreeLibrary 77E70618 5 Bytes JMP 1007A2A0 E:\ARQUIV~1\GbPlugin\gbiehabn.dll (Gbieh Module/Banco Real)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs avgntmgr.sys (Avira AntiVir File Filter Driver Manager/Avira GmbH)
Device \Driver\Tcpip \Device\Ip avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\Tcpip \Device\Tcp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\Tcpip \Device\Udp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\Tcpip \Device\RawIp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\Tcpip \Device\IPMULTICAST avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat avgntmgr.sys (Avira AntiVir File Filter Driver Manager/Avira GmbH)
---- EOF - GMER 1.0.15 ----
Fernanda- Iniciante
- Mensagens : 1
Reputação : 0
Data de inscrição : 12/08/2010
Re: Help! Perdida com os mais de 100 vírus detectados pelo Avira AntiVir...
Olá Fernanda! Seja bem-vinda ao Fórum Blind PCs.
Configure seu antivirus Avira Antivir seguindo as dicas destes tutoriais:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
___________________________________
Depois de configurar o Avira Antivir seguindo as dicas dos tutoriais acima, atualize-o (faça um update) e reinicie o seu computador e entre pelo Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança). Aí quando o computador tiver reiniciado, clique com o botão direito do mouse sobre o símbolo do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Scan system now > e aguarde a conclusão do escaneamento.
Obs: Caso não seja possível fazer o escaneamento com o Avira Antivir no Modo Seguro do Windows, faça-o no modo normal.
_______________________________________________________________
Quando você tiver removido os virus que o Avira Antivir encontrar, reinicie o computador normalmente. Clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Reports > dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Report file > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir juntamente com um log do programa Hijackthis (isto é mostrado [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]) para que eles possam ser analizados.
Ficamos no aguardo de sua resposta.
Configure seu antivirus Avira Antivir seguindo as dicas destes tutoriais:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
___________________________________
Depois de configurar o Avira Antivir seguindo as dicas dos tutoriais acima, atualize-o (faça um update) e reinicie o seu computador e entre pelo Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança). Aí quando o computador tiver reiniciado, clique com o botão direito do mouse sobre o símbolo do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Scan system now > e aguarde a conclusão do escaneamento.
Obs: Caso não seja possível fazer o escaneamento com o Avira Antivir no Modo Seguro do Windows, faça-o no modo normal.
_______________________________________________________________
Quando você tiver removido os virus que o Avira Antivir encontrar, reinicie o computador normalmente. Clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Reports > dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Report file > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir juntamente com um log do programa Hijackthis (isto é mostrado [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]) para que eles possam ser analizados.
Ficamos no aguardo de sua resposta.
Amigo Brasileiro- Membro Pleno
- Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008
Re: Help! Perdida com os mais de 100 vírus detectados pelo Avira AntiVir...
Tópico arquivado.
Como o autor não respondeu ao tópico por mais de 20 dias, o mesmo foi arquivado.
Caso você seja o autor do tópico e quer que o mesmo seja reaberto, envie uma mensagem privada para um membro da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] com um link para este tópico e justifique porque você precisa dele reaberto.
Como o autor não respondeu ao tópico por mais de 20 dias, o mesmo foi arquivado.
Caso você seja o autor do tópico e quer que o mesmo seja reaberto, envie uma mensagem privada para um membro da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] com um link para este tópico e justifique porque você precisa dele reaberto.
LordEvil- Membro
- Mensagens : 132
Reputação : 0
Data de inscrição : 13/10/2009
Tópicos semelhantes
» Ajuda qone8
» Avira anti virus gratuito
» Malwarebytes não acaba a verificação e já tem 430 obj detectados
» Ouça o melhor da MPB e músicas românticas nacionais
» Não consigo instalar o Avira...
» Avira anti virus gratuito
» Malwarebytes não acaba a verificação e já tem 430 obj detectados
» Ouça o melhor da MPB e músicas românticas nacionais
» Não consigo instalar o Avira...
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|