Remoção de vírus

Rodrimack · 13/08/2010

Meu PC está lento de ontem pra cá, percebi que a internet tmb e a luz do wi-fi fica direto acesa como se tivesse fazendo download. Vi esse programa e estava reiniciando com meu pc, logo removi no modo segurança e ele desapareceu mas não sei se por completo meu log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:30:51, on 13/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\PC Tools\sMonitor\StartManSvc.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe
C:\Arquivos de programas\Ralink\Common\RaRegistry.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
c:\arquivos de programas\avira\antivir desktop\avcenter.exe
C:\Documents and Settings\Rodrigo\Desktop\utorrent\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: updpxe32.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Arquivos de programas\Internet Download Manager\IEExt.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Arquivos de programas\Ralink\Common\RaRegistry.exe

--
End of file - 3165 bytes

Log Malwarebytes

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Versão da Base de Dados: 4424

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

13/8/2010 11:53:00
mbam-log-2010-08-13 (11-53-00).txt

Tipo de Verificação: Verificação Completa (C:\|)
Objetos escaneados: 181204
Tempo decorrido: 42 minuto(s), 1 segundo(s)

Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 0
Valores de Registro Infectados: 0
Itens de Dados no Registro Infectados: 0
Pastas Infectadas: 0
Arquivos Infectados: 2

Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:
(Não foram detectados ítens maliciosos)

Valores de Registro Infectados:
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Infectados:
(Não foram detectados ítens maliciosos)

Pastas Infectadas:
(Não foram detectados ítens maliciosos)

Arquivos Infectados:
C:\Arquivos de programas\Mozilla Firefox\0.16800385135967866.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rodrigo\Dados de aplicativos\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.

Iggor · 14/08/2010

Oi blz wolf?
Poderia olhar esse log pra mim?
Obrigado

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:30:16, on 14/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe
C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe
C:\Arquivos de programas\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Arquivos de programas\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Arquivos de programas\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\ARQUIV~1\GbPlugin\gbiehAbn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: (no name) - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - (no file)
O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SecurDisc] C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - S-1-5-18 Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'Default user')
O4 - .DEFAULT Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'Default user')
O4 - .DEFAULT User Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'Default user')
O4 - .DEFAULT User Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe
O4 - Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O15 - Trusted Zone: http://www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: http://www.bancoreal.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: http://www.santander.com.br
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: GbPluginAbn - C:\ARQUIV~1\GbPlugin\gbiehAbn.dll
O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7755 bytes

mateuscs · 17/08/2010

Caros amigos:
Estou usando o Windows 7 e, nos últimos dias, tenho perdido o sono com uma situação que tem ocorrido após a verificação do PC com o anti-vírus Avira: sempre há a indicação de existência de hidden objects (objetos escondidos) e, na última verificação feita, foram encontrados 453 objetos ocultos. Fiz algumas pesquisas na internet e não encontrei a maneira de verificar se esses objetos são nocivos ao PC, como também não descobri a maneira de excluir esses objetos, se isso é possível. Assim, gostaria de saber se esses objetos são danosos ao PC e se existe a possibilidade de excluí-los da máquina. Segue o Relatório da Verificação:

Avira AntiVir Personal
Report file date: terça-feira, 17 de agosto de 2010 13:00
Scanning for 2724261 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : SISTEMA
Computer name : MATEUS
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 16:37:38
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 16:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 22:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 11/02/2010 03:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 13:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 23:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 21:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 20:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 15:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 13:50:11
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 13:50:54
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 12:07:31
VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 12:07:32
VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 12:07:38
VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 12:07:38
VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 12:07:38
VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 12:07:39
VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 12:05:49
VBASE014.VDF : 7.10.9.255 997888 Bytes 29/07/2010 21:34:20
VBASE015.VDF : 7.10.10.28 139264 Bytes 02/08/2010 21:04:17
VBASE016.VDF : 7.10.10.52 127488 Bytes 03/08/2010 17:05:29
VBASE017.VDF : 7.10.10.84 137728 Bytes 06/08/2010 20:57:08
VBASE018.VDF : 7.10.10.107 176640 Bytes 09/08/2010 11:58:28
VBASE019.VDF : 7.10.10.130 132608 Bytes 10/08/2010 16:16:31
VBASE020.VDF : 7.10.10.158 131072 Bytes 12/08/2010 19:39:28
VBASE021.VDF : 7.10.10.190 136704 Bytes 16/08/2010 16:07:53
VBASE022.VDF : 7.10.10.191 2048 Bytes 16/08/2010 16:07:53
VBASE023.VDF : 7.10.10.192 2048 Bytes 16/08/2010 16:07:53
VBASE024.VDF : 7.10.10.193 2048 Bytes 16/08/2010 16:07:54
VBASE025.VDF : 7.10.10.194 2048 Bytes 16/08/2010 16:07:54
VBASE026.VDF : 7.10.10.195 2048 Bytes 16/08/2010 16:07:54
VBASE027.VDF : 7.10.10.196 2048 Bytes 16/08/2010 16:07:55
VBASE028.VDF : 7.10.10.197 2048 Bytes 16/08/2010 16:07:55
VBASE029.VDF : 7.10.10.198 2048 Bytes 16/08/2010 16:07:56
VBASE030.VDF : 7.10.10.199 2048 Bytes 16/08/2010 16:07:56
VBASE031.VDF : 7.10.10.205 47616 Bytes 17/08/2010 14:39:39
Engineversion : 8.2.4.34
AEVDF.DLL : 8.1.2.1 106868 Bytes 29/07/2010 21:36:23
AESCRIPT.DLL : 8.1.3.42 1364347 Bytes 29/07/2010 21:36:20
AESCN.DLL : 8.1.6.1 127347 Bytes 10/06/2010 13:52:09
AESBX.DLL : 8.1.3.1 254324 Bytes 10/06/2010 13:52:19
AERDL.DLL : 8.1.8.2 614772 Bytes 20/07/2010 17:17:37
AEPACK.DLL : 8.2.3.5 471412 Bytes 06/08/2010 20:59:24
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 21/07/2010 18:12:59
AEHEUR.DLL : 8.1.2.11 2834805 Bytes 06/08/2010 20:59:05
AEHELP.DLL : 8.1.13.2 242039 Bytes 20/07/2010 17:14:26
AEGEN.DLL : 8.1.3.19 393587 Bytes 06/08/2010 20:57:38
AEEMU.DLL : 8.1.2.0 393588 Bytes 10/06/2010 13:51:30
AECORE.DLL : 8.1.16.2 192887 Bytes 20/07/2010 17:13:22
AEBB.DLL : 8.1.1.0 53618 Bytes 10/06/2010 13:51:24
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 16:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 16:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 20:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 16:35:46
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 16:39:51
AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 16:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 13:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 16:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 19:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 18:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 17:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 18:14:29
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: repair
Secondary action....................: delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,
Start of the scan: terça-feira, 17 de agosto de 2010 13:00
Starting search for hidden objects.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\appwiz.cpl,-159
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-165
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-166
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-167
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-168
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-169
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-170
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-171
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-172
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\devicecenter.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\explorer.exe,-7021
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\networkexplorer.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows sidebar\sidebar.exe,-11100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-10
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-4602
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-10203
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@"c:\program files\windows journal\journal.exe",-3072
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\notepad.exe,-469
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wpccpl.dll,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\powercpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\powercpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\taskbarcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\taskbarcpl.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\taskbarcpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\vault.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\vault.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sud.dll,-10
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\tsworkspace.dll,-15300
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\tsworkspace.dll,-15301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wucltux.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows sidebar\sidebar.exe,-11003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows sidebar\sidebar.exe,-11002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\firewallcontrolpanel.dll,-12122
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\firewallcontrolpanel.dll,-12123
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\telephon.cpl,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\telephon.cpl,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\speechuxcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\speechuxcpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mblctr.exe,-1002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mblctr.exe,-1003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\usercpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\usercpl.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\usercpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\intl.cpl,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\intl.cpl,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\hgcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\hgcpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\main.cpl,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\main.cpl,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\main.cpl,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\main.cpl,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\devmgr.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\devmgr.dll,-5
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\icardres.dll,-4097
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\icardres.dll,-4098
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\perfcentercpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\perfcentercpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\appwiz.cpl,-160
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\srchadmin.dll,-601
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\srchadmin.dll,-602
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\netcenter.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\netcenter.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\netcenter.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wpccpl.dll,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\autoplay.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\autoplay.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\synccenter.dll,-3001
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\recovery.dll,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\recovery.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\inetcpl.cpl,-4312
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\inetcpl.cpl,-4313
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\devicecenter.dll,-2000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\colorcpl.exe,-6
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\colorcpl.exe,-7
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sdcpl.dll,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\systemcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\systemcpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\actioncentercpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\actioncentercpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\windowsanytimeupgradeui.exe,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\diagcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\diagcpl.dll,-15
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\oobefldr.dll,-33057
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\accessibilitycpl.dll,-45
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\accessibilitycpl.dll,-45
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows defender\msmpres.dll,-104
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows defender\msmpres.dll,-1176
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\timedate.cpl,-51
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\timedate.cpl,-52
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sensorscpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sensorscpl.dll,-701
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmsys.cpl,-300
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmsys.cpl,-301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ntshrui.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ntshrui.dll,-5112
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mycomput.dll,-400
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\bdeunlockwizard.exe,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wfsr.dll,-20089
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\van.dll,-2400
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@sud.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1122
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1142
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1162
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1182
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1202
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1222
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1242
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1262
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wmploc.dll,-128
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\syswow64\ie4uinit.exe,-21
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\syswow64\ie4uinit.exe,-21
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themeui.dll,-2682
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\prnfldr.dll,-8036
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\netshell.dll,-1200
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-913
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-5731
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-5732
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@sendmail.dll,-21
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@zipfldr.dll,-10148
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@sendmail.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\fxsresm.dll,-120
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-903
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%commonprogramfiles%\system\wab32res.dll,-10200
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-70
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-71
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-72
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-73
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-78
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-79
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-80
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-81
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-74
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-75
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-76
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-77
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9800
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9801
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\msimsg.dll,-34
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\msxml3r.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\hhctrl.ocx,-452
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sendmail.dll,-27
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sendmail.dll,-26
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\zipfldr.dll,-10226
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-912
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\sdclt.exe,-6051
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wfsr.dll,-57605
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wfsr.dll,-57609
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows nt\accessories\wordpad.exe,-301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows photo viewer\photoviewer.dll,-3043
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\stobject.dll,-417
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wshext.dll,-4804
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\msxml3r.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-24585
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\acppage.dll,-6002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9908
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9914
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9902
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9991
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@van.dll,-2401
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12026
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12027
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12027
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12016
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12017
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12023
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12007
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12004
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12006
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12008
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\occache.dll,-1070
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\occache.dll,-1071
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\occache.dll,-1072
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\dataclen.dll,-1010
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\dataclen.dll,-1011
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\werfault.exe,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\werfault.exe,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\werfault.exe,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\werfault.exe,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1001
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1004
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1005
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-297
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-298
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-298
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-298
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-298
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-295
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-299
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1006
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1007
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\regedit.exe,-309
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ie4uinit.exe,-733
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mydocs.dll,-905
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\networkmap.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@display.dll,-300
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@powercpl.dll,-50
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-15
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-15
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-14
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-13
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-12
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-11
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-10
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@powercpl.dll,-52
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-80
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-854
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-854
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-852
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-852
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-853
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-853
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-850
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-850
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-851
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-851
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-815
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-815
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-800
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-800
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-800
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-800
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-801
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-810
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-811
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-812
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-813
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-814
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\mctres.dll,-20000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\mctres.dll,-20000
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2014
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2014
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2013
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2105
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2105
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2109
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2109
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2106
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2106
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2101
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-2019
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2110
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2110
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themecpl.dll,-5
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@main.cpl,-1020
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themecpl.dll,-40
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-74
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@explorerframe.dll,-13137
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@explorerframe.dll,-13138
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\microsoft shared\ink\tipband.dll,-48
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-123
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-303
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\stobject.dll,-408
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\stobject.dll,-410
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\stobject.dll,-412
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\stobject.dll,-414
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wlansvc.dll,-4097
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wlansvc.dll,-4099
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wlansvc.dll,-4105
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wlansvc.dll,-4101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-120
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-120
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-105
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-109
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-117
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-107
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-125
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-518
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1200
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1202
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1204
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1204
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1204
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-251
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-257
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-253
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-255
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-601
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-603
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-609
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-607
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-351
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-365
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-81
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-371
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-373
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-375
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-363
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-407
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-403
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-516
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-522
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%programfiles%\windows media player\wmpnetwk.exe,-3001
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%programfiles%\windows media player\wmpnetwk.exe,-3003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%programfiles%\windows media player\wmpnetwk.exe,-3005
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%programfiles%\windows media player\wmpnetwk.exe,-3007
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\evr.dll,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\evr.dll,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-201
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-203
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-55
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-51
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-221
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-219
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-213
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-205
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\batmeter.dll,-400
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\atimuixx.dll,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\atimuixx.dll,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\atimuixx.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\atimuixx.dll,-107
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-118
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@usercpl.dll,-61
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5856
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5824
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5825
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10323
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5860
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5826
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5827
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5828
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5829
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5830
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5858
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5832
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5837
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5833
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5834
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5835
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5836
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5839
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5840
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5841
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5842
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10324
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5843
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5845
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5846
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5847
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5848
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5849
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5852
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5853
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5859
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5859
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5854
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10321
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10325
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5831
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@fxsresm.dll,-9110
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@fxsresm.dll,-9111
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@fxsresm.dll,-9109
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-17315
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10322
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10320
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-12513
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10326
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5566
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5563
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5564
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5561
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5565
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-700
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-701
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-702
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-703
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-704
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-705
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-706
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-707
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-708
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5581
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5580
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5578
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5577
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5579
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-710
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-711
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-712
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-713
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-714
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-716
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-717
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-718
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-719
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-720
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-721
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-722
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-736
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-723
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-724
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-725
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-726
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-734
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-727
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-737
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-728
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-729
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-730
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-731
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-732
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-733
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-735
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-816
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-817
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-818
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-819
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-820
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-821
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-822
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ulib.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7515
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7516
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7517
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7519
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7518
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7520
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7521
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7522
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7523
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7524
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-2683
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9924
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9923
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@cryptext.dll,-6145
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\setupapi.dll,-2000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@cryptext.dll,-6108
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\shell32.dll,-50192
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%windir%\explorer.exe,-7003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%windir%\explorer.exe,-304
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%windir%\explorer.exe,-307
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%windir%\explorer.exe,-7001
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020D75-0000-0000-C000-000000000046}\ShellFolder\attributes
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\381b4222-f694-41f0-9685-ff5bb260df2e
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership\group30
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Search\Tracing\EventThrottleState\00001019
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\dal_acespectready
[NOTE] The registry entry is invisible.
The scan of running processes will be started
Scan process 'avscan.exe' - '65' Module(s) have been scanned
Scan process 'avscan.exe' - '29' Module(s) have been scanned
Scan process 'avcenter.exe' - '76' Module(s) have been scanned
Scan process 'avgnt.exe' - '55' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '27' Module(s) have been scanned
Scan process 'LManager.exe' - '48' Module(s) have been scanned
Scan process 'PLFSetI.exe' - '37' Module(s) have been scanned
Scan process 'scpVista.exe' - '34' Module(s) have been scanned
Scan process 'avguard.exe' - '66' Module(s) have been scanned
Scan process 'sched.exe' - '48' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '233' files ).

Starting the file scan:
Begin scan in 'C:\' <Sistema>
Begin scan in 'D:\' <Dados>

End of the scan: terça-feira, 17 de agosto de 2010 13:35
Used time: 35:45 Minute(s)
The scan has been done completely.
17247 Scanned directories
236840 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
236840 Files not concerned
1199 Archives were scanned
0 Warnings
0 Notes
621995 Objects were scanned with rootkit scan
453 Hidden objects were found

Desde já agradeço a atenção e fico aguardando retorno. Grande abraço a todos!

Primoit · 17/08/2010

Olá Mr.Wolf, td bom?

Só queria ter certeza se esse log tem algo,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:40, on 17/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Arquivos de programas\Lexmark 1200 Series\lxczbmgr.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\Arquivos de programas\Lexmark 1200 Series\lxczbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\RM\Desktops.exe
C:\WINDOWS\system32\sistray.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Otica Santa Luzia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Otica Santa Luzia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Otica Santa Luzia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Arquivos de programas\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Otica Santa Luzia\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sysinternals Desktops] C:\RM\Desktops.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 5612 bytes

Valeu!

brunobyof · 19/08/2010

Aê "Mateuscs", não sei se vc sabe, mas quando vc posta uma coisa enorme dessa, é ideal que use um tag de "spoiler" para esconder a mensagem gigante dentro de um botão... Assim economiza páginas e não polui o tópico. Pra fazer isso, é só copiar a mensagem que vc quer esconder, clicar no "S" de spoiler na barra de ferramentas da mensagems e colar dentro das tags que aparecem no corpo da mensagem. ;o)

mateuscs · 20/08/2010

brunobyof disse:
Aê "Mateuscs", não sei se vc sabe, mas quando vc posta uma coisa enorme dessa, é ideal que use um tag de "spoiler" para esconder a mensagem gigante dentro de um botão... Assim economiza páginas e não polui o tópico. Pra fazer isso, é só copiar a mensagem que vc quer esconder, clicar no "S" de spoiler na barra de ferramentas da mensagems e colar dentro das tags que aparecem no corpo da mensagem. ;o)

Caro brunobyof:
Segui sua orientação e, agora, o tópico está "despoluído". Agradeço a sua dica e peço desculpa aos demais integrantes do fórum pela postagem de uma mensagem muito extensa.
Valeu!

PODBOT · 20/08/2010

mateuscs disse:
Caro brunobyof:
Segui sua orientação e, agora, o tópico está "despoluído". Agradeço a sua dica e peço desculpa aos demais integrantes do fórum pela postagem de uma mensagem muito extensa.
Valeu!

Risos, sua mensagem foi tão grande que vou ter que formatar o PC.

Mr.Wolf · 21/08/2010

mateuscs disse:
Caros amigos:
Estou usando o Windows 7 e, nos últimos dias, tenho perdido o sono com uma situação que tem ocorrido após a verificação do PC com o anti-vírus Avira: sempre há a indicação de existência de hidden objects (objetos escondidos) e, na última verificação feita, foram encontrados 453 objetos ocultos. Fiz algumas pesquisas na internet e não encontrei a maneira de verificar se esses objetos são nocivos ao PC, como também não descobri a maneira de excluir esses objetos, se isso é possível. Assim, gostaria de saber se esses objetos são danosos ao PC e se existe a possibilidade de excluí-los da máquina. Segue o Relatório da Verificação:

Avira AntiVir Personal
Report file date: terça-feira, 17 de agosto de 2010 13:00
Scanning for 2724261 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : SISTEMA
Computer name : MATEUS
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 16:37:38
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 16:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 22:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 11/02/2010 03:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 13:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 23:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 21:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 20:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 15:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 13:50:11
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 13:50:54
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 12:07:31
VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 12:07:32
VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 12:07:38
VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 12:07:38
VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 12:07:38
VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 12:07:39
VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 12:05:49
VBASE014.VDF : 7.10.9.255 997888 Bytes 29/07/2010 21:34:20
VBASE015.VDF : 7.10.10.28 139264 Bytes 02/08/2010 21:04:17
VBASE016.VDF : 7.10.10.52 127488 Bytes 03/08/2010 17:05:29
VBASE017.VDF : 7.10.10.84 137728 Bytes 06/08/2010 20:57:08
VBASE018.VDF : 7.10.10.107 176640 Bytes 09/08/2010 11:58:28
VBASE019.VDF : 7.10.10.130 132608 Bytes 10/08/2010 16:16:31
VBASE020.VDF : 7.10.10.158 131072 Bytes 12/08/2010 19:39:28
VBASE021.VDF : 7.10.10.190 136704 Bytes 16/08/2010 16:07:53
VBASE022.VDF : 7.10.10.191 2048 Bytes 16/08/2010 16:07:53
VBASE023.VDF : 7.10.10.192 2048 Bytes 16/08/2010 16:07:53
VBASE024.VDF : 7.10.10.193 2048 Bytes 16/08/2010 16:07:54
VBASE025.VDF : 7.10.10.194 2048 Bytes 16/08/2010 16:07:54
VBASE026.VDF : 7.10.10.195 2048 Bytes 16/08/2010 16:07:54
VBASE027.VDF : 7.10.10.196 2048 Bytes 16/08/2010 16:07:55
VBASE028.VDF : 7.10.10.197 2048 Bytes 16/08/2010 16:07:55
VBASE029.VDF : 7.10.10.198 2048 Bytes 16/08/2010 16:07:56
VBASE030.VDF : 7.10.10.199 2048 Bytes 16/08/2010 16:07:56
VBASE031.VDF : 7.10.10.205 47616 Bytes 17/08/2010 14:39:39
Engineversion : 8.2.4.34
AEVDF.DLL : 8.1.2.1 106868 Bytes 29/07/2010 21:36:23
AESCRIPT.DLL : 8.1.3.42 1364347 Bytes 29/07/2010 21:36:20
AESCN.DLL : 8.1.6.1 127347 Bytes 10/06/2010 13:52:09
AESBX.DLL : 8.1.3.1 254324 Bytes 10/06/2010 13:52:19
AERDL.DLL : 8.1.8.2 614772 Bytes 20/07/2010 17:17:37
AEPACK.DLL : 8.2.3.5 471412 Bytes 06/08/2010 20:59:24
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 21/07/2010 18:12:59
AEHEUR.DLL : 8.1.2.11 2834805 Bytes 06/08/2010 20:59:05
AEHELP.DLL : 8.1.13.2 242039 Bytes 20/07/2010 17:14:26
AEGEN.DLL : 8.1.3.19 393587 Bytes 06/08/2010 20:57:38
AEEMU.DLL : 8.1.2.0 393588 Bytes 10/06/2010 13:51:30
AECORE.DLL : 8.1.16.2 192887 Bytes 20/07/2010 17:13:22
AEBB.DLL : 8.1.1.0 53618 Bytes 10/06/2010 13:51:24
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 16:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 16:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 20:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 16:35:46
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 16:39:51
AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 16:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 13:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 16:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 19:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 18:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 17:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 18:14:29
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: repair
Secondary action....................: delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,
Start of the scan: terça-feira, 17 de agosto de 2010 13:00
Starting search for hidden objects.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\appwiz.cpl,-159
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-165
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-166
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-167
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-168
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-169
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-170
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-171
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@appwiz.cpl,-172
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\devicecenter.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\explorer.exe,-7021
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\networkexplorer.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows sidebar\sidebar.exe,-11100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-10
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-4602
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-10203
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@"c:\program files\windows journal\journal.exe",-3072
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\notepad.exe,-469
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wpccpl.dll,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\powercpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\powercpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\taskbarcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\taskbarcpl.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\taskbarcpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\vault.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\vault.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sud.dll,-10
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\tsworkspace.dll,-15300
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\tsworkspace.dll,-15301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wucltux.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows sidebar\sidebar.exe,-11003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows sidebar\sidebar.exe,-11002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\firewallcontrolpanel.dll,-12122
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\firewallcontrolpanel.dll,-12123
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\telephon.cpl,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\telephon.cpl,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\speechuxcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\speechuxcpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mblctr.exe,-1002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mblctr.exe,-1003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\usercpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\usercpl.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\usercpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\intl.cpl,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\intl.cpl,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\hgcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\hgcpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\main.cpl,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\main.cpl,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\main.cpl,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\main.cpl,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\devmgr.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\devmgr.dll,-5
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\icardres.dll,-4097
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\icardres.dll,-4098
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\perfcentercpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\perfcentercpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\appwiz.cpl,-160
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\srchadmin.dll,-601
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\srchadmin.dll,-602
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\netcenter.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\netcenter.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\netcenter.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wpccpl.dll,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\autoplay.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\autoplay.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\synccenter.dll,-3001
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\recovery.dll,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\recovery.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\inetcpl.cpl,-4312
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\inetcpl.cpl,-4313
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\devicecenter.dll,-2000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\colorcpl.exe,-6
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\colorcpl.exe,-7
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sdcpl.dll,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\systemcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\systemcpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\actioncentercpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\actioncentercpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\windowsanytimeupgradeui.exe,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\display.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\diagcpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\diagcpl.dll,-15
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\oobefldr.dll,-33057
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\accessibilitycpl.dll,-45
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\accessibilitycpl.dll,-45
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows defender\msmpres.dll,-104
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows defender\msmpres.dll,-1176
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\timedate.cpl,-51
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\timedate.cpl,-52
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sensorscpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sensorscpl.dll,-701
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-1
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmsys.cpl,-300
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmsys.cpl,-301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ntshrui.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ntshrui.dll,-5112
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mycomput.dll,-400
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\bdeunlockwizard.exe,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wfsr.dll,-20089
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\van.dll,-2400
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@sud.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1122
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1142
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1162
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1182
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1202
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1222
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1242
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\oobefldr.dll,-1262
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wmploc.dll,-128
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\syswow64\ie4uinit.exe,-21
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\syswow64\ie4uinit.exe,-21
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themeui.dll,-2682
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\prnfldr.dll,-8036
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\netshell.dll,-1200
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-913
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-5731
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-5732
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@sendmail.dll,-21
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@zipfldr.dll,-10148
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@sendmail.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\fxsresm.dll,-120
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-903
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%commonprogramfiles%\system\wab32res.dll,-10200
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-70
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-71
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-72
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-73
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-78
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-79
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-80
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-81
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-74
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-75
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-76
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\system\wab32res.dll,-77
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9800
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9801
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\msimsg.dll,-34
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\msxml3r.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\hhctrl.ocx,-452
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sendmail.dll,-27
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\sendmail.dll,-26
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\zipfldr.dll,-10226
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-912
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\sdclt.exe,-6051
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wfsr.dll,-57605
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wfsr.dll,-57609
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows nt\accessories\wordpad.exe,-301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows photo viewer\photoviewer.dll,-3043
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\stobject.dll,-417
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\wshext.dll,-4804
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\msxml3r.dll,-2
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ieframe.dll,-24585
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\acppage.dll,-6002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9908
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9914
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9902
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9991
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@van.dll,-2401
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12026
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12027
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12027
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12016
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12017
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12023
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12007
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12004
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12006
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@netshell.dll,-12008
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\occache.dll,-1070
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\occache.dll,-1071
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\occache.dll,-1072
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1002
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\dataclen.dll,-1010
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\dataclen.dll,-1011
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\werfault.exe,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\werfault.exe,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\werfault.exe,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\werfault.exe,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1001
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1004
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1005
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-297
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-298
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-298
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-298
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-298
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-295
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wer.dll,-299
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1006
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\setupcln.dll,-1007
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\regedit.exe,-309
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ie4uinit.exe,-733
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mydocs.dll,-905
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\networkmap.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@display.dll,-300
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@powercpl.dll,-50
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-15
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-15
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-14
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-13
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-12
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-11
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-10
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@powercpl.dll,-52
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-80
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-854
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-854
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-852
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-852
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-853
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-853
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-850
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-850
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-851
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-851
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-815
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-815
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-800
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-800
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-800
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-800
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-801
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-810
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-811
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-812
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-813
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-814
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\mctres.dll,-20000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\mctres.dll,-20000
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2014
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2014
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2013
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2105
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2105
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2109
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2109
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2106
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2106
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2101
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-2019
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2110
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\themeui.dll,-2110
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themecpl.dll,-5
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@main.cpl,-1020
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themecpl.dll,-40
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\themecpl.dll,-74
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@explorerframe.dll,-13137
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@explorerframe.dll,-13138
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\common files\microsoft shared\ink\tipband.dll,-48
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-123
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-301
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-303
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\stobject.dll,-408
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\stobject.dll,-410
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\stobject.dll,-412
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\stobject.dll,-414
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wlansvc.dll,-4097
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wlansvc.dll,-4099
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wlansvc.dll,-4105
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\wlansvc.dll,-4101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-120
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-120
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-105
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-109
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-117
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-107
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-125
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-518
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1200
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1202
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1204
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1204
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\usbui.dll,-1204
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-251
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-257
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-253
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-255
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-601
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-603
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-609
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-607
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-351
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-365
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-81
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-371
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-373
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-375
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-363
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-407
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-403
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-516
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-522
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%programfiles%\windows media player\wmpnetwk.exe,-3001
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%programfiles%\windows media player\wmpnetwk.exe,-3003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%programfiles%\windows media player\wmpnetwk.exe,-3005
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%programfiles%\windows media player\wmpnetwk.exe,-3007
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\evr.dll,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\evr.dll,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-201
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-203
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-55
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-51
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-221
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-219
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-213
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-205
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\batmeter.dll,-400
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\atimuixx.dll,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\atimuixx.dll,-101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\atimuixx.dll,-103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\atimuixx.dll,-107
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\powrprof.dll,-118
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@usercpl.dll,-61
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5856
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5824
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5825
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10323
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5860
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5826
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5827
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5828
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5829
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5830
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5858
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5832
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5837
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5833
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5834
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5835
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5836
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5839
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5840
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5841
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5842
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10324
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5843
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5845
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5846
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5847
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5848
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5849
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5852
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5853
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5859
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5859
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5854
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10321
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10325
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-5831
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@fxsresm.dll,-9110
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@fxsresm.dll,-9111
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@fxsresm.dll,-9109
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-17315
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10322
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10320
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-12513
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@ieframe.dll,-10326
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5566
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5563
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5564
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5561
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5565
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-700
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-701
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-702
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-703
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-704
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-705
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-706
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-707
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-708
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5581
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5580
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5578
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5577
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\speech\speechux\sapi.cpl,-5579
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-710
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-711
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-712
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-713
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-714
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-716
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-717
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-718
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-719
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-720
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-721
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-722
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-736
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-723
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-724
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-725
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-726
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-734
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-727
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-737
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-728
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-729
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-730
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-731
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-732
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-733
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\mmres.dll,-735
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-816
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-817
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-818
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-819
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-820
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-821
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@mmres.dll,-822
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\ulib.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7515
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7516
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7517
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7519
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7518
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7520
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7521
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7522
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7523
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\program files\windows mail\msoeres.dll,-7524
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@themeui.dll,-2683
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9924
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\unregmp2.exe,-9923
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@cryptext.dll,-6145
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@c:\windows\system32\setupapi.dll,-2000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@cryptext.dll,-6108
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%systemroot%\system32\shell32.dll,-50192
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%windir%\explorer.exe,-7003
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%windir%\explorer.exe,-304
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%windir%\explorer.exe,-307
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\96383CDB\@%windir%\explorer.exe,-7001
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020D75-0000-0000-C000-000000000046}\ShellFolder\attributes
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\381b4222-f694-41f0-9685-ff5bb260df2e
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership\group30
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Search\Tracing\EventThrottleState\00001019
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\dal_acespectready
[NOTE] The registry entry is invisible.
The scan of running processes will be started
Scan process 'avscan.exe' - '65' Module(s) have been scanned
Scan process 'avscan.exe' - '29' Module(s) have been scanned
Scan process 'avcenter.exe' - '76' Module(s) have been scanned
Scan process 'avgnt.exe' - '55' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '27' Module(s) have been scanned
Scan process 'LManager.exe' - '48' Module(s) have been scanned
Scan process 'PLFSetI.exe' - '37' Module(s) have been scanned
Scan process 'scpVista.exe' - '34' Module(s) have been scanned
Scan process 'avguard.exe' - '66' Module(s) have been scanned
Scan process 'sched.exe' - '48' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '233' files ).

Starting the file scan:
Begin scan in 'C:\' <Sistema>
Begin scan in 'D:\' <Dados>

End of the scan: terça-feira, 17 de agosto de 2010 13:35
Used time: 35:45 Minute(s)
The scan has been done completely.
17247 Scanned directories
236840 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
236840 Files not concerned
1199 Archives were scanned
0 Warnings
0 Notes
621995 Objects were scanned with rootkit scan
453 Hidden objects were found

Desde já agradeço a atenção e fico aguardando retorno. Grande abraço a todos!

mateuscs, a presença de objetos ocultos geralmente denotam a ocorrência de três coisas possíveis: a existência de rootkits na máquina; o antivirus não conseguiu acessar os arquivos (file locked); ou simplesmente os ficheiros estão escondidos apenas e o antivirus o notificou sobre os mesmos.

No seu caso, creio que seja a terceira ocorrência, uma vez que nenhuma das entradas notificadas pelo Avira são maliciosas. Se fosse as outras duas causas, o Avira certamente acusaria algo no parâmetro "Files were classified as suspicious" do log. Ressalvo ainda que antivirus não são os melhores softwares para se identificar rootkits, embora possuam digitalização de rootkits — a maioria deles geram falsos positivos.

Porém, entendo perfeitamente sua preocupação, afinal, rootkits são as pragas mais perigosas e são realmente apontados em entradas invisíveis (ocultas/escondidas). Faça o seguinte:

Desative a restauração do sistema do seu Windows. Reinicie seu PC em modo de segurança. Execute o Avira e faça um novo scan completo com ele, incluindo a verificação por rootkits. Após o término do scan, observe se os itens ocultos serão encontrados ainda assim.

Você também pode utilizar o GMER (anti-rootkit) ou o Kaspersky Virus Removal Tool (ferramenta standalone que também analisa a veracidade de objetos ocultos, logo, podendo identificar possíveis rootkits user-land).

Todavia, é importante salientar que o Windows possui muitos objetos ocultos.

De qualquer forma, não vejo problema algum no log do Avira, mesmo que não seja ele o log ideal para uma análise deste gênero.

Abraços

Rodrimack · 21/08/2010

Mr.Wolf já resolvi o problema no forum da linha defensiva!vlw :yes:

mateuscs · 21/08/2010

Caro Mr. Wolf:
Agradeço sua resposta e, após seguir sua orientação, a verificação do Avira (com o Windows no Modo de Segurança) apresentou o seguinte:

Avira AntiVir Personal
Report file date: sábado, 21 de agosto de 2010 14:41
Scanning for 2733576 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (plain) [6.1.7600]
Boot mode : Safe mode
Username : Mateus
Computer name : MATEUS
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 16:37:38
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 16:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 22:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 11/02/2010 03:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 13:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 23:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 21:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 20:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 15:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 13:50:11
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 13:50:54
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 12:07:31
VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 12:07:32
VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 12:07:38
VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 12:07:38
VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 12:07:38
VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 12:07:39
VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 12:05:49
VBASE014.VDF : 7.10.9.255 997888 Bytes 29/07/2010 21:34:20
VBASE015.VDF : 7.10.10.28 139264 Bytes 02/08/2010 21:04:17
VBASE016.VDF : 7.10.10.52 127488 Bytes 03/08/2010 17:05:29
VBASE017.VDF : 7.10.10.84 137728 Bytes 06/08/2010 20:57:08
VBASE018.VDF : 7.10.10.107 176640 Bytes 09/08/2010 11:58:28
VBASE019.VDF : 7.10.10.130 132608 Bytes 10/08/2010 16:16:31
VBASE020.VDF : 7.10.10.158 131072 Bytes 12/08/2010 19:39:28
VBASE021.VDF : 7.10.10.190 136704 Bytes 16/08/2010 16:07:53
VBASE022.VDF : 7.10.10.217 118272 Bytes 19/08/2010 12:05:21
VBASE023.VDF : 7.10.10.218 2048 Bytes 19/08/2010 12:05:21
VBASE024.VDF : 7.10.10.219 2048 Bytes 19/08/2010 12:05:22
VBASE025.VDF : 7.10.10.220 2048 Bytes 19/08/2010 12:05:22
VBASE026.VDF : 7.10.10.221 2048 Bytes 19/08/2010 12:05:22
VBASE027.VDF : 7.10.10.222 2048 Bytes 19/08/2010 12:05:23
VBASE028.VDF : 7.10.10.223 2048 Bytes 19/08/2010 12:05:23
VBASE029.VDF : 7.10.10.224 2048 Bytes 19/08/2010 12:05:23
VBASE030.VDF : 7.10.10.225 2048 Bytes 19/08/2010 12:05:23
VBASE031.VDF : 7.10.10.239 71680 Bytes 20/08/2010 16:19:03
Engineversion : 8.2.4.38
AEVDF.DLL : 8.1.2.1 106868 Bytes 29/07/2010 21:36:23
AESCRIPT.DLL : 8.1.3.42 1364347 Bytes 29/07/2010 21:36:20
AESCN.DLL : 8.1.6.1 127347 Bytes 10/06/2010 13:52:09
AESBX.DLL : 8.1.3.1 254324 Bytes 10/06/2010 13:52:19
AERDL.DLL : 8.1.8.2 614772 Bytes 20/07/2010 17:17:37
AEPACK.DLL : 8.2.3.5 471412 Bytes 06/08/2010 20:59:24
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 21/07/2010 18:12:59
AEHEUR.DLL : 8.1.2.15 2859382 Bytes 18/08/2010 14:14:05
AEHELP.DLL : 8.1.13.2 242039 Bytes 20/07/2010 17:14:26
AEGEN.DLL : 8.1.3.19 393587 Bytes 06/08/2010 20:57:38
AEEMU.DLL : 8.1.2.0 393588 Bytes 10/06/2010 13:51:30
AECORE.DLL : 8.1.16.2 192887 Bytes 20/07/2010 17:13:22
AEBB.DLL : 8.1.1.0 53618 Bytes 10/06/2010 13:51:24
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 16:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 16:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 20:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 16:35:46
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 16:39:51
AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 16:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 13:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 16:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 19:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 18:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 17:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 18:14:29
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: repair
Secondary action....................: delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,
Start of the scan: sábado, 21 de agosto de 2010 14:41
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started
Scan process 'avscan.exe' - '64' Module(s) have been scanned
Scan process 'avcenter.exe' - '75' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '249' files ).

Starting the file scan:
Begin scan in 'C:\' <Sistema>
Begin scan in 'D:\' <Dados>

End of the scan: sábado, 21 de agosto de 2010 15:00
Used time: 18:27 Minute(s)
The scan has been done completely.
17110 Scanned directories
230616 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
230616 Files not concerned
1150 Archives were scanned
0 Warnings
0 Notes

Em seguida, reiniciei o Windows 7 e fiz, novamente, uma verificação completa com o Avira. O log dessa varredura aprsentou a existência de 639 objetos ocultos. Estou achando estranha essa quantidade de objetos ocultos e tenho receio de algo esteja acontecendo no notebook, pois está havendo uma leve demora para que as páginas da web abram completamente.
Diante disso, será que há algum problema de vírus na máquina?
Aguardo retorno. Desde já, agradeço a atenção.
Grande abraço!

Mr.Wolf · 22/08/2010

mateuscs, como pôde observar, em modo de segurança nada foi identificado pelo Avira. Se houvesse rootkits na máquina, mesmo em modo seguro, eles com certeza seriam classificados como suspeitos, no mínimo.

Em modo normal as entradas ocultas aparecem mesmo pelo simples e único fato de o Windows e seus processos estarem totalmente ativos.

Mas, se ainda assim quiser tirar a prova, vamos dar uma analisada mais detalhada. Siga o spoiler abaixo:

Faça o download desta ferramenta abaixo e salve em sua unidade C:
http://www.gmer.net/download.php

Desconecte-se da Internet e feche todos os programas abertos.
Desative temporariamente seus programas de proteção.
Dê um duplo clique no arquivo que acabou de baixar para executar a ferramenta.
Clique na guia "Rootkit/Malware" e veja se, ao lado direito do painel, todos os itens estão marcados. Conforme a imagem abaixo:

Selecione sua unidade C: e clique no botão Scan para iniciar a varredura. Seja paciente, pois pode levar alguns minutos!
Quando o scan terminar, clique no botão Save para salvar o relatório em seu desktop. Salve como Resultado.log.
Feche a ferramenta e reative todos os seus programas de proteção que foram desativados.

Copie e cole este relatório em sua próxima resposta.

- Faça o download do RSIT e salve no seu desktop;

● Dê dois cliques em RSIT.exe para executar o programa;
● Na janela que abrir clique no botão Continue para que a ferramenta comece a rodar;
● Quando a ferramenta terminar de rodar, abrirá um log automaticamente no bloco de notas contendo o resultado do scan. Cole o resultado desse log (log.txt) na sua próxima resposta;
● Cole também o conteúdo do arquivo info.txt que estará em C:\rsit\info.txt.

... pois está havendo uma leve demora para que as páginas da web abram completamente.

Isso pode estar sendo ocasionado por vários motivos.

Além desta demora no carregamento das páginas, há alguma outra anormalidade no sistema em si? Lentidão, mensagens de erros inesperadas, processos consumindo demasiada quantidade de memória, etc?

YagoDM · 22/08/2010

Hey Mr. Wolf, tudo bem?

Bom desculpe encomodar mas é que meu pc de uns tempos pra cá anda lento, e faz uns 4 dias que quando eu digito qualquer coisa que tenha a palavra google na área de endereços dos sites ele aparece uma mensagem no meio da tela como se fosse do betwwin só que sem remetente dizendo "entrei..." e isso acontece também quando tento entrar por exemplo na minha conta gmail.com, dai quando ela vai carrega e aparece que ta entrando pelo google ele faz a mesma coisa. Por favor, poderia me ajudar?

Segue abaixo o log do hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:58, on 22/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe
C:\ARQUIV~1\LAUNCH~1\QtZgAcer.EXE
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\Cliente\CONFIG~1\Temp\RtkBtMnt.exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Arquivos de programas\Claro\Claro.exe
C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Documents and Settings\Cliente\Configurações locais\Temporary Internet Files\Content.IE5\I1BG5TMN\SoftonicDownloader34177[1].exe
C:\Documents and Settings\Cliente\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\joys.cpl,
O1 - Hosts: 69.162.118.169 www.santander.com.br
O1 - Hosts: 69.162.118.169 santander.com.br
O1 - Hosts: 69.162.118.170 www.itau.com.br
O1 - Hosts: 69.162.118.170 itau.com.br
O1 - Hosts: 69.162.118.170 www.itaupersonnalite.com.br
O1 - Hosts: 69.162.118.170 itaupersonnalite.com.br
O1 - Hosts: 69.162.118.170 www.itauprivatebank.com.br
O1 - Hosts: 69.162.118.170 itauprivatebank.com.br
O1 - Hosts: 69.162.118.171 www.bradesco.com.br
O1 - Hosts: 69.162.118.171 bradesco.com.br
O1 - Hosts: 69.162.118.171 www.bradescoprime.com.br
O1 - Hosts: 69.162.118.171 bradescoprime.com.br
O1 - Hosts: 69.162.118.168 www.nossacaixa.com.br
O1 - Hosts: 69.162.118.168 nossacaixa.com.br
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {BFD16BFB-E9C0-4444-B24E-938C42AB8D6C} - C:\WINDOWS\system32\javan.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Arquivos de programas\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Arquivos de programas\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Arquivos de programas\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\ARQUIV~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Serviço de Rede] C:\WINDOWS\system\Downloads_E.cpl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: VPNConnection.lnk = C:\WINDOWS\system32\javaw.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar para Dispositivo &Bluetooth... - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1280757878734
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1280757858453
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D7E0A24-E90F-4881-88E6-EC1953C15628}: NameServer = 200.169.119.221 200.169.119.222
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Arquivos de programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe
--
End of file - 12384 bytes

Brigadão, aguardo retorno.

mateuscs · 23/08/2010

Mr.Wolf disse:
mateuscs, como pôde observar, em modo de segurança nada foi identificado pelo Avira. Se houvesse rootkits na máquina, mesmo em modo seguro, eles com certeza seriam classificados como suspeitos, no mínimo.

Em modo normal as entradas ocultas aparecem mesmo pelo simples e único fato de o Windows e seus processos estarem totalmente ativos.

Mas, se ainda assim quiser tirar a prova, vamos dar uma analisada mais detalhada. Siga o spoiler abaixo:

Faça o download desta ferramenta abaixo e salve em sua unidade C:
http://www.gmer.net/download.php

Desconecte-se da Internet e feche todos os programas abertos.
Desative temporariamente seus programas de proteção.
Dê um duplo clique no arquivo que acabou de baixar para executar a ferramenta.
Clique na guia "Rootkit/Malware" e veja se, ao lado direito do painel, todos os itens estão marcados. Conforme a imagem abaixo:

Selecione sua unidade C: e clique no botão Scan para iniciar a varredura. Seja paciente, pois pode levar alguns minutos!
Quando o scan terminar, clique no botão Save para salvar o relatório em seu desktop. Salve como Resultado.log.
Feche a ferramenta e reative todos os seus programas de proteção que foram desativados.

Copie e cole este relatório em sua próxima resposta.

- Faça o download do RSIT e salve no seu desktop;

● Dê dois cliques em RSIT.exe para executar o programa;
● Na janela que abrir clique no botão Continue para que a ferramenta comece a rodar;
● Quando a ferramenta terminar de rodar, abrirá um log automaticamente no bloco de notas contendo o resultado do scan. Cole o resultado desse log (log.txt) na sua próxima resposta;
● Cole também o conteúdo do arquivo info.txt que estará em C:\rsit\info.txt.

Isso pode estar sendo ocasionado por vários motivos.

Além desta demora no carregamento das páginas, há alguma outra anormalidade no sistema em si? Lentidão, mensagens de erros inesperadas, processos consumindo demasiada quantidade de memória, etc?

Caro Mr. Wolf:
Segui o indicado, desativando o Avira. Baixei o GMER, mas o que aparece no lado direito assinalado são apenas Service, Registry e Files, além da unidade C:\. Desse modo, a opção de verificação seria feita apenas nos arquivos assinalados. Porém, o RSIT fez a verificação e encontrou o seguinte:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Mateus at 2010-08-23 09:51:26
Microsoft Windows 7 Professional
System drive C: has 56 GB (78%) free of 72 GB
Total RAM: 2814 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:51:51, on 23/08/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GDCSG8R4\RSIT[1].exe
C:\Program Files (x86)\trend micro\Mateus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pannet.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: scpVista - Scopus Tecnologia Ltda - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7059 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E3C3651-B19C-4DD9-A979-901EC3E930AF}]
ssh2 Class - C:\Program Files (x86)\Scpad\scpsssh2.dll [2009-07-10 214320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Auxiliar de Conexão do Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-14 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"RemoteControl"=C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll [2009-07-10 202032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-08-23 09:51:29 ----DC---- C:\Program Files (x86)\trend micro
2010-08-23 09:51:26 ----DC---- C:\rsit
2010-08-23 09:43:34 ----AC---- C:\d2celr6u.exe
2010-08-21 14:40:36 ----AC---- C:\Windows\ntbtlog.txt
2010-08-10 17:30:55 ----DC---- C:\Users\Usuario\AppData\Roaming\Foxit Software
2010-08-10 17:24:43 ----DC---- C:\Program Files (x86)\Foxit Software
======List of files/folders modified in the last 1 months======
2010-08-23 09:51:43 ----DC---- C:\Windows\Temp
2010-08-23 09:51:29 ----RDC---- C:\Program Files (x86)
2010-08-23 09:34:19 ----SHD---- C:\System Volume Information
2010-08-23 09:28:18 ----DC---- C:\Windows\System32
2010-08-23 09:28:18 ----DC---- C:\Windows\inf
2010-08-21 14:40:36 ----DC---- C:\Windows
2010-08-21 14:34:48 ----DC---- C:\Windows\Prefetch
2010-08-21 14:28:00 ----DC---- C:\Windows\Tasks
2010-08-17 17:55:24 ----DC---- C:\Windows\SysWOW64
2010-08-16 09:37:53 ----RDC---- C:\Program Files
2010-08-12 17:01:05 ----HDC---- C:\ProgramData
2010-08-10 17:38:06 ----SHDC---- C:\Windows\Installer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 20992]
R2 scpVista;scpVista; C:\Program Files (x86)\Scpad\scpVista.exe [2009-07-10 136496]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 20992]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
-----------------EOF-----------------

O info.txt diz o seguinte:

info.txt logfile of random's system information tool 1.08 2010-08-23 09:51:53
======Uninstall list======
-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
Acer Crystal Eye Webcam-->C:\Program Files (x86)\InstallShield Installation Information\{7760D94E-B1B5-40A0-9AA0-ABF942108755}\setup.exe -runfromtemp -l0x0816 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
AMD USB Filter Driver-->MsiExec.exe /X{82809116-D1EE-443C-AE31-F19E709DDF7A}
Assistente de Conexão do Windows Live-->MsiExec.exe /I{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
Catalyst Control Center - Branding-->MsiExec.exe /I{8B999A44-8314-493B-877E-A1DA5B54D9B8}
DVD Shrink 3.2-->"C:\Program Files (x86)\DVD Shrink\unins000.exe"
DVD Suite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Ferramenta de Carregamento do Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Foxit Reader-->C:\Program Files (x86)\Foxit Software\Foxit Reader\Uninstall.exe
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Mega Codec Pack 4.2.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
L&H Power Translator Pro 7.0-->C:\WINDOWS\ISUN0416.EXE -f"C:\Program Files (x86)\LHSP\L&H Power Translator Pro\Uninst.isu" -c"C:\Program Files (x86)\LHSP\L&H Power Translator Pro\Uninstall.dll"
Launch Manager-->C:\Windows\UNINST32.EXE LManager.UNI
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Access MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0015-0416-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0016-0416-0000-0000000FF1CE}
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00BA-0416-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0044-0416-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-00A1-0416-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001A-0416-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0018-0416-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0019-0416-0000-0000000FF1CE}
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE}
Microsoft Office Word MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001B-0416-0000-0000000FF1CE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nero 7 Essentials-->MsiExec.exe /X{9B4E6CB9-E54D-47F7-A414-E2D5740E1046}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Pdf995-->C:\Program Files (x86)\pdf995\setup.exe uninstall
PdfEdit995-->C:\Program Files (x86)\pdf995\res\utilities\thinsetup.exe - uninstall
PowerDVD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Setup.exe" -runfromtemp -l0x0416 -removeonly
Signature995-->C:\Program Files (x86)\pdf995\res\utilities\Signature995\thinsetup.exe - uninstall
Windows Live Call-->MsiExec.exe /I{32BC546A-8AA3-4239-AE92-9CF3291C35A6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F2CD4651-F948-467C-B014-71FD981B7F59}
Windows Live Messenger-->MsiExec.exe /X{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}
WinRAR archiver-->C:\Program Files (x86)\WinRAR\uninstall.exe
======System event log======
Computer Name: 37L4247E29-32
Event Code: 7036
Message: O serviço Cryptographic Services entrou no estado stopped.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 7036
Message: O serviço Windows Modules Installer entrou no estado stopped.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 7036
Message: O serviço Software Protection entrou no estado stopped.
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 7036
Message: O serviço Windows Event Log entrou no estado stopped.
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 7036
Message: O serviço Volume Shadow Copy entrou no estado stopped.
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informações
User:
=====Application event log=====
Computer Name: 37L4247E29-32
Event Code: 1001
Message: Falha no compartilhamento de memória , tipo 0
Nome do Evento: PnPGenericDriverFound
Resposta: Não disponível
Id do arquivo CAB: 0
Assinatura do problema:
P1: x64
P2: PCI\VEN_1002&DEV_9712&SUBSYS_02931025&REV_00
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:
Arquivos anexados:
Estes arquivos podem estar disponíveis em:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_65194ccfbb017fcf5cfa1b1da886c09244ce30_cab_0705fd90
Símbolo da análise:
Verificando novamente solução: 0
Id de relatório: 204d3f7a-6b7c-11df-9859-e02b5ef28a80
Status do relatório: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20100529234431.000000-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100529234323.000000-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100529234319.000000-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 4625
Message: O subsistema EventSystem está suprimindo entradas de log de eventos duplicadas para uma duração de 86400 segundos. O tempo limite de supressão pode ser controlado por um valor REG_DWORD denominado SuppressDuplicateDuration sob esta chave do Registro: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100529234314.000000-000
Event Type: Informações
User:
Computer Name: 37L4247E29-32
Event Code: 1531
Message: Serviço de Perfil de Usuário iniciado com êxito.

Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100529234314.151690-000
Event Type: Informações
User: AUTORIDADE NT\SISTEMA
=====Security event log=====
Computer Name: 37L4247E29-32
Event Code: 4735
Message: Foi alterado um grupo local com a segurança ativada.
Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: 37L4247E29-32$
Domínio da conta: WORKGROUP
Identificação de logon: 0x3e7
Grupo:
Identificação de segurança: S-1-5-32-551
Nome do grupo: Operadores de cópia
Domínio do grupo: Builtin
Atributos alterados:
Nome de conta Sam: -
Histórico sid: -
Informações adicionais:
Privilégios: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100529234252.795252-000
Event Type: Sucesso da Auditoria
User:
Computer Name: 37L4247E29-32
Event Code: 4731
Message: Foi criado um grupo local com a segurança ativada.
Requerente:
Identificação de segurança: S-1-5-18
Nome da conta: 37L4247E29-32$
Domínio da conta: WORKGROUP
Identificação de logon: 0x3e7
Novo grupo:
Identificação de segurança: S-1-5-32-551
Nome do grupo: Operadores de cópia
Domínio do grupo: Builtin
Atributos:
Nome de conta Sam: Operadores de cópia
Histórico sid: -
Informações adicionais:
Privilégios: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100529234252.795252-000
Event Type: Sucesso da Auditoria
User:
Computer Name: 37L4247E29-32
Event Code: 4902
Message: Criada tabela de diretivas de auditoria por usuário.
Número de elementos: 0
Identificação da diretiva: 0x31803
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100529234252.218051-000
Event Type: Sucesso da Auditoria
User:
Computer Name: 37L4247E29-32
Event Code: 4624
Message: O logon de uma conta foi efetuado com sucesso.
Requerente:
Identificação de segurança: S-1-0-0
Nome da conta: -
Domínio da conta: -
Identificação de logon: 0x0
Tipo de logon: 0
Novo logon:
Identificação de segurança: S-1-5-18
Nome da conta: SISTEMA
Domínio da conta: AUTORIDADE NT
Identificação de logon: 0x3e7
GUID de logon: {00000000-0000-0000-0000-000000000000}
Informações do processo:
Identificação do processo: 0x4
Nome do processo:
Informações da rede:
Nome da estação de trabalho: -
Endereço da rede de origem: -
Porta de origem: -
Informações detalhadas da autenticação:
Processo de logon: -
Pacote de autenticação: -
Serviços transitados: -
Nome do pacote (somente NTLM): -
Comprimento da chave: 0
Este evento é gerado quando uma sessão de logon é criada. Ele é gerado no computador acessado.
Os campos do assunto indicam a Conta Sistema Local que solicitou o logon. Comumente, isto é um serviço como o de servidor ou um processo local como Winlogon.exe ou Services.exe.
O campo tipo de logon indica o tipo de logon ocorrido. Os tipos mais comuns são 2 (interativo) e 3 (em rede).
Os campos Novo logon indicam as contas para a qual o novo logon foi criada, isto é, a conta na qual o logon foi efetuado.
Os campos de rede indicam onde a solicitação de logon remoto se originou. O nome da estação de trabalho nem sempre está disponível e pode ser deixado em branco em alguns casos.
Os campos de informações de autenticação fornecem informações detalhadas sobre esta solicitação específica de logon.
-O GUID de logon é um identificador exclusivo que pode ser usado para correlacionar este evento com um evento de KDC.
- Serviços transitados indicam qual serviço intermediário participou desta solicitação de logon.
- Nome de pacote indica qual subprotocolo foi usado, entre os protocolos NTLM.
- Comprimento da chave indica o comprimento da chave da sessão gerada. Ele será 0 se nenhuma chave de sessão foi solicitada.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100529234249.144846-000
Event Type: Sucesso da Auditoria
User:
Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows está iniciando.
Este evento é registrado quando o LSASS.EXE inicia e o subsistema de auditoria é inicializado.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100529234249.004446-000
Event Type: Sucesso da Auditoria
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0602
-----------------EOF-----------------

Existe algo com que eu possa me preocupar. Aguardo retorno. Abraço!

Primoit · 23/08/2010

Primoit disse:
Olá Mr.Wolf, td bom?

Só queria ter certeza se esse log tem algo,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46:40, on 17/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Arquivos de programas\Lexmark 1200 Series\lxczbmgr.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\Arquivos de programas\Lexmark 1200 Series\lxczbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\RM\Desktops.exe
C:\WINDOWS\system32\sistray.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Otica Santa Luzia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Otica Santa Luzia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Otica Santa Luzia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Arquivos de programas\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Otica Santa Luzia\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sysinternals Desktops] C:\RM\Desktops.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 5612 bytes

Valeu!

Me pulou

haha

lloydz · 24/08/2010

Galera, podem ver aqui pra mim o que ocorrer? tem coisa aí eu acho....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:08:54, on 24/08/2010
Platform: Unknown Windows (WinNT 6.01.3504 SP3)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\CCleaner\CCleaner.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.10.0.6:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 78.46.102.88 L2authd.Lineage2.com
O1 - Hosts: 78.46.102.88 testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O1 - Hosts: 216.107.250.194 update.nProtect.com
O1 - Hosts: 216.107.250.194 update.nProtect.net
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HelloWorldBHO - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.4.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11709 bytes

ps: pq meu windows não é reconhecido? é um windows 7 home premium x64 original :s

fanatic · 24/08/2010

Mestre Wolf,

Estou tendo problemas com permissões no meu HD.

Mesmo sendo administrador perdi as permissões e quando tento dar de novo privilégios da acesso negado!

segue o log.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:49, on 24/08/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\mswinext.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\PROGRA~2\FREEDO~1\fdm.exe
C:\Users\Felipe\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Felipe\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Program Files (x86)\Messenger_Plus_Live_Brazil\tbMes1.dll
R3 - URLSearchHook: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSof1.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSof1.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file)
O2 - BHO: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Program Files (x86)\Messenger_Plus_Live_Brazil\tbMes1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Program Files (x86)\Messenger_Plus_Live_Brazil\tbMes1.dll
O3 - Toolbar: Softonic_Brasil Toolbar - {12fc3d37-2a42-4fe3-8489-81296878cba5} - C:\Program Files (x86)\Softonic_Brasil\tbSof1.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Serviço de estado do ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
O23 - Service: Cobian Backup 10 (CobianBackup10) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 10\cbService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\Windows\System32\tlntsvr.exe (file missing)
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: WMPNetworkSvc - Unknown owner - (no file)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 11426 bytes

lukox · 24/08/2010

Mr.Wolf, estou tendo algumas problemas aqui com o computador, ele simplismente não pode ser instalado qualquer ANTI-VIRUS, toda vez que eu tento instalar algum o computador simplismente PARA e eu so consigo voltar a usar quando eu desinstalo o Anti-Virus pelo modo de segurança.

Vo postar o Log do HijackThis , se tiver como me ajdudar eu agradeço, abraço.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:38:52, on 24/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\windows\IntelMon.exe
C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe
C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Teamspeak2_RC2\TeamSpeak.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe
C:\Arquivos de programas\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe
C:\Arquivos de programas\Asprate\Tibia MULTI-ip changer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Arquivos de programas\Tibia 8.57\Tibia\Tibia.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\explorer.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.com/page/search/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7FE393D6-2A55-4BCF-9588-78A89F9A49FF} - c:\windows\system32\lbycdxv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Flash Video Decoder for FLV - {B99E8BE1-E53A-4DBC-8116-B5B7A72BCB24} - C:\WINDOWS\system32\flash102flv.dll
O4 - HKLM\..\Run: [Intel Monitor] C:\windows\IntelMon.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpeedyInstaladorInteligente] C:\WINDOWS\system32\satlauncher.exe
O4 - HKLM\..\Run: [Motive SmartBridge] "C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe" /restart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Arquivos de programas\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [VoipRaider] "C:\Arquivos de programas\VoipRaider.com\VoipRaider\VoipRaider.exe" -nosplash -minimized
O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Arquivos de programas\4shared Desktop\down_all.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5CE5F04A-AFFC-424C-8E07-E766B86E685E}: NameServer = 200.204.0.10 200.204.0.138
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\elf_key.dll
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Unknown owner - C:\Arquivos de programas\Firebird\Firebird_2_1\bin\fb_inet_server.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7569 bytes

MisterBubbles · 25/08/2010

Olá pessoal. to com uma duvida.. é que to rodando dois Iexplore.exe no gerenciador de tarefas do windows quando entro no navegador e tb fica dois chrome.exe quando entro no navegador do google chrome. é normal isso? quando eu saio do navegador eles somem tb , não ficam rodando.
aqui é win xp sp3

se puderem me ajudar. obrigado
abraço.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:27:57, on 25/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Arquivos de programas\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe
C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\JOGOS, Programas e Aplicativos\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [amd_dc_opt] C:\Arquivos de programas\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Arquivos de programas\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\novo\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RegistryBooster] "C:\Arquivos de programas\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php"
O4 - HKCU\..\RunOnce: [RegistryBooster] "C:\Arquivos de programas\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com.br/s/v/63.11/uploader2.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://service.futuremark.com/openapi/receivers/FMSI.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

--
End of file - 9862 bytes

Mr.Wolf · 25/08/2010

YagoDM, seu log aponta a presença de um trojan novo ― descoberto semana passada. As ferramentas para a remoção dele ainda não foram oficialmente desenvolvidas. Portanto, os meios de remoção que aqui passarei não garantem qualquer sucesso. Antes de mais nada, verifique se o seu Painel de Controle está abrindo normalmente.

Siga:

- Faça o download do HostsXpert e salve-o no desktop;
- Extraia o arquivo para seu desktop e execute o HostsXpert.exe;
- Clique no botão Restore MS Hosts Files e feche o programa.

- Faça o download do Malwarebytes Anti-Malware e salve-o no desktop;

● Dê dois cliques no programa para iniciar a instalação. Selecione o idioma Português (Brasil);
● Ao final da instalação, marque as opções "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware", e clique em Concluir;
● Após a instalação execute o programa;
● Marque a opção Verificação Completa e depois clique em Verificar. Selecione sua unidade C: e clique no botão Iniciar Verificação;
● Quando o scan terminar, clique em OK e o log será automaticamente aberto para você;
● Se algo for detectado, verifique se todos os itens estão marcados e clique no botão Remover.
OBS: Caso apareça uma mensagem pedindo para que você reinicie o computador para completar o processo de remoção, reinicie-o imediatamente;
● O log pode ser consultado clicando em Logs do menu principal também;

Copie e cole o conteúdo desse log na sua próxima resposta, juntamente com um novo log do HijackThis.

______________________________

mateuscs, o log do GMER era o principal. Mas já que ele não se deu muito bem com seu sistema, vamos utilizar outro anti-rootkit.

Vá até a pasta C:\Windows, abra o arquivo ntbtlog.txt. Copie o conteúdo contido nele e cole aqui.

- Faça o download do OTM e salve no desktop;

● Dê um duplo clique no ícone do programa (OTM.exe) para executá-lo;
● Selecione e copie todo este conteúdo aqui abaixo:

Código:

:Files
C:\d2celr6u.exe
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
:Commands
[purity]
[emptytemp]
[Reboot]

● Cole o que você copiou no programa no lado em branco esquerdo do painel “Paste Instructions for Items to be Moved”
● Clique no botão MoveIt;
● Se aparecer uma mensagem para reiniciar o computador, reinicie-o;
● Na sua proxima resposta, copie e cole o todo o conteúdo que está em Results;
● Se o computador reiniciou, vá na pasta C:\_OTM\MovedFiles e abra o arquivo com a extensão .log presente dentro da pasta.

Copie e cole todo o conteúdo desse arquivo.

Baixe o SysProt e salve no desktop.

Extraia o arquivo no desktop e execute o arquivo SysProt.exe.
Clique na aba "Log", e em Write to log, marque todos os itens conforme a imagem abaixo:

No canto inferior direito, clique no botão

Quando aparecer uma outra janela, marque a opção "Scan all drives" e clique em Start. Aguarde o scan!
Ao término, clique em OK na mensagem final.
O log SysProtLog.txt se encontrará dentro da pasta da ferramenta.

Copie e cole os dois logs em sua próxima resposta.

______________________________

Primoit e lukox, ambos os logs limpos.

______________________________

lloydz, log limpo.

O HijackThis 2.0.2 não reconhece a versão 7 do Windows, apenas as versões anteriores. Somente o HijackThis 2.0.4 (download) reconhece o novo SO da Microsoft.

______________________________

Opa fanatic, primeiramente, desinstale os seguintes itens através do Adicionar ou remover programas: Messenger_Plus_Live_Brazil e Softonic_Brasil. Se quiser, volte a instalá-los mais tarde.

Siga abaixo:

- Faça o download do HostsXpert e salve-o no desktop;
- Extraia o arquivo para seu desktop e execute o HostsXpert.exe como administrador;
- Clique no botão Restore MS Hosts Files e feche o programa.

Faça o download do OTL e salve-o no desktop;

● Se seu sistema for 64 bits, clique com o direito do mouse sobre OTL.exe e selecione "Executar como administrador";
● Marque as opções: Verificar All Users, Verificar Lop e Verificar Purity;
● Na janela em branco de Exames Personalizados/Correções, cole este texto abaixo:

Código:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

● Clique no botão Verificar e aguarde o scan;
● Dois logs serão abertos no Bloco de Notas:

- OTL.Txt <- este será aberto
- Extras.Txt <- este estará minimizado

Eles também estarão salvos no desktop. Cole-os em sua próxima resposta.

______________________________

JacobShaddix, isso é normal no IE8. No caso, é um processo para o IE em si, e outro processo para cada aba aberta no navegador. Observe que quanto mais abas abrir, mais iexplore.exe aparecerão no gerenciador. Isso faz parte de um recurso interno de recuperação de guias no IE8, para o caso de que se uma das guias der crash, as outras possam continuar em execução, logo, você poderá dar continuidade com a navegação através das outras guias.

O mesmo ocorre com o Google Chrome.

Mas veja bem, o iexplore.exe e o chrome.exe devem estar sendo executados como Nome de usuário no gerenciador, e não como SYSTEM ou LOCAL SERVICE. Se eles estiverem executando como uma das outras duas opções, tratam-se de spywares. Porém, eles seriam apresentados no log.

Contudo, seu log está limpo.

MisterBubbles · 25/08/2010

Mr.Wolf disse:
JacobShaddix, isso é normal no IE8. No caso, é um processo para o IE em si, e outro processo para cada aba aberta no navegador. Observe que quanto mais abas abrir, mais iexplore.exe aparecerão no gerenciador. Isso faz parte de um recurso interno de recuperação de guias no IE8, para o caso de que se uma das guias der crash, as outras possam continuar em execução, logo, você poderá dar continuidade com a navegação através das outras guias.

O mesmo ocorre com o Google Chrome.

Mas veja bem, o iexplore.exe e o chrome.exe deve estar sendo executado como Nome de usuário no gerenciador, e não como SYSTEM ou LOCAL SERVICE. Se ele estiver executando como uma das outras duas opções, trata-se de um spyware. Porém, ele seria apresentado no log.

Contudo, seu log está limpo.

poxa amigo, obrigadão mesmo

) nen sei como agradeçer. estava com medo q poderia ser spyware, rsrs

abração aew.. td de bom

:thumbs_up

lloydz · 25/08/2010

______________________________

lloydz, log limpo.

O HijackThis 2.0.2 não reconhece a versão 7 do Windows, apenas as versões anteriores. Somente o HijackThis 2.0.4 (download) reconhece o novo SO da Microsoft.

______________________________

desde que instalei o security essencial ele tem acusado um TrojanDropper:Win32:Alureon.V

sempre...

na hora de remover ele usa os 6GB de memoria do meu note, deixando-o lento, aí do nada para, dá a mensagem de erro avisando de que não foi possível remover e o note volta a usar 800MB de memória, sendo que o "normal" do uso é por volta dos 1,5GB. Certo isso?

mateuscs · 26/08/2010

mateuscs, o log do GMER era o principal. Mas já que ele não se deu muito bem com seu sistema, vamos utilizar outro anti-rootkit.
Vá até a pasta C:\Windows, abra o arquivo ntbtlog.txt. Copie o conteúdo contido nele e cole aqui.

Caro Mr. Wolf:
Eis o que está no arquivo ntbtlog.txt, na pasta C:\WINDOWS:

Microsoft (R) Windows (R) Version 6.1 (Build 7600)
8 21 2010 14:40:29.375
Loaded driver \SystemRoot\system32\ntoskrnl.exe
Loaded driver \SystemRoot\system32\hal.dll
Loaded driver \SystemRoot\system32\kdcom.dll
Loaded driver \SystemRoot\system32\mcupdate_AuthenticAMD.dll
Loaded driver \SystemRoot\system32\PSHED.dll
Loaded driver \SystemRoot\system32\CLFS.SYS
Loaded driver \SystemRoot\system32\CI.dll
Loaded driver \SystemRoot\system32\drivers\Wdf01000.sys
Loaded driver \SystemRoot\system32\drivers\WDFLDR.SYS
Loaded driver \SystemRoot\system32\DRIVERS\ACPI.sys
Loaded driver \SystemRoot\system32\DRIVERS\WMILIB.SYS
Loaded driver \SystemRoot\system32\DRIVERS\msisadrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\pci.sys
Loaded driver \SystemRoot\system32\DRIVERS\vdrvroot.sys
Loaded driver \SystemRoot\System32\drivers\partmgr.sys
Loaded driver \SystemRoot\system32\DRIVERS\compbatt.sys
Loaded driver \SystemRoot\system32\DRIVERS\BATTC.SYS
Loaded driver \SystemRoot\system32\DRIVERS\volmgr.sys
Loaded driver \SystemRoot\System32\drivers\volmgrx.sys
Loaded driver \SystemRoot\System32\drivers\mountmgr.sys
Loaded driver \SystemRoot\system32\DRIVERS\atapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ataport.SYS
Loaded driver \SystemRoot\system32\DRIVERS\msahci.sys
Loaded driver \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
Loaded driver \SystemRoot\system32\DRIVERS\amdsata.sys
Loaded driver \SystemRoot\system32\DRIVERS\storport.sys
Loaded driver \SystemRoot\system32\DRIVERS\amdxata.sys
Loaded driver \SystemRoot\system32\drivers\fltmgr.sys
Loaded driver \SystemRoot\system32\drivers\fileinfo.sys
Loaded driver \SystemRoot\System32\Drivers\Ntfs.sys
Loaded driver \SystemRoot\System32\Drivers\msrpc.sys
Loaded driver \SystemRoot\System32\Drivers\ksecdd.sys
Loaded driver \SystemRoot\System32\Drivers\cng.sys
Loaded driver \SystemRoot\System32\drivers\pcw.sys
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.sys
Loaded driver \SystemRoot\system32\drivers\ndis.sys
Loaded driver \SystemRoot\system32\drivers\NETIO.SYS
Loaded driver \SystemRoot\System32\Drivers\ksecpkg.sys
Loaded driver \SystemRoot\System32\drivers\tcpip.sys
Loaded driver \SystemRoot\System32\drivers\fwpkclnt.sys
Loaded driver \SystemRoot\system32\DRIVERS\vmstorfl.sys
Loaded driver \SystemRoot\system32\DRIVERS\volsnap.sys
Loaded driver \SystemRoot\System32\Drivers\spldr.sys
Loaded driver \SystemRoot\System32\drivers\rdyboost.sys
Loaded driver \SystemRoot\System32\Drivers\mup.sys
Loaded driver \SystemRoot\System32\drivers\hwpolicy.sys
Loaded driver \SystemRoot\System32\DRIVERS\fvevol.sys
Loaded driver \SystemRoot\system32\DRIVERS\disk.sys
Loaded driver \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
Loaded driver \SystemRoot\system32\DRIVERS\AtiPcie.sys
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @hal.inf,%acpi_amd64.devicedesc%;ACPI x64-based PC
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver cdrom.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Did not load driver RDPCDD.SYS
Did not load driver RDPENCDD.SYS
Did not load driver RDPREFMP.SYS
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Did not load driver tdx.SYS
Did not load driver AFD.SYS
Did not load driver NetBT.SYS
Did not load driver WfpLwf.SYS
Did not load driver Psched.SYS
Did not load driver vwififlt.SYS
Did not load driver NetBIOS.SYS
Did not load driver Wanarpv6.SYS
Did not load driver TermDD.SYS
Did not load driver rdbss.SYS
Did not load driver nsiproxy.SYS
Did not load driver mssmbios.SYS
Did not load driver discache.SYS
Did not load driver CSC.SYS
Did not load driver DfsC.SYS
Did not load driver blbdrive.SYS
Did not load driver avipbb.SYS
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Loaded driver \SystemRoot\system32\DRIVERS\wmiacpi.sys
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbfilter.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\SysWOW64\Drivers\DKbFltr.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\SynTP.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\blbdrive.sys
Loaded driver \SystemRoot\system32\DRIVERS\CompositeBus.sys
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Loaded driver \SystemRoot\system32\DRIVERS\rdpbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\umbus.sys
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @oem2.inf,%hdaudiodevicedescription%;ATI High Definition Audio Device
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Did not load driver Realtek High Definition Audio
Did not load driver @mdmcxhv6.inf,%mdm.hda.cx11270%;HDA CX11270 Soft Modem
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @oem2.inf,%hdaudiodevicedescription%;ATI High Definition Audio Device
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver Realtek High Definition Audio
Did not load driver @mdmcxhv6.inf,%mdm.hda.cx11270%;HDA CX11270 Soft Modem
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @oem2.inf,%hdaudiodevicedescription%;ATI High Definition Audio Device
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver Realtek High Definition Audio
Did not load driver @mdmcxhv6.inf,%mdm.hda.cx11270%;HDA CX11270 Soft Modem
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @oem2.inf,%hdaudiodevicedescription%;ATI High Definition Audio Device
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver Realtek High Definition Audio
Did not load driver @mdmcxhv6.inf,%mdm.hda.cx11270%;HDA CX11270 Soft Modem
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%isatap.displayname%;Adaptador do Microsoft ISATAP
Did not load driver @nettun.inf,%teredo.displayname%;Adaptador de Túnel Teredo da Microsoft
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver @cpu.inf,%amdppm.devicedesc%;AMD Processor
Did not load driver AMD M880G with ATI Mobility Radeon HD 4200
Did not load driver @oem2.inf,%hdaudiodevicedescription%;ATI High Definition Audio Device
Did not load driver @netk57a.inf,%f_name0%;Broadcom NetLink (TM) Gigabit Ethernet
Did not load driver @netathrx.inf,%athr.devicedesc.e01f105b%;Atheros AR5B93 Wireless Network Adapter
Did not load driver Realtek High Definition Audio
Did not load driver @mdmcxhv6.inf,%mdm.hda.cx11270%;HDA CX11270 Soft Modem
Did not load driver @battery.inf,%acpi\pnp0c0a.devicedesc%;Bateria de Método de Controle Compatível com ACPI da Microsoft
Did not load driver @battery.inf,%acpi\acpi0003.devicedesc%;Adaptador de CA da Microsoft
Did not load driver @battery.inf,%*compbatt.devicedesc%;Microsoft Composite Battery
Did not load driver @netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)
Did not load driver @netrasa.inf,%mp-l2tp-dispname%;WAN Miniport (L2TP)
Did not load driver @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)
Did not load driver @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP)
Did not load driver @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6)
Did not load driver @netrasa.inf,%mp-pppoe-dispname%;WAN Miniport (PPPOE)
Did not load driver @netrasa.inf,%mp-pptp-dispname%;WAN Miniport (PPTP)
Did not load driver @netsstpa.inf,%mp-sstp-dispname%;WAN Miniport (SSTP)
Loaded driver \SystemRoot\system32\DRIVERS\usbccgp.sys
Did not load driver @usbvideo.inf,%usbvideo.devicedesc%;Dispositivo de vídeo USB
Did not load driver @usbvideo.inf,%usbvideo.devicedesc%;Dispositivo de vídeo USB
Did not load driver @usbvideo.inf,%usbvideo.devicedesc%;Dispositivo de vídeo USB
Did not load driver AFD.SYS
Did not load driver AFD.SYS
Loaded driver \SystemRoot\system32\drivers\WudfPf.sys
Did not load driver AFD.SYS
Did not load driver AFD.SYS
Did not load driver AFD.SYS

Já o OTM apresenta o seguinte:

All processes killed
========== FILES ==========
File/Folder C:\d2celr6u.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Todos os Usuários

User: Usuario
->Temp folder emptied: 2451300 bytes
->Temporary Internet Files folder emptied: 39434660 bytes
->Java cache emptied: 91588 bytes
->Flash cache emptied: 615 bytes

User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50521 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 40,00 mb

OTM by OldTimer - Version 3.1.15.0 log created on 08262010_094239
Files moved on Reboot...
C:\Users\Usuario\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\Users\Usuario\AppData\Local\Temp\~DF04C62BBFBCF01B50.TMP not found!
File C:\Users\Usuario\AppData\Local\Temp\~DF3C30C14AE6F9B4D1.TMP not found!
File C:\Users\Usuario\AppData\Local\Temp\~DF5284F2D4BA6F56CB.TMP not found!
File C:\Users\Usuario\AppData\Local\Temp\~DF60701F60E34E9CAA.TMP not found!
File C:\Users\Usuario\AppData\Local\Temp\~DF9DCBB2586C662353.TMP not found!
File C:\Users\Usuario\AppData\Local\Temp\~DFA03D6A9F2FEE34F8.TMP not found!
C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PS7W45T9\207948-remocao-de-virus-328[1].html moved successfully.
C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I641O934\01[1].htm moved successfully.
C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
Registry entries deleted on Reboot...

Vou verificar com o sysprot agora e em seguida posto o resultado. Valeu!

mateuscs · 26/08/2010

Baixe o SysProt e salve no desktop.
Extraia o arquivo no desktop e execute o arquivo SysProt.exe.
Clique na aba "Log", e em Write to log, marque todos os itens conforme a imagem abaixo:

No canto inferior direito, clique no botão

Quando aparecer uma outra janela, marque a opção "Scan all drives" e clique em Start. Aguarde o scan!
Ao término, clique em OK na mensagem final.
O log SysProtLog.txt se encontrará dentro da pasta da ferramenta.
Copie e cole os dois logs em sua próxima resposta.

Caro Mr. Wolf:
Baixei o SysProt normalmente. Porém, após clicar em Creat Log, apareceu a segunte mensagem, em outra janela: "Failed to start service. SysProt AntiRootkit needs to be run with Admin privileges!"
No entanto, o SysProtLog.txt assim demonstra:

SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Processes found
******************************************************************************************
******************************************************************************************
No Kernel Modules found
******************************************************************************************
******************************************************************************************
No SSDT Hooks found
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
No IRP Hooks found
******************************************************************************************
******************************************************************************************
Ports:
Local Address: MATEUS:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: MATEUS:49156
Remote Address: 0.0.0.0:0
Type: TCP
Process: 520 (PID)
State: LISTENING
Local Address: MATEUS:49155
Remote Address: 0.0.0.0:0
Type: TCP
Process: 548 (PID)
State: LISTENING
Local Address: MATEUS:49154
Remote Address: 0.0.0.0:0
Type: TCP
Process: 968 (PID)
State: LISTENING
Local Address: MATEUS:49153
Remote Address: 0.0.0.0:0
Type: TCP
Process: 872 (PID)
State: LISTENING
Local Address: MATEUS:49152
Remote Address: 0.0.0.0:0
Type: TCP
Process: 464 (PID)
State: LISTENING
Local Address: MATEUS:WSD
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: MATEUS:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: MATEUS:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 808 (PID)
State: LISTENING
Local Address: MATEUS:61838
Remote Address: NA
Type: UDP
Process: 280 (PID)
State: NA
Local Address: MATEUS:SSDP
Remote Address: NA
Type: UDP
Process: 280 (PID)
State: NA
Local Address: MATEUS:138
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: MATEUS:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: MATEUS:61839
Remote Address: NA
Type: UDP
Process: 280 (PID)
State: NA
Local Address: MATEUS:60390
Remote Address: NA
Type: UDP
Process: 2640 (PID)
State: NA
Local Address: MATEUS:SSDP
Remote Address: NA
Type: UDP
Process: 280 (PID)
State: NA
Local Address: MATEUS:55579
Remote Address: NA
Type: UDP
Process: 312 (PID)
State: NA
Local Address: MATEUS:55577
Remote Address: NA
Type: UDP
Process: 312 (PID)
State: NA
Local Address: MATEUS:50483
Remote Address: NA
Type: UDP
Process: 280 (PID)
State: NA
Local Address: MATEUS:LLMNR
Remote Address: NA
Type: UDP
Process: 1168 (PID)
State: NA
Local Address: MATEUS:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 280 (PID)
State: NA
Local Address: MATEUS:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 280 (PID)
State: NA
Local Address: MATEUS:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 312 (PID)
State: NA
Local Address: MATEUS:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 312 (PID)
State: NA
******************************************************************************************
******************************************************************************************
No hidden files/folders found

Será que existe alguma coisa no notebook? Aguardo retorno. Grande abraço!

Mr.Wolf · 26/08/2010

lloydz disse:
desde que instalei o security essencial ele tem acusado um TrojanDropper:Win32:Alureon.V

Seria interessante você dizer o nome do arquivo que o MSE acusa como dropper, né. Pois com essa escassez de informação não saberei lhe responder de forma útil se trata-se de uma detecção correta ou um falso positivo.

De qualquer forma, siga a instrução que passei ao fanatic no post anterior, e rode apenas a ferramenta OTL conforme descrevi a ele.

_________________________________________

mateuscs, na verdade o erro de as ferramentas não estarem rodando corretamente foi devido a um equívoco meu, e peço desculpas. Esqueci de dizer que, como o seu Windows é x64, você deve clicar com o direito do mouse sobre as ferramentas e selecionar a opção "Executar como administrador". A correria do dia-a-dia às vezes atrapalha-nos um pouco!

Peço que execute o SysProt como administrador, por favor.

Referente ao log ntbtlog.txt, está normal. Não há qualquer incidência de drivers ou ganchos maliciosos, que são onde os rootkits 'residem'. Mas vamos dar uma olhada no log do SysProt primeiro.

mateuscs · 26/08/2010

mateuscs, na verdade o erro de as ferramentas não estarem rodando corretamente foi devido a um equívoco meu, e peço desculpas. Esqueci de dizer que, como o seu Windows é x64, você deve clicar com o direito do mouse sobre as ferramentas e selecionar a opção "Executar como administrador". A correria do dia-a-dia às vezes atrapalha-nos um pouco!
Peço que execute o SysProt como administrador, por favor

Caro Mr. Wolf:
Segui sua orientação e tentei executar o SysProt como Administrador. Porém, a mesma mensagem aparece logo após clicar em Creat Log: "Failed to start service. SysProt AntiRootkit needs to be run with Admin privileges!"
O que pode estar ocorrendo? Aguardo retorno e, mais uma vez, agradeço a atenção. Valeu!

Remoção de vírus

Banido

know-it-all Member

Member

Banido

Powered by Nvício

Member

Tech Enthusiast

Malware Removal

Banido

Member

Malware Removal

New Member

Member

Banido

Usuário Não Registrado

Rio de Janeiro ✠

Well-Known Member

Member

Malware Removal

Member

Usuário Não Registrado

Member

Member

Malware Removal

Member

Users who are viewing this thread