Ir ao conteúdo
  • Cadastre-se

xRaFa

Membros Plenos
  • Total de itens

    88
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Sobre xRaFa

  • Data de Nascimento 09/11/1990 (28 anos)

Informações gerais

  • Cidade e Estado
    Sao Paulo
  1. Ola, Gostaria de saber como faço a configuração para que o PABX Intelbras Modulare i toque em todos os ramais simultaneamente (como se nao tivesse a central), e o ramal que atendesse primeiro completasse a ligação. Muito Obrigado!
  2. Perde qualidade sim... eu nunca vi na prática, mas teoricamente perde de uma forma bem considerável, viu?
  3. Gente, estou vendo de comprar um notebook HP e estou em dúvida entre esses dois processadores. A diferença é de 800 reais (consideravel!). A diferenca entre esses dois processadores é que: o 820 é 1.73GHz com 8Mb de cache L3 e o 720 é 1.6GHz com 6Mb de cache L3 Eu gostaria de saber se essa diferença é de fato significativa. Eu vou usar o PC para jogos, Autocad, Solidworks, Photoshop e algumas aplicaçoes pesadas... Alguem poderia me dar essa luz se vale a pena pagar um pouco mais? E outra coisa: o i7 é melhor do que o Quad, né? abraços! PS: eu nao sei se esse topico pertence a esse forum ou ao de notebook, mas como se trata de um componente em especifico, eu postei aqui!
  4. Segundo tinha descrito no topico, nao consigo configurar o windows para que mostre todos os arquivos. Quando dou OK ele volta pro inicio. Os logs sao: login.svf Status: OK MD5: 27756bcd045dcf27b7e96d68914b127c Packers detected: - Scanner results Scan taken on 18 Apr 2009 21:35:51 (GMT) A-Squared Found nothing AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Quick Heal Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing e File: yacht.xws Status: OK MD5: d40a4efb3efc7a64204886449ecb54ed Packers detected: - Scanner results Scan taken on 18 Apr 2009 21:38:13 (GMT) A-Squared Found nothing AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Quick Heal Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing
  5. ComboFix 09-04-15.08 - user 04/16/2009 0:34.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1033.18.959.389 [GMT -3:00] Executando de: c:\documents and settings\user\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090415-0] *On-access scanning disabled* (Updated) FW: Norton Internet Worm Protection *disabled* . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_GBPSV -------\Service_GbpSv (((((((((((((((( Arquivos/Ficheiros criados de 2009-03-16 to 2009-04-16 )))))))))))))))))))))))))))) . 2009-04-15 16:31 . 2009-03-06 14:22 284160 ------w c:\windows\system32\dllcache\pdh.dll 2009-04-15 16:31 . 2009-02-09 12:10 401408 ------w c:\windows\system32\dllcache\rpcss.dll 2009-04-15 16:31 . 2009-02-06 10:39 35328 ------w c:\windows\system32\dllcache\sc.exe 2009-04-15 16:31 . 2009-02-09 12:10 473600 ------w c:\windows\system32\dllcache\fastprox.dll 2009-04-15 16:31 . 2009-02-09 12:10 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll 2009-04-15 16:31 . 2009-02-06 11:11 110592 ------w c:\windows\system32\dllcache\services.exe 2009-04-15 16:31 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe 2009-04-15 16:31 . 2009-02-09 12:10 729088 ------w c:\windows\system32\dllcache\lsasrv.dll 2009-04-15 16:31 . 2009-02-09 12:10 714752 ------w c:\windows\system32\dllcache\ntdll.dll 2009-04-15 16:31 . 2009-02-09 12:10 617472 ------w c:\windows\system32\dllcache\advapi32.dll 2009-04-15 16:05 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll 2009-04-15 16:05 . 2009-03-27 06:58 1203922 ------w c:\windows\system32\dllcache\sysmain.sdb 2009-04-15 16:05 . 2008-04-21 12:08 215552 ------w c:\windows\system32\dllcache\wordpad.exe 2009-04-13 00:23 . 2009-04-13 00:23 -------- d-----w c:\documents and settings\user\Application Data\ForceDel 2009-04-08 18:19 . 2009-04-08 18:19 98304 ----a-w c:\windows\system32\CmdLineExt.dll 2009-04-08 17:49 . 2009-04-08 17:49 -------- d-----w c:\documents and settings\user\Application Data\DAEMON Tools Pro 2009-04-08 17:49 . 2009-04-08 17:49 -------- d-----w c:\documents and settings\user\Application Data\DAEMON Tools 2009-04-08 17:48 . 2009-04-08 17:48 -------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite 2009-04-04 00:37 . 2009-04-04 00:37 -------- d-----w C:\Rafa 2009-04-02 01:47 . 2009-04-02 01:47 717296 ----a-w c:\windows\system32\drivers\sptd.sys 2009-04-02 01:47 . 2009-04-08 17:50 -------- d-----w c:\documents and settings\user\Application Data\DAEMON Tools Lite 2009-03-28 17:36 . 1998-07-08 20:30 18944 ----a-w c:\windows\eraser.exe 2009-03-26 01:14 . 2009-03-26 01:14 -------- d-----w c:\documents and settings\All Users\Application Data\COSMOS Applications 2009-03-25 20:55 . 2009-03-25 20:56 20 ----a-w c:\windows\system32\login.svf 2009-03-25 20:55 . 2009-03-25 20:55 0 ----a-w c:\windows\system32\r3.svf 2009-03-25 20:55 . 2009-03-25 20:55 0 ----a-w c:\windows\system32\r2.svf 2009-03-25 20:55 . 2009-03-25 20:55 0 ----a-w c:\windows\system32\r1.svf 2009-03-25 20:55 . 2009-03-25 20:55 0 ----a-w c:\windows\system32\r_aux.svf 2009-03-24 16:58 . 2009-03-24 16:58 -------- d-----w c:\documents and settings\user\Local Settings\Application Data\DassaultSystemes 2009-03-24 16:58 . 2009-03-24 16:58 -------- d-----w c:\documents and settings\user\Application Data\DassaultSystemes 2009-03-24 16:58 . 2009-03-24 16:58 -------- d-----w c:\documents and settings\All Users\Application Data\DassaultSystemes 2009-03-21 14:06 . 2009-03-21 14:06 989696 ------w c:\windows\system32\dllcache\kernel32.dll 2009-03-18 23:58 . 2009-03-19 01:20 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Adobe 2009-03-18 23:57 . 2009-03-18 23:57 -------- d-----w c:\documents and settings\user\Local Settings\Application Data\Identities 2009-03-18 23:50 . 2009-03-18 23:52 -------- d-----w C:\VaultData 2009-03-18 22:02 . 2009-03-19 16:29 -------- d-----w c:\documents and settings\user\Application Data\SolidWorks 2008 2009-03-18 22:00 . 2009-04-04 04:12 -------- d-----w c:\documents and settings\user\Application Data\SolidWorks 2009-03-18 21:51 . 2009-03-18 21:51 -------- d-----w c:\documents and settings\user\Application Data\DWGeditor 2009-03-18 21:50 . 2009-03-18 21:50 0 ----a-w c:\windows\eDrawingOfficeAutomator.INI 2009-03-18 21:46 . 2009-03-18 21:46 23 ---ha-w c:\windows\yacht.xws 2009-03-18 21:33 . 2009-03-18 21:33 -------- d-----w c:\windows\system32\GroupPolicy 2009-03-18 21:33 . 2009-03-18 23:14 -------- d-----w C:\Solidworks Data 2009-03-18 21:33 . 2009-03-18 21:33 -------- d-----w c:\documents and settings\All Users\Application Data\SolidWorks 2009-03-18 21:27 . 2009-03-18 21:27 261104 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-03-18 21:24 . 2009-03-18 21:24 -------- d-----w c:\windows\system32\XPSViewer 2009-03-18 21:21 . 2006-06-29 16:07 14048 ------w c:\windows\system32\spmsg2.dll 2009-03-18 21:19 . 2009-03-18 21:19 -------- d-----w c:\windows\SolidWorks 2009-03-18 21:19 . 2009-03-18 21:19 -------- d-----w c:\documents and settings\user\Application Data\IM 2009-03-18 21:13 . 2008-02-22 13:37 8704 ----a-w c:\windows\system32\ibfs32.dll . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-16 03:43 . 2006-11-27 14:54 1660 ----a-w C:\hpqp.ini 2009-04-16 03:41 . 2006-11-27 14:54 39 ----a-w C:\XP_TV.ini 2009-04-15 22:52 . 2007-04-14 17:06 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-15 16:05 . 2006-11-27 14:17 -------- d-----w c:\program files\Java 2009-04-15 15:57 . 2009-03-05 01:25 -------- d-----w c:\documents and settings\All Users\Application Data\Embarcadero 2009-04-11 22:37 . 2006-11-27 14:23 155920 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-08 17:57 . 2009-04-08 17:57 -------- d-----w c:\program files\Rockstar Games 2009-04-08 17:57 . 2006-11-27 14:17 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-08 17:48 . 2009-04-08 17:48 -------- d-----w c:\program files\DAEMON Tools Lite 2009-04-08 17:34 . 2009-01-28 19:22 -------- d-----w c:\documents and settings\user\Application Data\uTorrent 2009-04-06 01:39 . 2009-04-06 01:39 -------- d-----w c:\program files\SystemRequirementsLab 2009-04-03 20:02 . 2009-04-03 02:20 3672 ----a-w C:\rafa.txt 2009-03-28 18:08 . 2009-03-28 17:36 -------- d-----w c:\program files\LeechFTP 2009-03-28 17:14 . 2009-03-28 17:14 -------- d-----w c:\program files\VobSub 2009-03-28 16:47 . 2008-12-23 18:31 -------- d-----w c:\program files\Avast4 2009-03-18 23:59 . 2009-03-18 21:33 -------- d-----w c:\program files\SolidWorks 2009-03-18 23:56 . 2009-03-18 23:56 -------- d-----w c:\program files\Windows Desktop Search 2009-03-18 23:55 . 2009-03-18 21:35 -------- d-----w c:\program files\Common Files\SolidWorks Shared 2009-03-18 23:51 . 2009-03-18 23:50 -------- d-----w c:\program files\PDMWorks Workgroup 2009-03-18 23:44 . 2009-03-18 21:33 -------- d-----w c:\program files\Common Files\eDrawings2008 2009-03-18 23:44 . 2008-07-04 18:53 -------- d-----w c:\program files\AutoCAD 2008 2009-03-18 23:42 . 2009-03-18 21:50 -------- d-----w c:\program files\DWGeditor 2009-03-18 23:36 . 2009-03-18 23:35 -------- d-----w c:\program files\COSMOS Applications 2009-03-18 21:33 . 2009-03-18 21:33 -------- d-----w c:\program files\AGEIA Technologies 2009-03-18 21:27 . 2007-04-14 17:10 -------- d-----w c:\program files\MSBuild 2009-03-18 21:22 . 2009-03-18 21:22 -------- d-----w c:\program files\Reference Assemblies 2009-03-18 21:20 . 2009-03-18 01:12 -------- d-----w c:\program files\MSECache 2009-03-18 01:45 . 2007-02-20 20:39 -------- d-----w c:\documents and settings\user\Application Data\Netscape 2009-03-18 01:45 . 2006-11-27 14:48 -------- d-----w c:\program files\RGB 2009-03-16 17:02 . 2008-11-06 16:15 -------- d-----w c:\program files\UndeleteMyFiles 2009-03-15 21:06 . 2009-03-15 21:05 -------- d-----w c:\program files\iTunes 2009-03-15 21:06 . 2009-03-15 21:05 -------- d-----w c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} 2009-03-15 21:06 . 2009-03-15 21:06 -------- d-----w c:\program files\iPod 2009-03-15 21:06 . 2007-09-22 18:39 -------- d-----w c:\program files\Common Files\Apple 2009-03-15 21:04 . 2009-03-15 21:04 -------- d-----w c:\program files\Bonjour 2009-03-15 21:03 . 2009-03-15 21:02 -------- d-----w c:\program files\QuickTime 2009-03-10 00:57 . 2009-03-05 01:24 -------- dc-h--w c:\documents and settings\All Users\Application Data\{65B1AA84-C1DF-4A2E-A28C-E242BD7DE4B3} 2009-03-09 08:19 . 2008-12-22 03:57 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-06 14:22 . 2006-03-16 04:00 284160 ----a-w c:\windows\system32\pdh.dll 2009-03-05 01:44 . 2009-03-05 01:32 -------- d-----w c:\documents and settings\user\Application Data\CodeGear 2009-03-05 01:41 . 2009-03-05 01:40 -------- dc-h--w c:\documents and settings\All Users\Application Data\{0C3BE91F-5194-44C0-80FF-246E0251D2BD} 2009-03-05 01:32 . 2009-03-05 01:32 -------- d-----w c:\program files\Common Files\CodeGear Shared 2009-03-05 01:32 . 2009-03-05 01:32 -------- d-----w c:\program files\CodeGear RAD Studio 2009-03-05 01:31 . 2009-03-05 01:31 -------- d-----w c:\program files\Common Files\Borland Shared 2009-03-05 01:27 . 2009-03-05 01:27 -------- d-----w c:\documents and settings\All Users\Application Data\CodeGear 2009-03-03 16:18 . 2009-03-03 16:18 -------- d-----w c:\documents and settings\user\Application Data\Naviextras 2009-03-03 16:18 . 2009-03-03 16:18 -------- d-----w c:\program files\Naviextras Toolbox 2009-03-03 00:18 . 2007-01-04 14:05 826368 ------w c:\windows\system32\dllcache\wininet.dll 2009-03-03 00:18 . 2006-03-16 04:00 826368 ----a-w c:\windows\system32\wininet.dll 2009-02-28 04:54 . 2007-08-13 20:43 636072 ------w c:\windows\system32\dllcache\iexplore.exe 2009-02-20 10:20 . 2007-12-17 01:16 13824 ------w c:\windows\system32\dllcache\ieudinit.exe 2009-02-20 10:20 . 2007-08-13 20:39 70656 ------w c:\windows\system32\dllcache\ie4uinit.exe 2009-02-20 05:14 . 2007-08-13 19:56 161792 ------w c:\windows\system32\dllcache\ieakui.dll 2009-02-18 23:23 . 2008-04-10 15:44 -------- d-----w c:\program files\Windows Live 2009-02-09 12:10 . 2006-03-16 04:00 729088 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 12:10 . 2006-03-16 04:00 714752 ----a-w c:\windows\system32\ntdll.dll 2009-02-09 12:10 . 2006-03-16 04:00 617472 ----a-w c:\windows\system32\advapi32.dll 2009-02-09 12:10 . 2006-03-16 04:00 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-09 11:13 . 2008-11-04 21:37 1846784 ------w c:\windows\system32\dllcache\win32k.sys 2009-02-09 11:13 . 2006-03-16 04:00 1846784 ----a-w c:\windows\system32\win32k.sys 2009-02-07 22:02 . 2008-11-04 21:37 2066048 ------w c:\windows\system32\dllcache\ntkrnlpa.exe 2009-02-06 22:14 . 2009-02-06 22:14 308088 ----a-w c:\windows\WLXPGSS.SCR 2009-02-06 21:52 . 2009-02-06 21:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2009-02-06 11:11 . 2006-03-16 04:00 110592 ----a-w c:\windows\system32\services.exe 2009-02-06 11:08 . 2008-11-04 21:37 2189056 ------w c:\windows\system32\dllcache\ntoskrnl.exe 2009-02-06 11:06 . 2008-11-04 21:37 2145280 ------w c:\windows\system32\dllcache\ntkrnlmp.exe 2009-02-06 11:06 . 2006-03-16 04:00 2145280 ----a-w c:\windows\system32\ntoskrnl.exe 2009-02-06 10:39 . 2006-03-16 04:00 35328 ----a-w c:\windows\system32\sc.exe 2009-02-06 10:32 . 2008-11-04 21:37 2023936 ------w c:\windows\system32\dllcache\ntkrpamp.exe 2009-02-06 10:32 . 2006-03-16 04:00 2023936 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-02-03 19:59 . 2009-02-03 19:59 56832 ------w c:\windows\system32\dllcache\secur32.dll 2009-02-03 19:59 . 2006-03-16 04:00 56832 ----a-w c:\windows\system32\secur32.dll 2008-11-26 19:15 . 2008-11-26 19:08 31 ----a-w c:\documents and settings\user\jagex_runescape_preferences.dat 2007-06-02 00:59 . 2007-06-02 00:59 0 ----a-w c:\documents and settings\user\Application Data\wklnhst.dat 2007-02-20 20:29 . 2007-02-20 20:27 127 ----a-w c:\documents and settings\user\Local Settings\Application Data\fusioncache.dat 2006-11-27 15:33 . 2007-02-20 20:27 51192 ----a-w c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2006-11-27 14:23 . 2006-11-27 14:23 136 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\fusioncache.dat . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-29 68856] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-29 7577600] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-06-29 86016] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 761946] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-12 102400] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-12 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-12 81920] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 163840] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-31 40960] "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-03-15 208952] "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2006-03-15 44032] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2006-03-15 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-15 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-15 455168] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712] "\\rafa\EPSON Stylus C63 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I4C1.EXE" [2003-05-27 99840] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "avast!"="c:\progra~1\Avast4\ashDisp.exe" [2009-02-05 81000] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-06-29 1519616] "MsmqIntCert"="mqrt.dll" - c:\windows\system32\mqrt.dll [2008-04-14 177152] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" - c:\windows\system32\CHDAudPropShortcut.exe [2006-06-02 61952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\windows\system32\config\systemprofile\Start Menu\Programs\Startup\ Vongo Tray.lnk - c:\program files\Vongo\Tray.exe [2006-5-9 73728] c:\documents and settings\Administrator\Start Menu\Programs\Startup\ Vongo Tray.lnk - c:\program files\Vongo\Tray.exe [2006-5-9 73728] c:\documents and settings\user\Start Menu\Programs\Startup\ SolidWorks Task Scheduler Engine.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-2-15 488728] Vongo Tray.lnk - c:\program files\Vongo\Tray.exe [2006-5-9 73728] c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Pavilion Webcam Tray Icon.lnk - c:\program files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe [2007-2-20 98304] HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{E37CB5F0-51F5-4395-A808-5FA49E399003}"= "c:\program files\GbPlugin\gbiehcef.dll" [2007-07-12 322120] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Scraps Verify.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Scraps Verify.lnk backup=c:\windows\pss\Scraps Verify.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\LeechFTP\\Leechftp.exe"= "c:\\Documents and Settings\\user\\Desktop\\eMule0.48a\\emule.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R2 BlackfishSQL;BlackfishSQL;c:\program files\CodeGear RAD Studio\6.0\bin\BSQLServer.exe [2008-08-29 65536] S0 GbpSv;Gbp Service; [x] S1 aswSP;avast! Self Protection; [x] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] S2 PDMWorks Workgroup Server;Servidor PDMWorks;c:\program files\PDMWorks Workgroup\Vault\pdmwService.exe [2008-02-15 3153920] S2 Remote Solver for COSMOSFloWorks 2008;Remote Solver for COSMOSFloWorks 2008;c:\program files\SolidWorks\COSMOS\FloWorks\binCFW\StandAloneSlv.exe [2008-01-23 245760] --- --- *NewlyCreated* - GBPSV . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.uol.com.br/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} - hxxps://imagem.caixa.gov.br/cab/GbPluginCef.cab . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-16 00:44 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????<?@? ????h??????Y?@?????<?@ Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-3548352049-1614318370-44585621-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{74ADB663-7806-A6EC-193B-66448D6BC873}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "oaheplopkooihkhdahafopklfbdafe"=hex:6b,61,64,6c,6a,65,62,66,6d,6c,6f,70,6f,62, 70,6c,6a,69,61,6b,69,70,00,00 "nancfdpfaphgoindmnbakpnlfdpl"=hex:6a,61,64,6c,6a,65,62,66,6d,6c,6b,70,6f,64, 63,6d,6f,6f,62,6c,00,f5 "gbpeenocdnifehmagijcbdahpmdmmgiaflcndephggflhg"=hex:61,61,00,00 "bbfgonockhnpdgfngbkppigabhcikaaggimp"=hex:61,61,00,00 . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(908) c:\program files\GbPlugin\gbiehcef.dll - - - - - - - > 'explorer.exe'(5876) c:\progra~1\WINDOW~1\wmpband.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Internet Explorer\mui\0416\browselc.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll c:\program files\Microsoft Office\Office12\1046\GrooveIntlResource.dll c:\program files\GbPlugin\gbiehcef.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll . ------------------------ Outros Processos em Execução ------------------------ . c:\program files\Avast4\aswUpdSv.exe c:\program files\Avast4\ashServ.exe c:\windows\system32\rundll32.exe c:\windows\system32\msdtc.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe c:\progra~1\MI3AA1~1\rapimgr.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\ehome\ehrecvr.exe c:\docume~1\user\LOCALS~1\Temp\SolidWorksLicTemp.0001 c:\windows\ehome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\snmp.exe c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe c:\program files\Vongo\VongoService.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\mqsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\searchindexer.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\windows\system32\mqtgsvc.exe c:\program files\Avast4\ashMaiSv.exe c:\program files\Avast4\ashWebSv.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe c:\windows\system32\dllhost.exe c:\program files\GbPlugin\GbpSv.exe c:\windows\ehome\ehmsas.exe c:\windows\system32\searchprotocolhost.exe c:\windows\system32\searchfilterhost.exe . ************************************************************************** . Tempo para conclusão: 2009-04-16 0:49 - Máquina reiniciou ComboFix-quarantined-files.txt 2009-04-16 03:49 Pré-execução: 6,166,802,432 bytes free Pós execução: 7,209,762,816 bytes disponíveis 334 --- E O F --- 2009-04-15 22:57 Muito obrigado!
  6. Boa noite! Eu acredito que eu esteja com um virus de pendrive, peço que por favor deem uma olhada em meus logs. Quando eu peço para exibir arquivos ocultos ele ignora, e quando eu aperto ok e abro o dialogo de opções de pastas de novo, ele esta na opcao anterior (esconder pastas e arqs ocultos). Quando espetei o pendrive no pc ele detectou o virus fi.cmd no root do drive F: do pendrive! Por favor notem que eu consegui apagar o autorun.inf do root do meu pendrive e criei uma pasta com esse nome (autorun.inf) pois li na INFO que o virus nao conseguiria sobreescrever a pasta com um arquivo. Segue abaixo os logs: DDS (Ver_09-03-16.01) - NTFSx86 Run by user at 22:05:30.90 on Sun 04/12/2009 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1033.18.959.185 [GMT -3:00] AV: avast! antivirus 4.8.1335 [VPS 090412-0] *On-access scanning disabled* (Updated) FW: Norton Internet Worm Protection *disabled* ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\GbPlugin\GbpSv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Vongo\Tray.exe C:\WINDOWS\system32\msdtc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\PDMWorks Workgroup\Vault\pdmwService.exe C:\Program Files\SolidWorks\COSMOS\FloWorks\binCFW\StandAloneSlv.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Vongo\VongoService.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Windows Media Player\WMPNetwk.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\user\Desktop\gmer\gmer.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\Documents and Settings\user\Desktop\dds.scr C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.uol.com.br/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540003} - c:\program files\gbplugin\gbiehcef.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe" uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [nwiz] nwiz.exe /installquiet /nodetect mRun: [MsmqIntCert] regsvr32 /s mqrt.dll mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe" mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe mRun: [RecGuard] c:\windows\sminst\RecGuard.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [iMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe" mRun: [\\rafa\EPSON Stylus C63 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s4i4c1.exe /p30 "\\rafa\EPSON Stylus C63 Series" /O6 "USB001" /M "Stylus C63" mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [avast!] c:\progra~1\avast4\ashDisp.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\user\startm~1\programs\startup\solidw~1.lnk - c:\program files\solidworks\swscheduler\swBOEngine.exe StartupFolder: c:\docume~1\user\startm~1\programs\startup\vongot~1.lnk - c:\program files\vongo\Tray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppavi~1.lnk - c:\program files\hewlett-packard\hp pavilion webcam\HPWebcam.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000 IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://img4.orkut.com/activex/10036/photouploader.cab DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} - hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} - hxxps://imagem.caixa.gov.br/cab/GbPluginCef.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399003} - c:\program files\gbplugin\gbiehcef.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-23 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-12-23 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast4\ashServ.exe [2008-12-23 138680] R2 GbpSv;Gbp Service;c:\program files\gbplugin\GbpSv.exe [2007-9-3 49224] R2 McrdSvc;Media Center estender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-6 99328] R2 PDMWorks Workgroup Server;Servidor PDMWorks;c:\program files\pdmworks workgroup\vault\pdmwService.exe [2008-2-15 3153920] R2 Remote Solver for COSMOSFloWorks 2008;Remote Solver for COSMOSFloWorks 2008;c:\program files\solidworks\cosmos\floworks\bincfw\StandAloneSlv.exe [2008-1-23 245760] R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-11-27 1247600] S2 BlackfishSQL;BlackfishSQL;c:\program files\codegear rad studio\6.0\bin\BSQLServer.exe [2008-8-29 65536] S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\avast4\ashMaiSv.exe [2008-12-23 254040] S3 avast! Web Scanner;avast! Web Scanner;c:\program files\avast4\ashWebSv.exe [2008-12-23 352920] =============== Created Last 30 ================ 2009-04-12 21:23 <DIR> --d----- c:\docume~1\user\applic~1\ForceDel 2009-04-08 15:19 98,304 a------- c:\windows\system32\CmdLineExt.dll 2009-04-08 14:57 <DIR> --d----- c:\program files\Rockstar Games 2009-04-08 14:49 <DIR> --d----- c:\docume~1\user\applic~1\DAEMON Tools Pro 2009-04-08 14:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite 2009-04-08 14:48 <DIR> --d----- c:\program files\DAEMON Tools Lite 2009-04-05 22:39 <DIR> --d----- c:\program files\SystemRequirementsLab 2009-04-03 21:37 <DIR> --d----- C:\Rafa 2009-04-01 22:47 717,296 a------- c:\windows\system32\drivers\sptd.sys 2009-04-01 22:47 <DIR> --d----- c:\docume~1\user\applic~1\DAEMON Tools Lite 2009-03-28 14:36 18,944 a------- c:\windows\eraser.exe 2009-03-28 14:36 <DIR> --d----- c:\program files\LeechFTP 2009-03-28 14:14 <DIR> --d----- c:\program files\VobSub 2009-03-25 22:14 <DIR> --d----- c:\docume~1\alluse~1\applic~1\COSMOS Applications 2009-03-25 17:55 20 a------- c:\windows\system32\login.svf 2009-03-25 17:55 0 a------- c:\windows\system32\r3.svf 2009-03-25 17:55 0 a------- c:\windows\system32\r2.svf 2009-03-25 17:55 0 a------- c:\windows\system32\r1.svf 2009-03-25 17:55 0 a------- c:\windows\system32\r_aux.svf 2009-03-24 13:58 <DIR> --d----- c:\docume~1\user\applic~1\DassaultSystemes 2009-03-24 13:58 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DassaultSystemes 2009-03-18 20:56 <DIR> --d----- c:\program files\Windows Desktop Search 2009-03-18 20:50 <DIR> --d----- C:\VaultData 2009-03-18 20:50 <DIR> --d----- c:\program files\PDMWorks Workgroup 2009-03-18 20:35 <DIR> --d----- c:\program files\COSMOS Applications 2009-03-18 19:02 <DIR> --d----- c:\docume~1\user\applic~1\SolidWorks 2008 2009-03-18 19:00 <DIR> --d----- c:\docume~1\user\applic~1\SolidWorks 2009-03-18 18:51 <DIR> --d----- c:\docume~1\user\applic~1\DWGeditor 2009-03-18 18:50 <DIR> --d----- c:\program files\DWGeditor 2009-03-18 18:50 0 a------- c:\windows\eDrawingOfficeAutomator.INI 2009-03-18 18:46 23 a---h--- c:\windows\yacht.xws 2009-03-18 18:35 <DIR> --d----- c:\program files\common files\SolidWorks Shared 2009-03-18 18:33 <DIR> --d----- c:\windows\system32\GroupPolicy 2009-03-18 18:33 <DIR> --d----- c:\program files\common files\eDrawings2008 2009-03-18 18:33 <DIR> --d----- C:\Solidworks Data 2009-03-18 18:33 <DIR> --d----- c:\program files\SolidWorks 2009-03-18 18:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SolidWorks 2009-03-18 18:24 <DIR> --d----- c:\windows\system32\XPSViewer 2009-03-18 18:21 14,048 -------- c:\windows\system32\spmsg2.dll 2009-03-18 18:19 <DIR> --d----- c:\windows\SolidWorks 2009-03-18 18:19 <DIR> --d----- c:\docume~1\user\applic~1\IM 2009-03-18 18:13 8,704 a------- c:\windows\system32\ibfs32.dll 2009-03-17 22:12 <DIR> --d----- c:\program files\MSECache 2009-03-15 18:06 <DIR> --d----- c:\program files\iPod 2009-03-15 18:05 <DIR> --d----- c:\program files\iTunes 2009-03-15 18:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} 2009-03-15 18:04 <DIR> --d----- c:\program files\Bonjour ==================== Find3M ==================== 2009-02-09 08:13 1,846,784 a------- c:\windows\system32\win32k.sys 2009-02-09 08:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys 2009-02-06 19:14 308,088 a------- c:\windows\WLXPGSS.SCR 2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll 2009-01-16 20:35 3,594,752 -------- c:\windows\system32\dllcache\mshtml.dll 2008-11-26 16:15 31 a------- c:\documents and settings\user\jagex_runescape_preferences.dat 2007-06-01 21:59 0 a------- c:\docume~1\user\applic~1\wklnhst.dat 2007-04-20 18:18 22 a--sh--- c:\windows\sminst\HPCD.sys ============= FINISH: 22:06:12.68 =============== GMER 1.0.15.14966 - http://www.gmer.net Rootkit scan 2009-04-12 22:13:44 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xEC1336B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xEC133574] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xEC133A52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xEC13314C] SSDT spol.sys ZwEnumerateKey [0xF730ECA2] SSDT spol.sys ZwEnumerateValueKey [0xF730F030] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xEC13364E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xEC13308C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xEC1330F0] SSDT spol.sys ZwQueryKey [0xF730F108] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xEC13376E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xEC13372E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xEC1338AE] INT 0x62 ? 863D8BF8 INT 0x83 ? 86368BF8 INT 0xB4 ? 860D7ED8 ---- Kernel code sections - GMER 1.0.15 ---- ? spol.sys O sistema não pode encontrar o arquivo especificado. ! .text USBPORT.SYS!DllUnload F5D0A8AC 5 Bytes JMP 860D74B8 .text aeez706p.SYS F5B8F386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text aeez706p.SYS F5B8F3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text aeez706p.SYS F5B8F3C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH} .text aeez706p.SYS F5B8F3C9 1 Byte [2E] .text aeez706p.SYS F5B8F3C9 11 Bytes [2E, 00, 00, 00, 5C, 02, 00, ...] {ADD CS:[EAX], AL; ADD [EDX+EAX+0x0], BL; ADD [EAX], AL; ADD [EAX], AL} .text ... ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\winlogon.exe[904] kernel32.dll!FreeLibrary 7C80AC6E 5 Bytes JMP 10054D00 C:\Program Files\GbPlugin\gbiehcef.dll (Gbieh Module/Caixa Economica Federal) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe[1496] USER32.dll!FindWindowA 7E4282E1 5 Bytes JMP 02156F70 C:\Program Files\GbPlugin\gbiehcef.dll (Gbieh Module/Caixa Economica Federal) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe[1496] USER32.dll!GetKeyState 7E429ED9 5 Bytes JMP 021384B0 C:\Program Files\GbPlugin\gbiehcef.dll (Gbieh Module/Caixa Economica Federal) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe[1496] USER32.dll!GetAsyncKeyState 7E42A78F 5 Bytes JMP 021387C0 C:\Program Files\GbPlugin\gbiehcef.dll (Gbieh Module/Caixa Economica Federal) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe[1496] USER32.dll!GetKeyboardState 7E42D226 5 Bytes JMP 02138630 C:\Program Files\GbPlugin\gbiehcef.dll (Gbieh Module/Caixa Economica Federal) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe[1496] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 02156FB0 C:\Program Files\GbPlugin\gbiehcef.dll (Gbieh Module/Caixa Economica Federal) .text C:\WINDOWS\system32\SearchIndexer.exe[1544] kernel32.dll!WriteFile 7C810E17 7 Bytes JMP 01121B19 C:\WINDOWS\system32\mssrch.dll (mssrch.lib/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5072] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 42F0F341 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5072] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 430A187F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5072] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 430A1800 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5072] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 430A1844 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5072] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 430A178C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5072] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 430A17C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5072] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 430A18BA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5072] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 42F316F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F72F1040] spol.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F72F113C] spol.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F72F10BE] spol.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F72F17FC] spol.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F72F16D2] spol.sys IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!KfAcquireSpinLock] 4B8BDF8B IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!READ_PORT_UCHAR] 8D3F0304 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!KeGetCurrentIrql] CB033043 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!KfRaiseIrql] 0673C13B IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!KfLowerIrql] C13B0003 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!HalGetInterruptVector] 8366FA72 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!HalTranslateBusAddress] 75000E7B IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!KeStallExecutionProcessor] 0B7D80E3 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!KfReleaseSpinLock] 307B8D00 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 00AA840F IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!READ_PORT_USHORT] 83660000 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 6A000E7A IAT \SystemRoot\System32\Drivers\aeez706p.SYS[HAL.dll!WRITE_PORT_UCHAR] C6647400 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[WMILIB.SYS!WmiSystemControl] 4F8B0200 IAT \SystemRoot\System32\Drivers\aeez706p.SYS[WMILIB.SYS!WmiCompleteRequest] 968D5140 IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7301048] spol.sys ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\services.exe[948] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 005D0002 IAT C:\WINDOWS\system32\services.exe[948] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 005D0000 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 863671F8 AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) Device \FileSystem\Fastfat \FatCdrom 857E7500 Device \Driver\USBSTOR \Device\0000009c 84E051F8 AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.) Device \Driver\usbohci \Device\USBPDO-0 8618A500 Device \Driver\usbehci \Device\USBPDO-1 8617E1F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 863691F8 Device \Driver\dmio \Device\DmControl\DmConfig 863691F8 Device \Driver\dmio \Device\DmControl\DmPnP 863691F8 Device \Driver\dmio \Device\DmControl\DmInfo 863691F8 Device \Driver\PCI_PNP3836 \Device\00000055 spol.sys Device \Driver\PCI_PNP3836 \Device\00000055 spol.sys AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\Ftdisk \Device\HarddiskVolume1 863D91F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 863D91F8 Device \Driver\Cdrom \Device\CdRom0 860C0500 Device \Driver\Ftdisk \Device\HarddiskVolume3 863D91F8 Device \Driver\sptd \Device\3819261336 spol.sys Device \Driver\NetBT \Device\NetBt_Wins_Export 857FF500 Device \Driver\NetBT \Device\NetbiosSmb 857FF500 Device \Driver\nvata \Device\00000086 863681F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{CB3B1152-B05E-47BC-837A-30D746B5F0C4} 857FF500 AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\NetBT \Device\NetBT_Tcpip_{45CECF11-0616-41F4-A286-C85ACD6FE123} 857FF500 Device \Driver\usbohci \Device\USBFDO-0 8618A500 Device \Driver\nvata \Device\NvAta0 863681F8 Device \Driver\usbehci \Device\USBFDO-1 8617E1F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8543D1F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8543D1F8 Device \Driver\Ftdisk \Device\FtControl 863D91F8 Device \Driver\aeez706p \Device\Scsi\aeez706p1 861421F8 Device \FileSystem\Fastfat \Fat 857E7500 AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) Device \FileSystem\Cdfs \Cdfs 861AD358 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF0 0x19 0x80 0xC2 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x3B 0x4F 0xCB 0xAC ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x05 0x20 0x53 0x8E ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF0 0x19 0x80 0xC2 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x3B 0x4F 0xCB 0xAC ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x05 0x20 0x53 0x8E ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{74ADB663-7806-A6EC-193B-66448D6BC873} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{74ADB663-7806-A6EC-193B-66448D6BC873}@oaheplopkooihkhdahafopklfbdafe 0x6B 0x61 0x64 0x6C ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{74ADB663-7806-A6EC-193B-66448D6BC873}@nancfdpfaphgoindmnbakpnlfdpl 0x6A 0x61 0x64 0x6C ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{74ADB663-7806-A6EC-193B-66448D6BC873}@gbpeenocdnifehmagijcbdahpmdmmgiaflcndephggflhg 0x61 0x61 0x00 0x00 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{74ADB663-7806-A6EC-193B-66448D6BC873}@bbfgonockhnpdgfngbkppigabhcikaaggimp 0x61 0x61 0x00 0x00 ---- EOF - GMER 1.0.15 ---- Muito obrigado!
  7. Ah... é uma pena que aqui é só rede sem fio... Mas ontem eu fiz o upgrade pro DD-WRT (Com muito medo) E se vocês estão lendo isso, é porque tudo deu certo, hehe! E até agora o problema cessou...! Obrigado pela ajuda de todos!
  8. pois é... (eu comprei o linksys antes de colocar speedy) então eu não sabia que eles iam me mandar um modem roteador xP. Mas se eu usasse um AP, não teria como eu autenticar com esse modem roteador, né? Eu já procurei por tudo alguma configuração assim... será que pode ser defeito de fábrica?
  9. Depende da distancia entre os PCs... Da pra você ligar sem AP (Ad-Hoc) mas os pcs tem que estar muito perto... caso contrario, você tem que usar um Router
  10. hm... não tinha pensado nisso... será que é por isso que quando eu desligo o DHCP do Roteador Wireless e deixo o DHCP do modem ligado eu não consigo obter um IP de rede ou não tem nada a ver?
  11. Algúem aí com alguma solução a não ser troca de firmware? =]
  12. Opa... então... no seu caso, eu acho que a "conexao local 2" é a que esta inativa e o meu conselho é que voce desabilite-a. já a "conexao turbo" é a dial up(que você poe a senha) para você se logar no seu provedor de internet.
  13. caraca mano, te amo! Juro que to a muuito tempo tentando configurar esse teclado!
  14. Opa Obrigadão aí! Como eu não achei nenhuma outra solução... vou instalar o linux no meu aqui... Fico no aguardo se alguem tem alguma outra solução Valeu todos pela ajuda! ... Abraço

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

GRÁTIS: minicurso “Como ganhar dinheiro montando computadores”

Gabriel TorresGabriel Torres, fundador e editor executivo do Clube do Hardware, acaba de lançar um minicurso totalmente gratuito: "Como ganhar dinheiro montando computadores".

Você aprenderá sobre o quanto pode ganhar, como cobrar, como lidar com a concorrência, como se tornar um profissional altamente qualificado e muito mais!

Inscreva-se agora!