Curtir Curtir:  0
Página 2 de 6 PrimeiroPrimeiro 1234 ... ÚltimoÚltimo
Resultados 11 a 20 de 56

Tópico: Resolvendo problemas com sites !

  1. #11
    Avatar de Serafan
    Registro
    06-10-2009
    Posts
    3.090
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas Repórter
    Adepto do OffColunistaEscritorCrítico
    Peso da Avaliação
    0

    Padrão

    Caro Diego,

    Fico alegre em saber que o meu tópico está ajudando os membros aqui do fórum a solucionarem dúvidas e problemas que encomodam bastante no nosso dia-a-dia no tibia.
    Fique sabendo que qualquer outra dúvida pode ser respondida aqui no fórum de suporte ou até mesmo clicando no link a baixo, por MP.

    Publicidade:
    Atenciosamente,
    - Serafan.



  2. #12
    Avatar de bebiano
    Registro
    24-09-2009
    Idade
    24
    Posts
    7
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas EstagiárioNewcomer
    Peso da Avaliação
    0

    Padrão

    Log
    Código:
    ComboFix 09-11-27.04 - Familia 28/11/2009  1:35.2.1 - x86
    Microsoft Windows XP Professional  5.1.2600.3.1252.55.1046.18.511.233 [GMT -2:00]
    Executando de: c:\documents and settings\Familia\Meus documentos\Downloads\ComboFix*****
    AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    
    ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!
    .
    
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    
    c:\documents and settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr0.dat
    c:\documents and settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr1.dat
    c:\windows\system32\twain_32.dll
    
    ----- BITS: Sites possivelmente infectados -----
    
    hxxp://armmf.adobe.com
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2009-10-28 to 2009-11-28  ))))))))))))))))))))))))))))
    .
    
    2009-11-28 01:44 . 2009-11-26 15:02    58720    ----a-w-    c:\documents and settings\All Users\Dados de aplicativos\Zwunzi\zwunzi129*****
    2009-11-26 19:38 . 2009-11-26 19:48    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\MessengerDiscovery 2
    2009-11-26 16:44 . 2009-11-28 03:30    --------    d-----w-    c:\arquivos de programas\Zwunzi
    2009-11-26 16:44 . 2009-11-28 01:44    --------    d-----w-    c:\documents and settings\All Users\Dados de aplicativos\Zwunzi
    2009-11-22 19:41 . 2009-11-22 19:46    --------    d-----w-    c:\arquivos de programas\******** NG 8.50 ot
    2009-11-22 06:25 . 2009-11-25 23:35    --------    d-----w-    c:\arquivos de programas\Ot 8.50
    2009-11-21 02:26 . 2009-11-21 04:05    --------    d-----w-    c:\arquivos de programas\Conquer 2.0
    2009-11-20 05:36 . 2009-11-26 21:49    --------    d-----w-    C:\GunSoft
    2009-11-20 02:50 . 2009-11-20 04:20    452464325    ----a-w-    C:\KnightOnlineSetup_1708*****
    2009-11-20 00:40 . 2008-04-13 18:40    96512    -c--a-w-    c:\windows\system32\dllcache\atapi.sys
    2009-11-20 00:40 . 2008-04-13 18:40    96512    ------w-    c:\windows\system32\drivers\atapi.sys
    2009-11-19 15:04 . 2009-11-19 15:04    1    ----a-w-    c:\documents and settings\Familia\Dados de aplicativos\BrOffice.org2\user\uno_packages\cache\stamp.sys
    2009-11-18 20:36 . 2009-11-18 20:36    --------    d-----w-    c:\arquivos de programas\Arquivos comuns\EZB Systems
    2009-11-18 20:36 . 2009-11-18 20:36    --------    d-----w-    c:\arquivos de programas\UltraISO
    2009-11-18 20:21 . 2009-11-18 20:21    --------    d-----w-    c:\arquivos de programas\WinISO
    2009-11-17 23:03 . 2009-11-19 07:34    --------    d-----w-    c:\arquivos de programas\Microsoft Silverlight
    2009-11-17 20:05 . 2009-11-17 20:05    --------    d-----w-    c:\arquivos de programas\MGTGames
    2009-11-17 20:02 . 2000-01-14 15:14    101376    ----a-w-    c:\windows\UniFish3*****
    2009-11-17 20:01 . 2009-11-17 20:01    --------    d-----w-    c:\arquivos de programas\Hasbro Interactive
    2009-11-17 19:52 . 2009-11-17 19:52    --------    d-----w-    c:\arquivos de programas\MyRealGames.com
    2009-11-17 15:22 . 2009-11-18 00:07    --------    d-----w-    c:\arquivos de programas\Tremulous
    2009-11-17 11:56 . 2009-11-04 13:18    58872    ----a-w-    c:\documents and settings\All Users\Dados de aplicativos\Findbasic\findbasic137*****
    2009-11-17 02:39 . 2009-11-17 02:39    --------    d-----w-    c:\arquivos de programas\Incanta
    2009-11-17 02:37 . 2009-11-17 02:37    --------    d-----w-    c:\documents and settings\Familia\WINDOWS
    2009-11-16 19:58 . 2009-11-16 19:58    152576    ----a-w-    c:\documents and settings\Familia\Dados de aplicativos\Sun\Java\jre1.6.0_17\lzma.dll
    2009-11-16 19:46 . 2009-11-16 19:57    79488    ----a-w-    c:\documents and settings\Familia\Dados de aplicativos\Sun\Java\jre1.6.0_17\gtapi.dll
    2009-11-14 14:23 . 2009-11-14 14:23    --------    d-----w-    C:\Sierra
    2009-11-14 13:41 . 2009-11-14 13:41    --------    d-----w-    c:\arquivos de programas\Discador Digerati
    2009-11-11 16:32 . 2009-11-24 20:06    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\sqlitestudio
    2009-11-08 01:49 . 2009-11-08 01:49    --------    d-----w-    c:\windows\system32\wbem\Repository
    2009-11-07 01:41 . 2009-11-07 01:41    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\Nokia
    2009-11-06 22:58 . 2009-11-06 22:58    --------    d-sh--w-    c:\documents and settings\Familia\PrivacIE
    2009-11-06 22:53 . 2009-11-06 22:53    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\DataLayer
    2009-11-06 19:07 . 2009-11-16 20:34    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\MSN6
    2009-11-02 16:17 . 2009-11-02 16:17    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\Ahead
    2009-10-31 21:12 . 2009-11-08 01:49    --------    d-----w-    c:\documents and settings\Familia\Phone Browser
    
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-11-28 02:44 . 2008-01-10 17:25    --------    d---a-w-    c:\documents and settings\All Users\Dados de aplicativos\TEMP
    2009-11-27 21:57 . 2009-07-15 00:53    --------    d-----w-    c:\arquivos de programas\******** NG
    2009-11-26 21:53 . 2009-10-16 21:40    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\VMNTOOLBAR
    2009-11-23 15:22 . 2009-10-16 22:38    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\Tibia
    2009-11-22 13:08 . 2008-03-12 13:22    --------    d-----w-    c:\arquivos de programas\Arquivos comuns\Adobe
    2009-11-22 05:59 . 2009-06-12 16:34    --------    d-----w-    c:\arquivos de programas\No-IP
    2009-11-21 12:01 . 2007-10-11 20:21    --------    d--h--w-    c:\arquivos de programas\InstallShield Installation Information
    2009-11-21 04:49 . 2009-08-15 19:11    --------    d--h--w-    c:\arquivos de programas\updart
    2009-11-20 00:59 . 2008-07-08 16:15    --------    d-----w-    c:\arquivos de programas\FunWebProducts
    2009-11-19 16:37 . 2009-10-25 01:03    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\BrOffice.org2
    2009-11-17 23:03 . 2008-03-29 14:37    --------    d-----w-    c:\arquivos de programas\Windows Live
    2009-11-17 15:01 . 2009-10-03 23:12    --------    d-----w-    c:\arquivos de programas\Findbasic
    2009-11-17 12:19 . 2001-10-28 15:07    83264    ----a-w-    c:\windows\system32\perfc016.dat
    2009-11-17 12:19 . 2001-10-28 15:07    477488    ----a-w-    c:\windows\system32\perfh016.dat
    2009-11-17 11:56 . 2009-10-03 23:12    --------    d-----w-    c:\documents and settings\All Users\Dados de aplicativos\Findbasic
    2009-11-17 02:22 . 2009-10-04 19:23    --------    d-----w-    c:\arquivos de programas\Tibia 8.500
    2009-11-16 21:00 . 2009-01-14 18:04    --------    d-----w-    c:\arquivos de programas\Tibia
    2009-11-16 21:00 . 2009-07-29 07:29    --------    d-----w-    c:\arquivos de programas\******** NG1
    2009-11-16 21:00 . 2009-10-16 13:43    --------    d-----w-    c:\arquivos de programas\******** NG 8.50
    2009-11-16 19:59 . 2008-03-05 16:47    --------    d-----w-    c:\arquivos de programas\Java
    2009-11-04 14:30 . 2009-10-16 21:40    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\EmailNotifier
    2009-10-27 23:48 . 2008-03-28 23:20    --------    d-----w-    c:\arquivos de programas\Google
    2009-10-25 01:08 . 2009-10-25 01:08    --------    d-----w-    c:\arquivos de programas\Cresce.Net
    2009-10-25 01:02 . 2009-10-25 01:02    --------    d-----w-    c:\arquivos de programas\Phoenix Crew
    2009-10-16 22:39 . 2009-10-16 22:39    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\Windows Live Writer
    2009-10-16 22:33 . 2009-10-16 22:33    --------    d-----w-    c:\documents and settings\LocalService\Dados de aplicativos\PC Suite
    2009-10-16 21:54 . 2009-10-16 21:54    --------    d-----w-    c:\documents and settings\Familia\Dados de aplicativos\PC Suite
    2009-10-16 01:14 . 2009-10-16 01:14    --------    d-----w-    c:\arquivos de programas\Discador TopGames
    2009-10-14 11:45 . 2009-09-06 21:28    --------    d-----w-    c:\arquivos de programas\Arquivos comuns\Symantec Shared
    2009-10-11 06:17 . 2008-12-10 09:38    411368    ----a-w-    c:\windows\system32\deploytk.dll
    2009-10-07 18:58 . 2009-10-07 18:58    28    ----a-w-    c:\documents and settings\Bebiano\07102009.Dat
    2009-10-07 13:59 . 2009-09-09 22:09    --------    d-sh--w-    c:\documents and settings\All Users\Dados de aplicativos\MPK
    2009-10-06 16:10 . 2009-10-06 16:10    --------    d-----w-    c:\documents and settings\Administrador\Dados de aplicativos\VMNTOOLBAR
    2009-10-06 16:10 . 2009-10-06 16:10    --------    d-----w-    c:\documents and settings\Administrador\Dados de aplicativos\EmailNotifier
    2009-10-06 16:10 . 2009-10-06 16:10    --------    d-----w-    c:\documents and settings\Convidado\Dados de aplicativos\VMNTOOLBAR
    2009-10-06 16:10 . 2009-10-06 16:10    --------    d-----w-    c:\documents and settings\Convidado\Dados de aplicativos\EmailNotifier
    2009-10-06 16:00 . 2009-10-06 16:00    --------    d-----w-    c:\documents and settings\Administrador\Dados de aplicativos\PC Suite
    2009-10-04 15:13 . 2009-10-04 15:13    28    ----a-w-    c:\documents and settings\Bebiano\04102009.Dat
    2009-10-04 15:05 . 2009-05-13 03:06    --------    d-----w-    c:\documents and settings\All Users\Dados de aplicativos\avg8
    2009-10-03 23:12 . 2009-10-03 23:12    --------    d-----w-    c:\documents and settings\All Users\Dados de aplicativos\EmailNotifier
    2009-10-03 23:12 . 2009-10-03 23:12    --------    d-----w-    c:\arquivos de programas\vmntoolbar
    2009-10-03 23:12 . 2009-10-03 23:12    --------    d-----w-    c:\arquivos de programas\CA VMN Anti-Spyware
    2009-10-03 23:12 . 2009-10-03 23:12    --------    d-----w-    c:\arquivos de programas\Common Files
    2009-10-03 23:11 . 2009-10-03 23:11    --------    d-----w-    c:\arquivos de programas\Free Screensavers
    2009-09-30 15:31 . 2009-09-30 15:31    28    ----a-w-    c:\documents and settings\Bebiano\30092009.Dat
    2009-09-29 16:01 . 2009-09-29 16:01    28    ----a-w-    c:\documents and settings\Bebiano\29092009.Dat
    2009-09-27 15:50 . 2009-09-27 15:50    28    ----a-w-    c:\documents and settings\Bebiano\27092009.Dat
    2009-09-11 14:19 . 2002-09-09 17:07    136192    ----a-w-    c:\windows\system32\msv1_0.dll
    2009-09-10 00:30 . 2009-09-10 00:30    0    ----a-w-    c:\windows\system32\drivers\usbkbd.sys
    2009-09-10 00:30 . 2007-10-11 16:25    65536    ----a-w-    c:\windows\DUMP83b6.tmp
    2009-09-10 00:29 . 2007-10-11 16:25    65536    ----a-w-    c:\windows\DUMP7a21.tmp
    2009-09-09 21:58 . 2009-09-09 21:58    64000    ----a-w-    c:\windows\system32\ssleay32.dll
    2009-09-09 21:58 . 2009-09-09 21:58    290816    ----a-w-    c:\windows\system32\libeay32.dll
    2009-09-05 16:18 . 2009-09-05 16:18    2613248    ----a-w-    c:\windows\system32\dxdsvr*****
    2009-09-04 21:04 . 2001-10-28 15:07    58880    ----a-w-    c:\windows\system32\msasn1.dll
    1994-05-18 12:00 . 2006-02-08 11:30    19049    -csha-w-    c:\windows\system32\BE*****
    2004-12-19 14:32 . 2006-02-08 11:30    31232    --sha-w-    c:\windows\system32\cmdow*****
    2006-02-08 19:22 . 2006-02-08 13:59    136    -csha-w-    c:\windows\system32\uninstall_otst.cmd
    .
    
    ------- Sigcheck -------
    
    [-] 2009-06-22 . 6F44A632CF9F90F5D499820E4DB3FBBF . 82944 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
    [7] 2008-04-14 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
    [-] 2006-05-19 . 33BAE2D63547096A41E278887F3FB6DE . 70656 . . [5.1.2600.1847] . . c:\windows\$NtUninstallKB922819_0$\ws2_32.dll
    [7] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
    [-] 2001-10-28 . 4A95E7320199EC0E3A695494F140C69F . 75264 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB914388_0$\ws2_32.dll
    .
    (((((((((((((((((((((((((((((   [email protected]_01.05.06   )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-11-28 03:30 . 2009-11-28 03:30    16384              c:\windows\Temp\Perflib_Perfdata_7bc.dat
    + 2007-07-18 12:42 . 2009-10-28 15:07    46080              c:\windows\system32\tzchange*****
    - 2007-07-18 12:42 . 2009-07-14 11:03    46080              c:\windows\system32\tzchange*****
    + 2009-11-25 22:00 . 2009-11-25 22:00    32768              c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon*****
    + 2009-11-25 22:00 . 2009-11-25 22:00    429568              c:\windows\Installer\1abd8b6.msi
    + 2009-07-21 02:03 . 2009-07-21 02:03    1348432              c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
    + 2008-09-24 12:08 . 2009-07-31 12:03    1372672              c:\windows\system32\msxml6.dll
    + 2009-07-21 02:05 . 2009-07-21 02:05    1348432              c:\windows\system32\msxml4.dll
    + 2007-10-13 16:07 . 2009-07-31 04:33    1172480              c:\windows\system32\msxml3.dll
    + 2008-09-24 12:08 . 2009-07-31 12:03    1372672              c:\windows\system32\dllcache\msxml6.dll
    + 2008-11-13 11:18 . 2009-07-31 04:33    1172480              c:\windows\system32\dllcache\msxml3.dll
    + 2009-11-22 13:08 . 2009-11-22 13:08    3957760              c:\windows\Installer\4a9056.msi
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por defeito não são mostradas. 
    REGEDIT4
    
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]
    
    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
    
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
    
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
    2009-09-02 14:58    1107200    ----a-w-    c:\arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]
    
    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]
    
    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
    
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr*****" [2009-07-26 3883840]
    "MSMSGS"="c:\arquivos de programas\Messenger\msmsgs*****" [2008-04-14 1695232]
    "Discador Digerati"="c:\arquivos de programas\Discador Digerati\autoupdate*****" [2003-10-07 16384]
    "swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier*****" [2008-03-29 68856]
    "Google Update"="c:\documents and settings\Familia\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate*****" [2009-11-16 135664]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2001-12-16 2899968]
    "NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2001-12-16 46080]
    "wcmdmgr"="c:\windows\wt\updater\wcmdmgrl*****" [2001-01-25 20480]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck*****" [2001-07-09 155648]
    "InCD"="c:\arquivos de programas\Ahead\InCD\InCD*****" [2005-05-13 1397760]
    "FixCamera"="c:\windows\FixCamera*****" [2007-07-11 20480]
    "tsnp325"="c:\windows\tsnp325*****" [2007-04-21 270336]
    "snp325"="c:\windows\vsnp325*****" [2007-05-10 835584]
    "AVG8_TRAY"="c:\arquiv~1\AVG\AVG8\avgtray*****" [2009-11-16 2028312]
    "TkBellExe"="c:\arquivos de programas\Arquivos comuns\Real\Update_OB\realsched*****" [2009-06-11 198160]
    "killer214"="c:\windows\system32\Tibia*****" [2009-07-04 45056]
    "SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched*****" [2009-10-11 149280]
    "Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl*****" [2009-10-03 35696]
    "Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM*****" [2009-09-04 935288]
    "nwiz"="nwiz*****" - c:\windows\system32\nwiz***** [2001-12-16 782336]
    
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON*****"="c:\windows\System32\CTFMON*****" [2008-04-14 15360]
    
    c:\documents and settings\Mattheus.BEBIANO-P9TLQQR\Menu Iniciar\Programas\Inicializar\
    BrOffice.org 2.3.lnk - c:\arquivos de programas\BrOffice.org 2.3\program\quickstart***** [2007-8-17 393216]
    
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\arquivos de programas\SUPERAntiSpyware\SASSEH.DLL" [2008-05-23 77824]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2008-08-26 13:13    352256    ----a-w-    c:\arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
    2009-08-23 14:38    11952    ----a-w-    c:\windows\system32\avgrsstx.dll
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr*****"=
    "c:\\Arquivos de programas\\Mozilla Firefox\\firefox*****"=
    "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr*****"=
    "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync*****"=
    "c:\\Documents and Settings\\Familia\\Desktop\\Downloads\\Styller Yourots 0.6.1 Rev 04 (8.50-8.52)\\Styller Yourots Rev 04*****"=
    
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [13/5/2009 01:07 335240]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [13/5/2009 01:07 108552]
    R1 SASDIFSV;SASDIFSV;c:\arquivos de programas\SUPERAntiSpyware\SASDIFSV.SYS [10/10/2006 14:53 8944]
    R1 SASKUTIL;SASKUTIL;c:\arquivos de programas\SUPERAntiSpyware\SASKUTIL.SYS [27/2/2007 13:39 55024]
    R2 avg8emc;AVG Free8 E-mail Scanner;c:\arquiv~1\AVG\AVG8\avgemc***** [13/5/2009 01:07 908056]
    R2 avg8wd;AVG Free8 WatchDog;c:\arquiv~1\AVG\AVG8\avgwdsvc***** [13/5/2009 01:07 297752]
    R2 Zwunzi Service;Zwunzi Service;c:\documents and settings\All Users\Dados de aplicativos\Zwunzi\zwunzi129***** [27/11/2009 23:44 58720]
    S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3/3/2008 20:57 664064]
    S2 Apache2.2;Apache2.2;"c:\xampp\apache\bin\httpd*****" -k runservice --> c:\xampp\apache\bin\httpd***** [?]
    S2 Findbasic Service;Findbasic Service;c:\documents and settings\All Users\Dados de aplicativos\Findbasic\findbasic137***** [17/11/2009 09:56 58872]
    S2 SlimFTPd;SlimFTPd;"c:\otstriad\ftp\SlimFTPd*****" -service --> c:\otstriad\ftp\SlimFTPd***** [?]
    S2 XAMPP;XAMPP Service;c:\xampp\service***** --> c:\xampp\service***** [?]
    S3 SASENUM;SASENUM;c:\arquivos de programas\SUPERAntiSpyware\SASENUM.SYS [16/2/2006 18:51 4096]
    S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [18/2/2009 18:33 10394624]
    S3 usb2vcom;USB Data Cable;c:\windows\system32\drivers\usb2vcom.sys [19/10/2007 11:46 29152]
    S3 XDva076;XDva076;\??\c:\windows\system32\XDva076.sys --> c:\windows\system32\XDva076.sys [?]
    .
    Conteúdo da pasta 'Tarefas Agendadas'
    
    2009-11-27 c:\windows\Tasks\Norton Security Scan for Bebiano.job
    - c:\arquivos de programas\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss***** [2009-08-30 19:45]
    .
    .
    ------- Scan Suplementar -------
    .
    TCP: {2F8B96B8-66B0-4D7D-A0C1-EDD1AFD53413} = 208.67.222.222,208.67.220.220
    DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
    FF - ProfilePath - c:\documents and settings\Familia\Dados de aplicativos\Mozilla\Firefox\Profiles\wrarxk0g.default\
    FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    FF - component: c:\arquivos de programas\AVG\AVG8\Firefox\components\avgssff.dll
    FF - component: c:\arquivos de programas\AVG\AVG8\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils2.dll
    FF - component: c:\arquivos de programas\AVG\AVG8\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils3.dll
    FF - component: c:\arquivos de programas\AVG\AVG8\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils35.dll
    FF - component: c:\arquivos de programas\AVG\AVG8\Toolbar\Firefox\[email protected]\components\xpavgtbapi.dll
    FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npkanevapatch.dll
    FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
    FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
    FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    
    ---- FIREFOX POLICIES ----
    c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    
    AddRemove-NVIDIA Display Driver - c:\windows\System32\nvudisp***** Uninstall
    AddRemove-RealJukebox 1.0 - c:\arquivos de programas\Arquivos comuns\Real\Update_OB\r1puninst***** RealNetworks|RealPlayer|6.0
    AddRemove-RealPlayer 6.0 - c:\arquivos de programas\Arquivos comuns\Real\Update_OB\r1puninst***** RealNetworks|RealPlayer|6.0
    
    
    
    **************************************************************************
    
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-11-28 01:52
    Windows 5.1.2600 Service Pack 3 NTFS
    
    Procurando processos ocultos ... 
    
    Procurando entradas auto inicializáveis ocultas ... 
    
    Procurando ficheiros/arquivos ocultos ... 
    
    Varredura completada com sucesso
    arquivos/ficheiros ocultos: 0
    
    **************************************************************************
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    
    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\a67ae326-5297-6599-f032-36c8e64e324]
    @Denied: (Full) (AuthenticatedUsers)
    @Denied: (Full) (Administrators)
    "1v0ek45gmdg1f"=hex:33,36,32,38,34,64,32,30,2d,32,31,39,31,2d,34,32,32,36,2d,
       38,34,31,66,2d,62,66,37,64,32,32,33,33,62,34,33,30
    .
    --------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
    
    - - - - - - - > 'winlogon*****'(684)
    c:\windows\system32\sknc.dll
    c:\arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL
    c:\windows\system32\WININET.dll
    
    - - - - - - - > 'lsass*****'(740)
    c:\windows\system32\sknc.dll
    .
    Tempo para conclusão: 2009-11-28 02:04
    ComboFix-quarantined-files.txt  2009-11-28 04:04
    ComboFix2.txt  2009-11-20 01:15
    
    Pré-execução: 15 pasta(s) 44.523.646.976 bytes disponíveis
    Pós execução: 18 pasta(s) 44.522.414.080 bytes disponíveis
    
    Current=4 Default=4 Failed=2 LastKnownGood=5 Sets=1,2,3,4,5
    - - End Of File - - 71A07399060483772FC92B1B31BC5681
    Última edição por Timari; 29-12-2010 às 13:39. Razão: Melhorando formatação da mensagem.

  3. #13
    Avatar de Serafan
    Registro
    06-10-2009
    Posts
    3.090
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas Repórter
    Adepto do OffColunistaEscritorCrítico
    Peso da Avaliação
    0

    Padrão

    Caro bebiano,

    Baixe o MalwareBytes em www.baixaki.com.br ou siga o link direto:
    -
    Instale o programa e execute-o;
    Desative o seu AntiVírus;
    Marque a opção verificação completa, e depois clique em verificar.

    Certo, enquanto verifica, limparemos os cachês do seu navegador, faça o seguinte:
    Baixe o programa CCleaner no baixaki ou siga o link direto em:

    Execute o CCleaner ; Não mexa em nada ; Clique em Analisar ; Aguarde a Análise ser concluída ; Logo em seguida clique em Executar Limpeza ; Aguarde a limpeza ser concluída.
    Na aba da direita clique em Registro ; Clique em Procurar Erros ; Aguarde a procura ser concluída ; Clique em Corrigir Erros Selecionados ; Na caixa de diálogo que apareceu clique em Não ; Clique em Corrigir Todos Os Erros Selecionados ; Clique em Não na caixa de diálogo que apareceu ; Feche o programa.
    -
    Abra o CMD clicando em Iniciar>Executar e escrevendo " cmd " na caixa de diálogo que abriu (sem aspas).

    Digite: ipconfig /flushdns e aperte enter (repita esse passo 3x).
    Feche o CMD escrevendo exit e apertando enter.

    -

    Após executar o malwarebytes, um log será gerado, copie e cole-o em sua próxima mensagem.
    Última edição por Timari; 28-11-2009 às 14:59.
    Atenciosamente,
    - Serafan.



  4. #14
    Avatar de fedor02
    Registro
    26-09-2007
    Idade
    28
    Posts
    474
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas CríticoDebatedorEstagiárioCitizen
    Peso da Avaliação
    0

    Padrão

    Funciono certinho.
    Thx

  5. #15
    Avatar de Serafan
    Registro
    06-10-2009
    Posts
    3.090
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas Repórter
    Adepto do OffColunistaEscritorCrítico
    Peso da Avaliação
    0

    Padrão

    Caro fedor02,

    Sinta-se livre para usar o tópico para falar sobre assuntos relacionados, também para tirar suas dúvidas, caso o problema persista, estarei disposto a ajuda-lo por MP ou até mesmo por um post criado aqui na seção de suporte.





    Atenciosamente,
    - Serafan.



  6. #16
    Avatar de Pvp Original
    Registro
    25-11-2009
    Posts
    6
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas EstagiárioNewcomer
    Peso da Avaliação
    0

    Padrão

    olha,eu nao consegui,fiz tudo que falaram ai e nao deu certo.sendo q nao tenho anti virus nem nada.ME AJUDEM

    LOG

    Código:
    Windows Registry Editor Version 5.00
    
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Windows.Forms.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Windows.Forms.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscorlib.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\mscoree.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.Drawing.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.EnterpriseServices.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.JScript.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Drawing.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscoree.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\System.EnterpriseServices.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.JScript.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscorlib.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.tlb"=dword:00001000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
    "C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000
    
    [HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]
    
    [HKEY_CLASSES_ROOT\WMPCD]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.0]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.0\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.5]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.5\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cfg]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cfg\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.elfc]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.elfc\OpenWithList]
    "a"="firefox*****"
    "MRUList"="cab"
    "b"="msmsgs*****"
    "c"="Tibia Mc*****"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.elft]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.elft\OpenWithList]
    "a"="Tibia Mc*****"
    "MRUList"="ab"
    "b"="firefox*****"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fg]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fg\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lua]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lua\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.prx]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.prx\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rjt]
    "Application"=""
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rp]
    "Application"=""
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rt]
    "Application"=""
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3db]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3db\OpenWithList]
    "a"="sqlitestudio-1.0.1*****"
    "MRUList"="ba"
    "b"="sqlitestudio-1.0.0-b1*****"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sav\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdp]
    "Application"=""
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgm]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgm\OpenWithList]
    "a"="VisualBoyAdvance*****"
    "MRUList"="a"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srt]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srt\OpenWithList]
    "a"="sqlitestudio-1.0.0-b1*****"
    "MRUList"="a"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.UV]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.UV\OpenWithList]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpt]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpt\OpenWithList]
    
    [HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]
    @="C:\\WINDOWS\\system32\\CMMGR32*****,1"
    
    [HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]
    
    [HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]
    @="C:\\WINDOWS\\system32\\CMMGR32***** \"%1\""
    
    [HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]
    
    [HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]
    @="C:\\WINDOWS\\system32\\CMMGR32***** /settings \"%1\""
    
    [HKEY_CLASSES_ROOT\ots\shell\open]
    
    [HKEY_CLASSES_ROOT\ots\shell\open\command]
    @="\"C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\Tibia MULTI-ip changer*****\" %1"
    
    [HKEY_CLASSES_ROOT\otserv\shell\open]
    
    [HKEY_CLASSES_ROOT\otserv\shell\open\command]
    @="\"C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\Tibia MULTI-ip changer*****\" %1"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}]
    @="ActiveXPlugin Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\InprocServer32]
    @="C:\\WINDOWS\\system32\\plugin.ocx"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus\1]
    @="131473"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ProgID]
    @="Microsoft.ActiveXPlugin.1"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ToolboxBitmap32]
    @="C:\\WINDOWS\\system32\\plugin.ocx, 1"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\TypeLib]
    @="{06DD38D0-D187-11CF-A80D-00C04FD74AD8}"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Version]
    @="1.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\VersionIndependentProgID]
    @="Microsoft.ActiveXPlugin"
    
    [HKEY_CLASSES_ROOT\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
    @="FlashProp Class"
    
    [HKEY_CLASSES_ROOT\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
    @="C:\\WINDOWS\\system32\\macromed\\flash\\flash.ocx"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{1B02BDDF-F6D2-4B36-ABBA-AD49EBC876A5}]
    
    [HKEY_CLASSES_ROOT\CLSID\{1B02BDDF-F6D2-4B36-ABBA-AD49EBC876A5}\InprocServer32]
    @="C:\\ARQUIV~1\\WINDOW~4\\MESSEN~1\\MSGSC8~1.DLL"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}]
    @="Microsoft TabStrip Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="131473"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.TabStrip.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 10"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.TabStrip"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}]
    @="Microsoft ImageList Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="165265"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.ImageListCtrl.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 3"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.ImageListCtrl"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}]
    @="Microsoft ProgressBar Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="172433"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.ProgCtrl.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 17"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.ProgCtrl"
    
    [HKEY_CLASSES_ROOT\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}]
    @="Common Dialog Font Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32]
    @="C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\COMDLG32.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}]
    @="Common Dialog Print Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32]
    @="C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\COMDLG32.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}]
    @="Common Dialog Help Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32]
    @="C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\COMDLG32.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}]
    @="Microsoft Toolbar Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="237969"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.Toolbar.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 12"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.Toolbar"
    
    [HKEY_CLASSES_ROOT\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}]
    @="Common Dialog Open Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32]
    @="C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\COMDLG32.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}]
    @="Common Dialog Color Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32]
    @="C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\COMDLG32.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}]
    @="Microsoft StatusBar Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="172433"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.SBarCtrl.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 1"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.SBarCtrl"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}]
    @="Microsoft ListView Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="131473"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.ListViewCtrl.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 4"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.ListViewCtrl"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}]
    @="TreeView General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}]
    @="TabStrip General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}]
    @="Tab Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}]
    @="ImageList General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}]
    @="Image Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}]
    @="Toolbar General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}]
    @="Button Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}]
    @="StatusBar General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}]
    @="Panel Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}]
    @="Progress Bar General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}]
    @="Slider General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}]
    @="Slider Appearance Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}]
    @="ListView General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}]
    @="ListView Sort Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}]
    @="ListView Images Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}]
    @="ListView Columns Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}]
    @="ImageComboBox General Property Page Object"
    
    [HKEY_CLASSES_ROOT\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}]
    @="Microsoft TreeView Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="131473"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.TreeCtrl.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 2"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.TreeCtrl"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}]
    @="Microsoft ImageComboBox Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="131473"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.ImageComboCtl.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 1916"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.ImageComboCtl"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}]
    @="Microsoft Slider Control 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\MiscStatus\1]
    @="131473"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\ProgID]
    @="MSComctlLib.Slider.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\ToolboxBitmap32]
    @="C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Rar$EX00.422\\Trial Reset\\MSCOMCTL.OCX, 16"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\TypeLib]
    @="{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Version]
    @="2.0"
    
    [HKEY_CLASSES_ROOT\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\VersionIndependentProgID]
    @="MSComctlLib.Slider"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}]
    @="Microsoft Common Dialog Control, version 6.0 (SP6)"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Control]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32]
    @="C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\COMDLG32.OCX"
    "ThreadingModel"="Apartment"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\MiscStatus]
    @="0"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\MiscStatus\1]
    @="132499"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\ProgID]
    @="MSComDlg.CommonDialog.1"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Programmable]
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\ToolboxBitmap32]
    @="C:\\Documents and Settings\\Diogo\\Meus documentos\\Meus arquivos recebidos\\Tibia Multi IP Changer\\Tibia Multi IP Changer\\COMDLG32.OCX, 1"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\TypeLib]
    @="{F9043C88-F6F2-101A-A3C9-08002B2F49FB}"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Version]
    @="1.2"
    
    [HKEY_CLASSES_ROOT\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\VersionIndependentProgID]
    @="MSComDlg.CommonDialog"
    
    [HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}]
    @="IF3PopupMenu"
    
    [HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid]
    @="{00020424-0000-0000-C000-000000000046}"
    
    [HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    
    [HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib]
    @="{E47CAEE0-DEEA-464A-9326-3F2801535A4D}"
    "Version"="1.0"
    
    [HKEY_CLASSES_ROOT\Interface\{915DA835-02FE-4953-92FA-624BDF5D85AB}]
    @="IUserHelper"
    
    [HKEY_CLASSES_ROOT\Interface\{915DA835-02FE-4953-92FA-624BDF5D85AB}\ProxyStubClsid]
    @="{00020424-0000-0000-C000-000000000046}"
    
    [HKEY_CLASSES_ROOT\Interface\{915DA835-02FE-4953-92FA-624BDF5D85AB}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    
    [HKEY_CLASSES_ROOT\Interface\{915DA835-02FE-4953-92FA-624BDF5D85AB}\TypeLib]
    @="{19D52A9A-379C-4720-BA00-3D396ECD24D7}"
    "Version"="1.0"
    
    [HKEY_CLASSES_ROOT\Interface\{D775A119-EAC2-4F28-B06E-8AC16F2695DA}]
    @="IiPodManagerUI"
    
    [HKEY_CLASSES_ROOT\Interface\{D775A119-EAC2-4F28-B06E-8AC16F2695DA}\ProxyStubClsid]
    @="{00020424-0000-0000-C000-000000000046}"
    
    [HKEY_CLASSES_ROOT\Interface\{D775A119-EAC2-4F28-B06E-8AC16F2695DA}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    
    [HKEY_CLASSES_ROOT\Interface\{D775A119-EAC2-4F28-B06E-8AC16F2695DA}\TypeLib]
    @="{19D52A9A-379C-4720-BA00-3D396ECD24D7}"
    "Version"="1.0"
    
    [HKEY_CLASSES_ROOT\Applications\moviemk*****]
    
    [HKEY_CLASSES_ROOT\Applications\moviemk*****\shell]
    "FriendlyCache"="Movie Maker"
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32*****]
    @="C:\\WINDOWS\\system32\\cmmgr32*****"
    "Path"="C:\\WINDOWS\\system32"
    "CmstpExtensionDll"="C:\\WINDOWS\\system32\\cmcfg32.dll"
    "CMInternalVersion"="1.2"
    "CmNative"=dword:00000001
    "ProfilesUpgraded"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\WINDOWS\\winsxs\\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Kaspersky Lab\\Kaspersky Internet Security 2009\\"="1"
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Kaspersky Lab\\"="1"
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\TibiaLive\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\fr\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\it\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\de\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\es\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\zh-Hans\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\zh-Hant\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\ja\\"=""
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Arquivos de programas\\Microsoft Silverlight\\3.0.40624.0\\ko\\"=""
    
    [HKEY_CURRENT_USER\Software\shockwave.com]
    
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpyEmergency"="C:\\Arquivos de programas\\NETGATE\\Spy Emergency 2008\\SpyEmergency*****"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Ardamax Keylogger]
    "Order"=hex:08,00,00,00,02,00,00,00,84,01,00,00,01,00,00,00,03,00,00,00,8c,\
      00,00,00,00,00,00,00,7e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6c,00,\
      32,00,fa,01,00,00,83,3b,d1,63,20,00,41,52,44,41,4d,41,7e,31,2e,4c,4e,4b,00,\
      00,42,00,03,00,04,00,ef,be,83,3b,46,17,83,3b,d1,63,14,00,00,00,41,00,72,00,\
      64,00,61,00,6d,00,61,00,78,00,20,00,4b,00,65,00,79,00,6c,00,6f,00,67,00,67,\
      00,65,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
      00,00,00,00,1c,00,00,00,00,00,00,00,00,00,6e,00,00,00,01,00,00,00,60,00,00,\
      00,41,75,67,4d,02,00,00,00,01,00,00,00,4e,00,32,00,ce,01,00,00,83,3b,d1,63,\
      20,00,48,65,6c,70,2e,6c,6e,6b,00,00,28,00,03,00,04,00,ef,be,83,3b,46,17,83,\
      3b,d1,63,14,00,00,00,48,00,65,00,6c,00,70,00,2e,00,6c,00,6e,00,6b,00,00,00,\
      18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00,7e,\
      00,00,00,02,00,00,00,70,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,\
      32,00,08,02,00,00,83,3b,d1,63,20,00,4c,4f,47,56,49,45,7e,31,2e,4c,4e,4b,00,\
      00,34,00,03,00,04,00,ef,be,83,3b,46,17,83,3b,d1,63,14,00,00,00,4c,00,6f,00,\
      67,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,6c,00,6e,00,6b,00,00,\
      00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\avast! Antivirus]
    "Order"=hex:08,00,00,00,02,00,00,00,8e,01,00,00,01,00,00,00,03,00,00,00,70,\
      00,00,00,00,00,00,00,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,\
      32,00,c9,07,00,00,8a,3a,3b,93,20,00,41,6a,75,64,61,2e,6c,6e,6b,00,2a,00,03,\
      00,04,00,ef,be,8a,3a,3b,93,d2,3a,35,5f,14,00,00,00,41,00,6a,00,75,00,64,00,\
      61,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
      00,18,00,00,00,00,00,00,00,00,00,8a,00,00,00,01,00,00,00,7c,00,00,00,41,75,\
      67,4d,02,00,00,00,01,00,00,00,6a,00,32,00,01,07,00,00,8a,3a,3b,93,20,00,41,\
      56,41,53,54,21,7e,31,2e,4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,8a,3a,3b,93,\
      d2,3a,35,5f,14,00,00,00,61,00,76,00,61,00,73,00,74,00,21,00,20,00,41,00,6e,\
      00,74,00,69,00,76,00,69,00,72,00,75,00,73,00,2e,00,6c,00,6e,00,6b,00,00,00,\
      1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,88,\
      00,00,00,02,00,00,00,7a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,68,00,\
      32,00,57,00,00,00,8a,3a,3b,93,20,00,41,56,41,53,54,21,7e,31,2e,55,52,4c,00,\
      00,3e,00,03,00,04,00,ef,be,8a,3a,3b,93,d2,3a,35,5f,14,00,00,00,61,00,76,00,\
      61,00,73,00,74,00,21,00,20,00,57,00,65,00,62,00,20,00,53,00,69,00,74,00,65,\
      00,2e,00,75,00,72,00,6c,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
      1c,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Avira]
    "Order"=hex:08,00,00,00,02,00,00,00,88,00,00,00,01,00,00,00,01,00,00,00,7c,\
      00,00,00,00,00,00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,\
      31,00,00,00,00,00,5a,3b,52,26,10,00,41,4e,54,49,56,49,7e,31,00,00,36,00,03,\
      00,04,00,ef,be,5a,3b,52,26,5d,3b,55,7f,14,00,00,00,41,00,6e,00,74,00,69,00,\
      56,00,69,00,72,00,20,00,44,00,65,00,73,00,6b,00,74,00,6f,00,70,00,00,00,18,\
      00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BMO WORLD]
    "Order"=hex:08,00,00,00,02,00,00,00,24,03,00,00,01,00,00,00,06,00,00,00,88,\
      00,00,00,00,00,00,00,7a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,68,00,\
      32,00,7c,06,00,00,ac,3a,3b,82,20,00,41,43,43,4f,55,4e,7e,31,2e,4c,4e,4b,00,\
      00,3e,00,03,00,04,00,ef,be,ac,3a,3b,82,d2,3a,35,5f,14,00,00,00,41,00,63,00,\
      63,00,6f,00,75,00,6e,00,74,00,20,00,53,00,69,00,67,00,6e,00,20,00,55,00,70,\
      00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
      1c,00,00,00,00,00,00,00,00,00,7c,00,00,00,01,00,00,00,6e,00,00,00,41,75,67,\
      4d,02,00,00,00,01,00,00,00,5c,00,32,00,1b,06,00,00,ac,3a,3b,82,20,00,42,4d,\
      4f,57,4f,52,7e,31,2e,4c,4e,4b,00,00,32,00,03,00,04,00,ef,be,ac,3a,3b,82,d2,\
      3a,35,5f,14,00,00,00,42,00,4d,00,4f,00,20,00,57,00,4f,00,52,00,4c,00,44,00,\
      2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,\
      00,00,00,00,00,00,00,00,00,9a,00,00,00,02,00,00,00,8c,00,00,00,41,75,67,4d,\
      02,00,00,00,01,00,00,00,7a,00,32,00,4f,06,00,00,ac,3a,3b,82,20,00,42,55,59,\
      47,4f,4c,7e,31,2e,4c,4e,4b,00,00,50,00,03,00,04,00,ef,be,ac,3a,3b,82,d2,3a,\
      35,5f,14,00,00,00,42,00,75,00,79,00,20,00,47,00,6f,00,6c,00,64,00,20,00,50,\
      00,72,00,65,00,6d,00,69,00,75,00,6d,00,20,00,41,00,63,00,63,00,6f,00,75,00,\
      6e,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
      00,00,00,1c,00,00,00,00,00,00,00,00,00,80,00,00,00,03,00,00,00,72,00,00,00,\
      41,75,67,4d,02,00,00,00,01,00,00,00,60,00,32,00,36,06,00,00,ac,3a,3b,82,20,\
      00,48,4f,57,54,4f,50,7e,31,2e,4c,4e,4b,00,00,36,00,03,00,04,00,ef,be,ac,3a,\
      3b,82,d2,3a,35,5f,14,00,00,00,48,00,6f,00,77,00,20,00,54,00,6f,00,20,00,50,\
      00,6c,00,61,00,79,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
      ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,84,00,00,00,04,00,00,00,76,\
      00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,64,00,32,00,27,06,00,00,ac,3a,\
      3b,82,20,00,55,4e,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,3a,00,03,00,04,00,ef,\
      be,ac,3a,3b,82,d2,3a,35,5f,14,00,00,00,55,00,6e,00,69,00,6e,00,73,00,74,00,\
      61,00,6c,00,6c,00,20,00,42,00,4d,00,4f,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,\
      00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,76,00,\
      00,00,05,00,00,00,68,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,56,00,32,\
      00,20,06,00,00,ac,3a,3b,82,20,00,57,65,62,73,69,74,65,2e,6c,6e,6b,00,2e,00,\
      03,00,04,00,ef,be,ac,3a,3b,82,d2,3a,35,5f,14,00,00,00,57,00,65,00,62,00,73,\
      00,69,00,74,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1a,00,0e,00,00,00,0a,00,\
      ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Garena]
    "Order"=hex:08,00,00,00,02,00,00,00,80,00,00,00,01,00,00,00,01,00,00,00,74,\
      00,00,00,00,00,00,00,66,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,54,00,\
      32,00,8f,05,00,00,3d,3b,65,ba,20,00,47,61,72,65,6e,61,2e,6c,6e,6b,00,00,2c,\
      00,03,00,04,00,ef,be,3d,3b,65,ba,70,3b,4a,40,14,00,00,00,47,00,61,00,72,00,\
      65,00,6e,00,61,00,2e,00,6c,00,6e,00,6b,00,00,00,1a,00,0e,00,00,00,0a,00,ef,\
      be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavalys]
    "Order"=hex:08,00,00,00,02,00,00,00,9a,00,00,00,01,00,00,00,01,00,00,00,8e,\
      00,00,00,00,00,00,00,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,\
      31,00,00,00,00,00,89,3a,70,7a,10,00,45,56,45,52,45,53,7e,31,00,00,48,00,03,\
      00,04,00,ef,be,89,3a,70,7a,d2,3a,2f,5f,14,00,00,00,45,00,56,00,45,00,52,00,\
      45,00,53,00,54,00,20,00,55,00,6c,00,74,00,69,00,6d,00,61,00,74,00,65,00,20,\
      00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,00,00,18,00,0e,00,00,00,0a,00,\
      ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavalys\EVEREST Ultimate Edition]
    "Order"=hex:08,00,00,00,02,00,00,00,ba,02,00,00,01,00,00,00,04,00,00,00,9a,\
      00,00,00,00,00,00,00,8c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7a,00,\
      32,00,4d,03,00,00,89,3a,70,7a,20,00,45,56,45,52,45,53,7e,31,2e,4c,4e,4b,00,\
      00,50,00,03,00,04,00,ef,be,89,3a,70,7a,8a,3a,1a,91,14,00,00,00,45,00,56,00,\
      45,00,52,00,45,00,53,00,54,00,20,00,55,00,6c,00,74,00,69,00,6d,00,61,00,74,\
      00,65,00,20,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,2e,00,6c,00,6e,00,\
      6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,\
      00,00,00,b6,00,00,00,01,00,00,00,a8,00,00,00,41,75,67,4d,02,00,00,00,01,00,\
      00,00,96,00,32,00,4d,03,00,00,89,3a,70,7a,20,00,45,56,45,52,45,53,7e,33,2e,\
      4c,4e,4b,00,00,6c,00,03,00,04,00,ef,be,89,3a,70,7a,8a,3a,1a,91,14,00,00,00,\
      45,00,56,00,45,00,52,00,45,00,53,00,54,00,20,00,55,00,6c,00,74,00,69,00,6d,\
      00,61,00,74,00,65,00,20,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,\
      44,00,6f,00,63,00,75,00,6d,00,65,00,6e,00,74,00,61,00,74,00,69,00,6f,00,6e,\
      00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
      1c,00,00,00,00,00,00,00,00,00,b0,00,00,00,02,00,00,00,a2,00,00,00,41,75,67,\
      4d,02,00,00,00,01,00,00,00,90,00,32,00,95,02,00,00,89,3a,70,7a,20,00,45,56,\
      45,52,45,53,7e,32,2e,4c,4e,4b,00,00,66,00,03,00,04,00,ef,be,89,3a,70,7a,8a,\
      3a,1a,91,14,00,00,00,45,00,56,00,45,00,52,00,45,00,53,00,54,00,20,00,55,00,\
      6c,00,74,00,69,00,6d,00,61,00,74,00,65,00,20,00,45,00,64,00,69,00,74,00,69,\
      00,6f,00,6e,00,20,00,6f,00,6e,00,20,00,74,00,68,00,65,00,20,00,57,00,65,00,\
      62,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,\
      00,1c,00,00,00,00,00,00,00,00,00,ae,00,00,00,03,00,00,00,a0,00,00,00,41,75,\
      67,4d,02,00,00,00,01,00,00,00,8e,00,32,00,54,03,00,00,89,3a,70,7a,20,00,55,\
      4e,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,64,00,03,00,04,00,ef,be,89,3a,70,7a,\
      8a,3a,1a,91,14,00,00,00,55,00,6e,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
      00,20,00,45,00,56,00,45,00,52,00,45,00,53,00,54,00,20,00,55,00,6c,00,74,00,\
      69,00,6d,00,61,00,74,00,65,00,20,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,\
      00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
      1c,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavalys\EVEREST Ultimate Edition]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\mIRC]
    "Order"=hex:08,00,00,00,02,00,00,00,7a,02,00,00,01,00,00,00,05,00,00,00,84,\
      00,00,00,00,00,00,00,76,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,64,00,\
      32,00,11,03,00,00,cb,3a,bb,0d,20,00,49,52,43,49,4e,54,7e,31,2e,4c,4e,4b,00,\
      00,3a,00,03,00,04,00,ef,be,cb,3a,bb,0d,d2,3a,36,5f,14,00,00,00,49,00,52,00,\
      43,00,49,00,6e,00,74,00,72,00,6f,00,20,00,48,00,65,00,6c,00,70,00,2e,00,6c,\
      00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,\
      00,00,00,00,00,00,6e,00,00,00,01,00,00,00,60,00,00,00,41,75,67,4d,02,00,00,\
      00,01,00,00,00,4e,00,32,00,f9,02,00,00,cb,3a,bb,0d,20,00,6d,49,52,43,2e,6c,\
      6e,6b,00,00,28,00,03,00,04,00,ef,be,cb,3a,bb,0d,d2,3a,36,5f,14,00,00,00,6d,\
      00,49,00,52,00,43,00,2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,\
      ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00,7c,00,00,00,02,00,00,00,6e,\
      00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,32,00,f9,02,00,00,cb,3a,\
      bb,0d,20,00,4d,49,52,43,48,45,7e,31,2e,4c,4e,4b,00,00,32,00,03,00,04,00,ef,\
      be,cb,3a,bb,0d,d2,3a,36,5f,14,00,00,00,6d,00,49,00,52,00,43,00,20,00,48,00,\
      65,00,6c,00,70,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,\
      be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7e,00,00,00,03,00,00,00,70,00,\
      00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,32,00,05,03,00,00,cb,3a,bb,\
      0d,20,00,52,45,41,44,4d,45,7e,31,2e,4c,4e,4b,00,00,34,00,03,00,04,00,ef,be,\
      cb,3a,bb,0d,d2,3a,36,5f,14,00,00,00,52,00,65,00,61,00,64,00,6d,00,65,00,2e,\
      00,74,00,78,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
      ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,82,00,00,00,04,00,00,00,74,\
      00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,62,00,32,00,11,03,00,00,cb,3a,\
      bb,0d,20,00,56,45,52,53,49,4f,7e,31,2e,4c,4e,4b,00,00,38,00,03,00,04,00,ef,\
      be,cb,3a,bb,0d,d2,3a,36,5f,14,00,00,00,56,00,65,00,72,00,73,00,69,00,6f,00,\
      6e,00,73,00,2e,00,74,00,78,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,\
      00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Rad Tibia Client Server 1 - v8.40 - www.RADBR.com]
    "Order"=hex:08,00,00,00,02,00,00,00,da,00,00,00,01,00,00,00,01,00,00,00,ce,\
      00,00,00,00,00,00,00,c0,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,ae,00,\
      32,00,11,04,00,00,c9,3a,21,6e,20,00,55,4e,49,4e,53,54,7e,31,2e,4c,4e,4b,00,\
      00,84,00,03,00,04,00,ef,be,c9,3a,21,6e,d2,3a,33,5f,14,00,00,00,55,00,6e,00,\
      69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,20,00,52,00,61,00,64,00,20,00,54,\
      00,69,00,62,00,69,00,61,00,20,00,43,00,6c,00,69,00,65,00,6e,00,74,00,20,00,\
      2d,00,20,00,76,00,38,00,2e,00,34,00,30,00,20,00,2d,00,20,00,77,00,77,00,77,\
      00,2e,00,52,00,41,00,44,00,42,00,52,00,2e,00,63,00,6f,00,6d,00,2e,00,6c,00,\
      6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,\
      00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Spy Emergency 2008]
    "Order"=hex:08,00,00,00,02,00,00,00,bc,03,00,00,01,00,00,00,06,00,00,00,9c,\
      00,00,00,00,00,00,00,8e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7c,00,\
      32,00,30,03,00,00,8a,3a,48,93,20,00,44,45,53,49,4e,53,7e,31,2e,4c,4e,4b,00,\
      00,52,00,03,00,04,00,ef,be,8a,3a,48,93,8a,3a,48,93,14,00,00,00,44,00,65,00,\
      73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,61,00,72,00,20,00,53,00,70,00,79,\
      00,20,00,45,00,6d,00,65,00,72,00,67,00,65,00,6e,00,63,00,79,00,2e,00,6c,00,\
      6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,\
      00,00,00,00,00,8e,00,00,00,01,00,00,00,80,00,00,00,41,75,67,4d,02,00,00,00,\
      01,00,00,00,6e,00,32,00,44,03,00,00,8a,3a,48,93,20,00,53,50,59,45,4d,45,7e,\
      31,2e,4c,4e,4b,00,00,44,00,03,00,04,00,ef,be,8a,3a,48,93,8a,3a,48,93,14,00,\
      00,00,53,00,70,00,79,00,20,00,45,00,6d,00,65,00,72,00,67,00,65,00,6e,00,63,\
      00,79,00,20,00,32,00,30,00,30,00,38,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,\
      0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,a2,00,00,\
      00,02,00,00,00,94,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,82,00,32,00,\
      51,00,00,00,8a,3a,48,93,20,00,53,50,59,45,4d,45,7e,32,2e,55,52,4c,00,00,58,\
      00,03,00,04,00,ef,be,8a,3a,48,93,8a,3a,48,93,14,00,00,00,53,00,70,00,79,00,\
      20,00,45,00,6d,00,65,00,72,00,67,00,65,00,6e,00,63,00,79,00,20,00,32,00,30,\
      00,30,00,38,00,20,00,2d,00,20,00,43,00,6f,00,6d,00,70,00,72,00,61,00,72,00,\
      2e,00,75,00,72,00,6c,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,\
      00,00,00,00,00,00,00,00,00,9e,00,00,00,03,00,00,00,90,00,00,00,41,75,67,4d,\
      02,00,00,00,01,00,00,00,7e,00,32,00,44,03,00,00,8a,3a,48,93,20,00,53,50,59,\
      45,4d,45,7e,32,2e,4c,4e,4b,00,00,54,00,03,00,04,00,ef,be,8a,3a,48,93,8a,3a,\
      48,93,14,00,00,00,53,00,70,00,79,00,20,00,45,00,6d,00,65,00,72,00,67,00,65,\
      00,6e,00,63,00,79,00,20,00,32,00,30,00,30,00,38,00,20,00,2d,00,20,00,47,00,\
      75,00,69,00,64,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,\
      00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,a0,00,00,00,04,00,00,00,\
      92,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,80,00,32,00,24,03,00,00,8a,\
      3a,48,93,20,00,53,50,59,45,4d,45,7e,33,2e,4c,4e,4b,00,00,56,00,03,00,04,00,\
      ef,be,8a,3a,48,93,8a,3a,48,93,14,00,00,00,53,00,70,00,79,00,20,00,45,00,6d,\
      00,65,00,72,00,67,00,65,00,6e,00,63,00,79,00,20,00,32,00,30,00,30,00,38,00,\
      20,00,2d,00,20,00,4d,00,61,00,6e,00,75,00,61,00,6c,00,2e,00,6c,00,6e,00,6b,\
      00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,\
      00,00,a6,00,00,00,05,00,00,00,98,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,\
      00,86,00,32,00,36,00,00,00,8a,3a,48,93,20,00,53,50,59,45,4d,45,7e,31,2e,55,\
      52,4c,00,00,5c,00,03,00,04,00,ef,be,8a,3a,48,93,8a,3a,48,93,14,00,00,00,53,\
      00,70,00,79,00,20,00,45,00,6d,00,65,00,72,00,67,00,65,00,6e,00,63,00,79,00,\
      20,00,32,00,30,00,30,00,38,00,20,00,6e,00,61,00,20,00,49,00,6e,00,74,00,65,\
      00,72,00,6e,00,65,00,74,00,2e,00,75,00,72,00,6c,00,00,00,1c,00,0e,00,00,00,\
      0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\******** NG]
    "Order"=hex:08,00,00,00,02,00,00,00,46,02,00,00,01,00,00,00,04,00,00,00,98,\
      00,00,00,00,00,00,00,8a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,78,00,\
      32,00,81,02,00,00,33,3b,c3,89,20,00,44,45,53,49,4e,53,7e,31,2e,4c,4e,4b,00,\
      00,4e,00,03,00,04,00,ef,be,c7,3a,93,10,71,3b,91,66,14,00,00,00,44,00,65,00,\
      73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,61,00,72,00,20,00,54,00,69,00,62,\
      00,69,00,61,00,42,00,6f,00,74,00,20,00,4e,00,47,00,2e,00,6c,00,6e,00,6b,00,\
      00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
      00,80,00,00,00,01,00,00,00,72,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
      60,00,32,00,75,02,00,00,33,3b,c3,89,20,00,54,49,42,49,41,42,7e,31,2e,4c,4e,\
      4b,00,00,36,00,03,00,04,00,ef,be,c7,3a,93,10,71,3b,91,66,14,00,00,00,54,00,\
      69,00,62,00,69,00,61,00,42,00,6f,00,74,00,20,00,4e,00,47,00,2e,00,6c,00,6e,\
      00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,\
      00,00,00,00,8a,00,00,00,02,00,00,00,7c,00,00,00,41,75,67,4d,02,00,00,00,01,\
      00,00,00,6a,00,32,00,69,02,00,00,33,3b,c3,89,20,00,54,49,42,49,41,42,7e,32,\
      2e,4c,4e,4b,00,00,40,00,03,00,04,00,ef,be,c7,3a,93,10,71,3b,91,66,14,00,00,\
      00,54,00,69,00,62,00,69,00,61,00,42,00,6f,00,74,00,20,00,4e,00,47,00,20,00,\
      48,00,65,00,6c,00,70,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,\
      00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,98,00,00,00,03,00,00,00,\
      8a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,78,00,32,00,75,02,00,00,33,\
      3b,c3,89,20,00,54,49,42,49,41,42,7e,33,2e,4c,4e,4b,00,00,4e,00,03,00,04,00,\
      ef,be,c7,3a,93,10,71,3b,91,66,14,00,00,00,54,00,69,00,62,00,69,00,61,00,42,\
      00,6f,00,74,00,20,00,4e,00,47,00,20,00,6e,00,61,00,20,00,49,00,6e,00,74,00,\
      65,00,72,00,6e,00,65,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
      00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\TibiaLive]
    "Order"=hex:08,00,00,00,02,00,00,00,62,01,00,00,01,00,00,00,03,00,00,00,6e,\
      00,00,00,00,00,00,00,60,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,4e,00,\
      32,00,97,02,00,00,52,3b,3d,28,20,00,50,6c,61,79,2e,6c,6e,6b,00,00,28,00,03,\
      00,04,00,ef,be,52,3b,2f,25,70,3b,4c,40,14,00,00,00,50,00,6c,00,61,00,79,00,\
      2e,00,6c,00,6e,00,6b,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,18,\
      00,00,00,00,00,00,00,00,00,74,00,00,00,01,00,00,00,66,00,00,00,41,75,67,4d,\
      02,00,00,00,01,00,00,00,54,00,32,00,a3,02,00,00,52,3b,3d,28,20,00,52,65,61,\
      64,6d,65,2e,6c,6e,6b,00,00,2c,00,03,00,04,00,ef,be,52,3b,2f,25,70,3b,4c,40,\
      14,00,00,00,52,00,65,00,61,00,64,00,6d,00,65,00,2e,00,6c,00,6e,00,6b,00,00,\
      00,1a,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00,\
      74,00,00,00,02,00,00,00,66,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,54,\
      00,32,00,a3,02,00,00,52,3b,3d,28,20,00,52,65,63,6f,72,64,2e,6c,6e,6b,00,00,\
      2c,00,03,00,04,00,ef,be,52,3b,2f,25,70,3b,4c,40,14,00,00,00,52,00,65,00,63,\
      00,6f,00,72,00,64,00,2e,00,6c,00,6e,00,6b,00,00,00,1a,00,0e,00,00,00,0a,00,\
      ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\Documents and Settings\\Diogo\\Meus documentos\\Downloads\\AVI_ReComp_1.5.0_Setup*****"="The tool for re-encoding AVI clips"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\AviSynth_2.5.8_ARC*****"="Avisynth installer"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\Xvid_1.2.2_ARC*****"="AVI ReComp's Xvid installer"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\VobSub_2.23_ARC*****"="AVI ReComp's VobSub installer"
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
    "C:\\DOCUME~1\\Diogo\\CONFIG~1\\Temp\\IXP000.TMP\\PluginInstaller*****"="Windows Genuine Advantage validation plug-in installer"
    Última edição por Timari; 29-12-2010 às 13:42.
    /Pvp Original

    Haill Illusion

  7. #17
    Avatar de Serafan
    Registro
    06-10-2009
    Posts
    3.090
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas Repórter
    Adepto do OffColunistaEscritorCrítico
    Peso da Avaliação
    0

    Padrão

    Caro Pvp,

    Isso que dá baixar OT servers e hostea-los. Sua máquinha fica vulnerável. No seu caso o problema é vírus, trojans pra ser exato, faça uma verificação completa com o malwarebytes (encontrado no baixaki) e cole o log que será gerado após a verificação aqui no tópico em sua próxima mensagem.
    Atenciosamente,
    - Serafan.



  8. #18

    Registro
    16-09-2008
    Localização
    Lins
    Idade
    29
    Posts
    21
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas EstagiárioNewcomer
    Peso da Avaliação
    0

    Padrão

    te amo valeu
    valeu

  9. #19

    Registro
    16-11-2009
    Posts
    1
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas Newcomer
    Peso da Avaliação
    0

    Unhappy halp!

    Log
    Código:
    ComboFix 09-12-22.09 - Gutooo 23/12/2009  18:54:16.1.1 - x86
    Microsoft Windows XP Professional  5.1.2600.3.1252.55.1046.18.767.420 [GMT -2:00]
    Executando de: c:\documents and settings\Gutooo\Meus documentos\Downloads\ComboFix*****
    .
    
    ((((((((((((((((   Arquivos/Ficheiros criados de 2009-11-23 to 2009-12-23  ))))))))))))))))))))))))))))
    .
    
    2009-12-23 20:36 . 2009-12-23 20:36    --------    d-s---w-    c:\documents and settings\Gutooo\UserData
    2009-12-23 20:22 . 2009-12-23 20:22    --------    d-----w-    c:\documents and settings\Gutooo\Dados de aplicativos\TeamViewer
    2009-12-23 20:22 . 2009-12-23 20:22    --------    d-----w-    c:\documents and settings\Gutooo\temp
    2009-12-22 20:32 . 2008-05-09 10:55    180224    -c----w-    c:\windows\system32\dllcache\scrobj.dll
    2009-12-22 20:32 . 2008-05-09 10:55    90112    -c----w-    c:\windows\system32\dllcache\wshext.dll
    2009-12-22 20:32 . 2008-05-09 10:55    430080    -c----w-    c:\windows\system32\dllcache\vbscript.dll
    2009-12-22 20:32 . 2008-05-09 10:55    172032    -c----w-    c:\windows\system32\dllcache\scrrun.dll
    2009-12-22 20:32 . 2008-05-09 08:45    135168    -c----w-    c:\windows\system32\dllcache\cscript*****
    2009-12-22 20:32 . 2008-05-08 11:24    155648    -c----w-    c:\windows\system32\dllcache\************
    2009-12-22 20:29 . 2009-08-13 15:21    512000    -c----w-    c:\windows\system32\dllcache\jscript.dll
    2009-12-22 08:32 . 2009-12-22 08:32    --------    d-----w-    c:\windows\l2schemas
    2009-12-22 08:32 . 2009-12-22 08:32    --------    d-----w-    c:\windows\system32\bits
    2009-12-22 02:14 . 2009-12-22 08:26    --------    d-----w-    c:\windows\ServicePackFiles
    2009-12-22 02:10 . 2004-08-04 00:41    1041536    ------w-    c:\windows\system32\drivers\hsfdpsp2.sys
    2009-12-22 02:10 . 2004-08-04 00:41    685056    ------w-    c:\windows\system32\drivers\hsfcxts2.sys
    2009-12-22 02:10 . 2004-08-04 00:41    220032    ------w-    c:\windows\system32\drivers\hsfbs2s2.sys
    2009-12-22 00:22 . 2008-06-14 17:34    272384    -c----w-    c:\windows\system32\dllcache\bthport.sys
    2009-12-22 00:22 . 2008-06-14 17:34    272384    ------w-    c:\windows\system32\drivers\bthport.sys
    2009-12-22 00:09 . 2009-02-06 10:10    227840    -c----w-    c:\windows\system32\dllcache\wmiprvse*****
    2009-12-22 00:09 . 2009-08-05 00:57    2193408    -c----w-    c:\windows\system32\dllcache\ntoskrnl*****
    2009-12-22 00:09 . 2009-03-06 14:20    286208    -c----w-    c:\windows\system32\dllcache\pdh.dll
    2009-12-22 00:09 . 2009-02-09 11:25    111104    -c----w-    c:\windows\system32\dllcache\services*****
    2009-12-22 00:09 . 2009-02-09 10:53    401408    -c----w-    c:\windows\system32\dllcache\rpcss.dll
    2009-12-22 00:09 . 2009-02-09 10:53    473600    -c----w-    c:\windows\system32\dllcache\fastprox.dll
    2009-12-22 00:09 . 2009-02-09 10:53    683520    -c----w-    c:\windows\system32\dllcache\advapi32.dll
    2009-12-22 00:09 . 2009-06-25 08:27    732672    -c----w-    c:\windows\system32\dllcache\lsasrv.dll
    2009-12-22 00:09 . 2009-02-09 10:53    453120    -c----w-    c:\windows\system32\dllcache\wmiprvsd.dll
    2009-12-22 00:09 . 2009-02-09 10:53    730624    -c----w-    c:\windows\system32\dllcache\ntdll.dll
    2009-12-22 00:09 . 2009-08-04 17:27    2149376    -c----w-    c:\windows\system32\dllcache\ntkrnlmp*****
    2009-12-22 00:09 . 2009-08-04 17:27    2028032    -c----w-    c:\windows\system32\dllcache\ntkrpamp*****
    2009-12-22 00:03 . 2008-05-08 14:02    203136    -c----w-    c:\windows\system32\dllcache\rmcast.sys
    2009-12-21 23:51 . 2008-12-11 10:57    333952    -c----w-    c:\windows\system32\dllcache\srv.sys
    2009-12-21 23:51 . 2009-07-10 13:27    1315328    -c----w-    c:\windows\system32\dllcache\msoe.dll
    2009-12-21 23:45 . 2008-10-24 11:21    455296    -c----w-    c:\windows\system32\dllcache\mrxsmb.sys
    2009-12-21 23:42 . 2008-04-11 19:05    691712    -c----w-    c:\windows\system32\dllcache\inetcomm.dll
    2009-12-21 23:36 . 2008-10-15 16:36    337408    -c----w-    c:\windows\system32\dllcache\netapi32.dll
    2009-12-21 23:35 . 2008-04-21 21:15    216064    -c----w-    c:\windows\system32\dllcache\wordpad*****
    2009-12-21 23:31 . 2009-12-22 20:42    --------    d--h--w-    c:\windows\$hf_mig$
    2009-12-21 23:07 . 2009-08-06 21:23    274288    ----a-w-    c:\windows\system32\mucltui.dll
    2009-12-21 23:07 . 2009-08-06 21:23    215920    ----a-w-    c:\windows\system32\muweb.dll
    2009-12-21 22:16 . 2009-12-21 22:16    --------    d-----w-    c:\documents and settings\Gutooo\Dados de aplicativos\Yahoo!
    2009-12-21 22:16 . 2009-12-21 22:21    --------    d-----w-    c:\arquivos de programas\Yahoo!
    2009-12-21 22:16 . 2009-12-21 22:16    --------    d-----w-    c:\arquivos de programas\CCleaner
    2009-12-21 22:11 . 2009-12-21 22:13    --------    d-----w-    c:\documents and settings\Gutooo\Dados de aplicativos\Tibia
    2009-12-21 22:08 . 2009-12-21 22:08    --------    d-----w-    c:\arquivos de programas\Tibia
    2009-12-21 22:00 . 2009-12-21 22:00    --------    d-----w-    c:\arquivos de programas\Tibiacast
    2009-12-21 21:42 . 2004-08-04 03:45    25600    ----a-w-    c:\documents and settings\LocalService\Dados de aplicativos\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
    2009-12-20 22:25 . 2008-04-13 18:45    6272    ----a-w-    c:\windows\system32\drivers\splitter.sys
    2009-12-20 22:25 . 2008-04-13 19:17    83072    ----a-w-    c:\windows\system32\drivers\wdmaud.sys
    2009-12-20 22:25 . 2008-04-13 18:45    52864    ----a-w-    c:\windows\system32\drivers\dmusic.sys
    2009-12-20 22:25 . 2008-04-13 18:45    56576    ----a-w-    c:\windows\system32\drivers\swmidi.sys
    2009-12-20 22:25 . 2008-04-13 16:39    142592    ----a-w-    c:\windows\system32\drivers\aec.sys
    2009-12-20 22:25 . 2008-04-13 18:45    172416    ----a-w-    c:\windows\system32\drivers\kmixer.sys
    2009-12-20 22:25 . 2008-04-13 18:45    2944    ----a-w-    c:\windows\system32\drivers\drmkaud.sys
    2009-12-20 22:25 . 2008-04-13 19:15    60800    ----a-w-    c:\windows\system32\drivers\sysaudio.sys
    2009-12-20 22:25 . 2008-04-13 18:39    7552    ----a-w-    c:\windows\system32\drivers\mskssrv.sys
    2009-12-20 22:25 . 2008-04-13 18:39    4992    ----a-w-    c:\windows\system32\drivers\mspqm.sys
    2009-12-20 22:25 . 2008-04-13 18:39    5376    ----a-w-    c:\windows\system32\drivers\mspclock.sys
    2009-12-20 22:24 . 2003-02-26 18:04    370048    ----a-r-    c:\windows\system32\drivers\viaudios.sys
    2009-12-20 22:24 . 2008-04-14 02:20    4096    ----a-w-    c:\windows\system32\ksuser.dll
    2009-12-20 22:24 . 2008-04-13 19:19    146048    ----a-w-    c:\windows\system32\drivers\portcls.sys
    2009-12-20 22:24 . 2008-04-13 18:45    60160    ----a-w-    c:\windows\system32\drivers\drmk.sys
    2009-12-20 22:24 . 2009-12-20 22:24    --------    d-----w-    c:\arquivos de programas\VIA Technologies, INC
    2009-12-20 22:24 . 2003-02-26 18:04    765952    ----a-r-    c:\windows\system\crlds3d.dll
    2009-12-20 22:24 . 2003-02-26 18:04    720896    -c--a-w-    c:\windows\system32\dllcache\a3d.dll
    2009-12-20 22:24 . 2003-02-26 18:04    720896    ----a-r-    c:\windows\system32\a3d.dll
    2009-12-20 22:24 . 2002-12-16 12:19    32768    ----a-w-    c:\windows\system32\UnAudioNT.dll
    2009-12-20 22:24 . 1998-10-09 19:56    327168    ----a-w-    c:\windows\IsUn0416*****
    2009-12-20 19:05 . 2006-06-29 15:07    14048    ------w-    c:\windows\system32\spmsg2.dll
    2009-12-20 19:05 . 2009-12-22 08:32    --------    d-----w-    c:\windows\system32\pt-BR
    2009-12-20 19:01 . 2009-12-20 19:01    --------    d-----w-    c:\windows\system32\XPSViewer
    
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-12-23 16:49 . 2009-12-20 18:48    --------    d-----w-    c:\arquivos de programas\Windows Live
    2009-12-22 20:47 . 2001-10-28 18:07    80246    ----a-w-    c:\windows\system32\perfc016.dat
    2009-12-22 20:47 . 2001-10-28 18:07    473318    ----a-w-    c:\windows\system32\perfh016.dat
    2009-12-21 20:52 . 2009-12-20 18:12    86327    ----a-w-    c:\windows\pchealth\helpctr\OfflineCache\index.dat
    2009-12-20 19:01 . 2009-12-20 19:01    --------    d-----w-    c:\arquivos de programas\MSBuild
    2009-12-20 19:01 . 2009-12-20 19:01    --------    d-----w-    c:\arquivos de programas\Reference Assemblies
    2009-12-20 18:56 . 2009-12-20 18:56    --------    d-----w-    c:\arquivos de programas\MSXML 6.0
    2009-12-20 18:48 . 2009-12-20 18:48    --------    d-----w-    c:\arquivos de programas\Microsoft
    2009-12-20 18:48 . 2009-12-20 18:48    --------    d-----w-    c:\arquivos de programas\Windows Live SkyDrive
    2009-12-20 18:37 . 2009-12-20 18:37    --------    d-----w-    c:\arquivos de programas\Windows Media Connect 2
    2009-12-20 18:36 . 2009-12-20 18:36    --------    d-----w-    c:\arquivos de programas\K-Lite Codec Pack
    2009-12-20 18:35 . 2009-12-20 18:35    --------    d-----w-    c:\arquivos de programas\Arquivos comuns\Windows Live
    2009-12-20 18:14 . 2009-12-20 18:14    --------    d-----w-    c:\arquivos de programas\microsoft frontpage
    2009-12-20 18:11 . 2009-12-20 18:11    --------    d-----w-    c:\arquivos de programas\Serviços on-line
    2009-12-20 18:10 . 2009-12-20 18:10    --------    d-----w-    c:\arquivos de programas\Arquivos comuns\Serviços
    2009-12-20 18:09 . 2009-12-20 18:09    21844    ----a-w-    c:\windows\system32\emptyregdb.dat
    2009-10-29 05:25 . 2004-08-04 03:45    669184    ----a-w-    c:\windows\system32\wininet.dll
    2009-10-21 05:39 . 2004-08-04 03:45    75776    ----a-w-    c:\windows\system32\strmfilt.dll
    2009-10-21 05:39 . 2004-08-04 03:45    25088    ----a-w-    c:\windows\system32\httpapi.dll
    2009-10-20 16:20 . 2004-08-04 02:00    265728    ----a-w-    c:\windows\system32\drivers\http.sys
    2009-10-13 10:34 . 2004-08-04 03:45    271360    ----a-w-    c:\windows\system32\oakley.dll
    2009-10-12 13:39 . 2004-08-04 03:45    150016    ----a-w-    c:\windows\system32\rastls.dll
    2009-10-12 13:39 . 2004-08-04 03:45    79872    ----a-w-    c:\windows\system32\raschap.dll
    2009-09-25 05:36 . 2004-08-04 03:45    81920    ----a-w-    c:\windows\system32\ieencode.dll
    .
    
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por defeito não são mostradas. 
    REGEDIT4
    
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr*****" [2009-07-26 3883840]
    "MSMSGS"="c:\arquivos de programas\Messenger\msmsgs*****" [2008-04-14 1695232]
    
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON*****"="c:\windows\system32\CTFMON*****" [2008-04-14 15360]
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr*****"=
    "c:\\Arquivos de programas\\Messenger\\msmsgs*****"=
    "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk*****"=
    "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr*****"=
    "%windir%\\Network Diagnostic\\xpnetdiag*****"=
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "1863:UDP"= 1863:UDP:msnmsgr
    
    .
    ------- Scan Suplementar -------
    .
    uStart Page = hxxp://www.centralexpert.net/
    .
    
    **************************************************************************
    
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-23 18:58
    Windows 5.1.2600 Service Pack 3 NTFS
    
    Procurando processos ocultos ... 
    
    Procurando entradas auto inicializáveis ocultas ... 
    
    Procurando ficheiros/arquivos ocultos ... 
    
    Varredura completada com sucesso
    arquivos/ficheiros ocultos: 0
    
    **************************************************************************
    .
    --------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
    
    - - - - - - - > 'explorer*****'(832)
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Tempo para conclusão: 2009-12-23  19:00:56
    ComboFix-quarantined-files.txt  2009-12-23 21:00
    
    Pré-execução: 5 pasta(s) 10.881.798.144 bytes disponíveis
    Pós execução: 6 pasta(s) 10.948.034.560 bytes disponíveis
    
    WindowsXP-KB310994-SP2-Pro-BootDisk-PTG*****
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
    
    - - End Of File - - ECAF1FA6F234984E536207148955177E
    Última edição por Timari; 29-12-2010 às 13:44. Razão: Melhorando formatação.

  10. #20
    Avatar de anciet dragon
    Registro
    28-12-2006
    Idade
    27
    Posts
    608
    Conquistas / PrêmiosAtividadeCurtidas / Tagging InfoPersonagem - TibiaPersonagem - TibiaME
    Conquistas CríticoDebatedorEstagiárioMain Citizen
    Peso da Avaliação
    0

    Padrão

    Código:
    ComboFix 09-12-30.01 - NEWTONALMEIDA 31/12/2009   2:01.1.2 - x86
    Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.55.1033.18.1982.1269 [GMT -2:00]
    Executando de: c:\users\NEWTONALMEIDA\Downloads\ComboFix*****
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .
    
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    
    c:\$recycle.bin\S-1-5-21-3102239989-1682233996-76167453-500
    c:\$recycle.bin\S-1-5-21-3599374952-3106861771-1934837511-500
    c:\program files\ActivationManager
    c:\program files\ActivationManager\Uninstall*****
    c:\program files\ADSTechnology
    c:\program files\ADSTechnology\Uninstall*****
    c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
    c:\programdata\Microsoft\Windows\Start Menu\Programs\ADSTechnology
    c:\programdata\Microsoft\Windows\Start Menu\Programs\ADSTechnology\ADSTechnology.lnk
    c:\programdata\Microsoft\Windows\Start Menu\Programs\ADSTechnology\Uninstall.lnk
    c:\windows\Downloaded Program Files\poPCaploader.dll
    c:\windows\Downloaded Program Files\popcaploader.inf
    c:\windows\system32\SIntf16.dll
    
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2009-11-28 to 2009-12-31  ))))))))))))))))))))))))))))
    .
    
    2009-12-31 04:17 . 2009-12-31 04:18    --------    d-----w-    c:\users\NEWTONALMEIDA\AppData\Local\temp
    2009-12-31 04:17 . 2009-12-31 04:17    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2009-12-30 20:34 . 2009-06-30 11:37    28552    ----a-w-    c:\windows\system32\drivers\pavboot.sys
    2009-12-30 20:32 . 2009-12-30 20:32    --------    d-----w-    c:\program files\Panda Security
    2009-12-30 04:20 . 2009-12-30 04:26    --------    d-----w-    c:\program files\******** NG
    2009-12-20 10:43 . 2009-12-20 10:42    2065688    ----a-w-    c:\programdata\avg8\update\backup\avgcorex.dll
    2009-12-10 03:11 . 2009-11-09 12:31    24064    ----a-w-    c:\windows\system32\nshhttp.dll
    2009-12-10 03:11 . 2009-11-09 10:36    411648    ----a-w-    c:\windows\system32\drivers\http.sys
    2009-12-10 03:11 . 2009-11-09 12:30    30720    ----a-w-    c:\windows\system32\httpapi.dll
    2009-12-09 19:04 . 2009-12-09 19:04    --------    d-----w-    C:\Level Up! Games
    2009-12-09 14:45 . 2009-10-07 11:36    243712    ----a-w-    c:\windows\system32\rastls.dll
    2009-12-09 14:45 . 2009-08-24 11:36    377344    ----a-w-    c:\windows\system32\winhttp.dll
    
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-12-31 03:53 . 2009-07-18 16:20    34677    ---ha-w-    C:\os503778.bin
    2009-12-30 21:39 . 2008-11-05 00:23    --------    d-----w-    c:\program files\Warcraft III
    2009-12-30 00:17 . 2008-07-05 00:43    --------    d---a-w-    c:\program files\Tibia
    2009-12-24 19:47 . 2009-02-16 14:35    28599    ----a-w-    c:\programdata\nvModes.dat
    2009-12-20 17:02 . 2007-11-24 23:14    --------    d-----w-    c:\program files\Google
    2009-12-18 02:09 . 2009-01-08 00:23    --------    d-----w-    c:\users\NEWTONALMEIDA\AppData\Roaming\Skype
    2009-12-18 02:08 . 2009-01-08 00:25    --------    d-----w-    c:\users\NEWTONALMEIDA\AppData\Roaming\skypePM
    2009-12-10 11:30 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
    2009-12-10 03:11 . 2007-08-04 10:35    --------    d-----w-    c:\programdata\Microsoft Help
    2009-11-21 06:40 . 2009-12-09 15:20    916480    ----a-w-    c:\windows\system32\wininet.dll
    2009-11-21 06:34 . 2009-12-09 15:20    109056    ----a-w-    c:\windows\system32\iesysprep.dll
    2009-11-21 06:34 . 2009-12-09 15:20    71680    ----a-w-    c:\windows\system32\iesetup.dll
    2009-11-21 04:59 . 2009-12-09 15:20    133632    ----a-w-    c:\windows\system32\ieUnatt*****
    2009-11-19 15:59 . 2007-12-29 06:42    680    ----a-w-    c:\users\NEWTONALMEIDA\AppData\Local\d3d9caps.dat
    2009-11-18 01:43 . 2007-12-23 11:23    --------    d-----w-    c:\users\NEWTONALMEIDA\AppData\Roaming\LimeWire
    2009-11-14 11:46 . 2008-08-04 19:14    --------    d-----w-    c:\programdata\avg8
    2009-11-12 12:23 . 2009-11-10 23:10    --------    d-----w-    c:\program files\Microsoft Silverlight
    2009-11-10 23:10 . 2009-11-10 23:01    --------    d-----w-    c:\program files\Microsoft
    2009-11-10 23:10 . 2007-11-24 12:08    --------    d-----w-    c:\program files\Windows Live
    2009-11-10 23:10 . 2007-11-24 12:20    --------    d-----w-    c:\program files\Windows Live Toolbar
    2009-11-10 23:09 . 2009-11-10 23:09    --------    d-----w-    c:\program files\Microsoft Sync Framework
    2009-11-10 23:04 . 2009-11-10 23:04    --------    d-----w-    c:\program files\Microsoft SQL Server Compact Edition
    2009-11-10 23:01 . 2009-11-10 23:01    --------    d-----w-    c:\program files\Windows Live SkyDrive
    2009-11-10 22:38 . 2009-11-10 22:38    --------    d-----w-    c:\program files\Common Files\Windows Live
    2009-11-02 22:42 . 2009-10-02 22:54    195456    ------w-    c:\windows\system32\MpSigStub*****
    2009-11-02 03:41 . 2009-11-02 03:41    --------    d-----w-    c:\program files\Haali
    2009-11-01 05:16 . 2009-11-01 05:16    --------    d-----w-    c:\program files\Windows Portable Devices
    2009-11-01 05:16 . 2006-11-02 10:25    665600    ----a-w-    c:\windows\inf\drvindex.dat
    2009-11-01 05:15 . 2009-11-01 05:15    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
    2009-10-29 09:17 . 2009-11-26 01:53    2048    ----a-w-    c:\windows\system32\tzres.dll
    2009-10-13 01:57 . 2009-10-13 01:58    286720    ----a-w-    c:\windows\iun506*****
    2009-10-12 05:10 . 2009-10-12 05:10    101    ----a-w-    c:\users\NEWTONALMEIDA\AppData\Local\fusioncache.dat
    2009-10-08 21:08 . 2009-11-01 05:01    234496    ----a-w-    c:\windows\system32\oleacc.dll
    2009-10-08 21:08 . 2009-11-01 05:01    555520    ----a-w-    c:\windows\system32\UIAutomationCore.dll
    2009-10-08 21:07 . 2009-11-01 05:01    4096    ----a-w-    c:\windows\system32\oleaccrc.dll
    .
    
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por defeito não são mostradas. 
    REGEDIT4
    
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]
    "{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2009-06-11 66912]
    "{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL" [2008-08-04 57344]
    
    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
    
    [HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
    
    [HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]
    
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
    2009-06-11 03:27    66912    ----a-w-    c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
    2009-09-02 14:58    1107200    ----a-w-    c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
    
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    2009-05-19 16:37    1144712    ----a-w-    c:\program files\Ask.com\GenericAskToolbar.dll
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-19 1144712]
    
    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
    
    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar*****" [2009-04-11 1233920]
    "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel*****" [2007-04-19 484904]
    "HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor*****" [2007-03-20 1773568]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr*****" [2009-07-26 3883840]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer*****" [2009-03-05 2260480]
    "ehTray*****"="c:\windows\ehome\ehTray*****" [2008-01-19 125952]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG*****" [2008-01-19 202240]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui*****" [2008-01-19 1008184]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh*****" [2007-01-13 827392]
    "QPService"="c:\program files\HP\QuickPlay\QPService*****" [2007-04-24 176128]
    "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl*****" [2007-02-13 159744]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler*****" [2007-03-12 50696]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain*****" [2007-03-01 472776]
    "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg*****" [2007-01-10 317128]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched*****" [2007-12-31 180269]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray*****" [2009-12-20 2043160]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier*****" [2008-07-22 116040]
    "QuickTime Task"="c:\program files\QuickTime\QTTask*****" [2008-05-27 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper*****" [2008-07-30 289064]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl*****" [2008-06-12 34672]
    "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr*****" [2003-12-22 241664]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2*****" [2007-05-08 54840]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint*****" [2007-08-31 1037736]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\windows\SMINST\launcher*****" [2006-11-08 44128]
    
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Vongo Tray.lnk - c:\windows\Installer\{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}\NewShortcut2_DB7E00C96DEF489A8112D8F81614F45A***** [2007-8-4 53248]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"
    
    [HKLM\~\startupfolder\C:^Users^NEWTONALMEIDA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
    path=c:\users\NEWTONALMEIDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
    backupExtension=.Startup
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2007-08-04 11:36    77824    ----a-w-    c:\program files\Java\jre1.6.0\bin\jusched*****
    
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):ad,94,86,23,ef,19,ca,01
    
    R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [30/12/2009 18:34 28552]
    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [04/08/2008 17:19 335240]
    R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [03/02/2009 17:22 108552]
    R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc***** [23/06/2009 18:42 908056]
    R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc***** [23/06/2009 18:42 297752]
    R2 LiveTurbineMessageService;Turbine Message Service - Live;c:\program files\Turbine\Turbine Download Manager\TurbineMessageService***** [12/10/2009 02:24 267760]
    S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [26/12/2007 17:51 715248]
    S2 gupdate1ca09a1908fd57a;Google Update Service (gupdate1ca09a1908fd57a);c:\program files\Google\Update\GoogleUpdate***** [20/07/2009 23:21 133104]
    S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost***** -k LocalServiceAndNoImpersonation [20/09/2008 01:42 21504]
    S3 LiveTurbineNetworkService;Turbine Network Service - Live;"c:\program files\Turbine\Turbine Download Manager\TurbineNetworkService*****" --> c:\program files\Turbine\Turbine Download Manager\TurbineNetworkService***** [?]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
    
    --- =Outros Serviços/Drivers Na Memória ---
    
    *NewlyCreated* - PAVBOOT
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
    
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2007-04-19 20:23    452136    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce*****
    .
    Conteúdo da pasta 'Tarefas Agendadas'
    
    2009-12-31 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService***** [2007-11-24 01:18]
    
    2009-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate***** [2009-07-21 01:21]
    
    2009-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate***** [2009-07-21 01:21]
    
    2009-12-28 c:\windows\Tasks\HPCeeScheduleForNEWTONALMEIDA.job
    - c:\program files\hewlett-packard\sdp\ceement\HPCEE***** [2007-08-04 21:23]
    
    2009-12-30 c:\windows\Tasks\User_Feed_Synchronization-{D14C4F9A-1C7A-425C-85F6-7E351C5DDC4A}.job
    - c:\windows\system32\msfeedssync***** [2009-12-09 04:59]
    .
    .
    ------- Scan Suplementar -------
    .
    uStart Page = about:blank
    mStart Page = hxxp://www.yahoo.com
    IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
    IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL*****/3000
    TCP: {1E9A579B-4901-4D13-9E69-1D567F37E9F1} = 200.204.0.10 200.204.0.138
    DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
    DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} - hxxp://www.powerchallenge.com/applet/PowerLoader.cab
    FF - ProfilePath - c:\users\NEWTONALMEIDA\AppData\Roaming\Mozilla\Firefox\Profiles\cejz0yq6.default\
    FF - prefs.js: browser.startup.homepage - about:blank
    FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    
    ---- FIREFOX POLICIES ----
    c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    
    URLSearchHooks-*{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
    URLSearchHooks-*{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
    HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier*****
    HKLM-Run-Turbine Download Manager Tray Icon - c:\program files\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon*****
    AddRemove-15b35190-c6f9-11d9-9669-0800200c9a66_is1 - c:\program files\Turbine\Dungeons and Dragons Online - Eberron Unlimited\Uninstall*****
    AddRemove-62289540-dc30-11dc-95ff-0800200c9a66_is1 - c:\program files\Turbine\Turbine Download Manager\UninstallTDM*****
    AddRemove-Lunia - c:\level up! games\Lunia\uninstall*****
    AddRemove-Perfect World_is1 - c:\level up! games\Perfect World\unins000*****
    AddRemove-Tales of Pirates Online_is1 - c:\program files\Tales of Pirates Online\unins000*****
    AddRemove-The Duel_is1 - c:\level up! games\The Duel\unins000*****
    AddRemove-Cate West - The Vanishing Files Deluxe - c:\users\NEWTONALMEIDA\AppData\Local\Zylom Games\Cate West - The Vanishing Files Deluxe\GameInstlr*****
    AddRemove-Loucoserv - c:\program files\Loucoserv\Uninstal*****
    
    
    
    **************************************************************************
    
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-31 02:18
    Windows 6.0.6002 Service Pack 2 NTFS
    
    Procurando processos ocultos ... 
    
    Procurando entradas auto inicializáveis ocultas ... 
    
    Procurando ficheiros/arquivos ocultos ... 
    
    Varredura completada com sucesso
    arquivos/ficheiros ocultos: 0
    
    **************************************************************************
    
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Tempo para conclusão: 2009-12-31  02:26:28
    ComboFix-quarantined-files.txt  2009-12-31 04:26
    
    Pré-execução: 18.960.920.576 bytes free
    Pós execução: 21.716.312.064 bytes free
    
    - - End Of File - - DAC7219D781773246FD1199A8C470274
    ja possuo o ccleaner, o mawarebytes e passei ambos no meu pc e ainda n consigo acessar o meu char nem o tibia.com, se possivel gostaria de saber como desativar meu antivirus??

    [refiz os logs e postei novamente]

    Publicidade:
    Última edição por Timari; 29-12-2010 às 13:45. Razão: Melhorando formatação.
    extensao de sign
    http://forums.tibiabr.com/showthread...39#post4125639
    n consigo colocar como codigo html na sign :eek:
    se alguem em olympa tiver alguma bp de cidades premium ou as bps de monstros sobrando favor enviar para: Leozs of Olympa de preferencia na cidade de Carlin (nada de especial, apenas para colecionar)
    listarei as que faltam para a minha coleção:
    brocade bp, crown bp, demon bp, golden bp, lizard bp, minotaur bp, moon bp, pirate bp, santa bp, yellow bp
    se alguem tiver alguma dessas bps favor me enviar



Tópicos Similares

  1. Tecnologia | Problemas com sites da Glogo que estão sendo redirecionados
    Por Cardoso no fórum Fora do Tibia - Off Topic
    Respostas: 8
    Último Post: 21-05-2013, 16:01
  2. Taverna | Procon Libera lista de sites não confiáveis de compra.
    Por Andrew_ no fórum Fora do Tibia - Off Topic
    Respostas: 5
    Último Post: 24-04-2013, 03:03
  3. [Artigo Oficial] 50 respostas dos product managers
    Por Anderslash no fórum Matérias TibiaBR
    Respostas: 199
    Último Post: 27-06-2010, 21:41
  4. Problemas e mais problemas......
    Por Angus Young no fórum Tibia Geral
    Respostas: 2
    Último Post: 30-12-2004, 00:08

Permissões de Postagem

  • Você não pode iniciar novos tópicos
  • Você não pode enviar respostas
  • Você não pode enviar anexos
  • Você não pode editar suas mensagens
  •