Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Norman Malware Cleaner
Copyright © 1990 - 2008, Norman ASA. Built 2009/01/23 05:50:27
Norman Scanner Engine Version: 5.93.01
Nvcbin.def Version: 5.93.00, Date: 2009/01/23 05:50:27, Variants: 2614638
Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Professional 5.1.2600 Service Pack 3
Logged on user: CASA-4B2D312D8D\Administrador
Set registry value: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "userinit.exe," -> "C:\WINDOWS\System32\userinit.exe,"
Removed hosts entry: 0.0.0.0 gtcc1.acecounter.com
Removed hosts entry: 0.0.0.0 gtp1.acecounter.com
Removed hosts entry: 0.0.0.0 acestats.com
Removed hosts entry: 0.0.0.0 www.acestats.com
Removed hosts entry: 0.0.0.0 www.activesearch.com
Removed hosts entry: 0.0.0.0 actualnames.com
Removed hosts entry: 0.0.0.0 www.actualnames.com
Removed hosts entry: 0.0.0.0 ad-up.com
Removed hosts entry: 0.0.0.0 www.ad-up.com
Removed hosts entry: 0.0.0.0 adatom.com
Removed hosts entry: 0.0.0.0 aesp.adatom.com
Removed hosts entry: 0.0.0.0 adbest.com
Removed hosts entry: 0.0.0.0 www.adcipta.net
Removed hosts entry: 0.0.0.0 adserv.adbonus.com
Removed hosts entry: 0.0.0.0 www.adbonus.com
Removed hosts entry: 0.0.0.0 media.adcentriconline.com
Removed hosts entry: 0.0.0.0 ad2.adcept.net
Removed hosts entry: 0.0.0.0 ad3.adcept.net
Removed hosts entry: 0.0.0.0 www.adcept.net
Removed hosts entry: 0.0.0.0 adcomplete.com
Removed hosts entry: 0.0.0.0 www.adcomplete.com
Removed hosts entry: 0.0.0.0 ads.adcorps.com
Removed hosts entry: 0.0.0.0 ads2.adcorps.com
Removed hosts entry: 0.0.0.0 ads.addynamix.com
Removed hosts entry: 0.0.0.0 pt.server1.adexit.com
Removed hosts entry: 0.0.0.0 www.adexit.com
Removed hosts entry: 0.0.0.0 www.ad4ever.com
Removed hosts entry: 0.0.0.0 ssl3.adhost.com
Removed hosts entry: 0.0.0.0 www2.adhost.com
Removed hosts entry: 0.0.0.0 www.addme.com
Removed hosts entry: 0.0.0.0 adsvr.adknowledge.com
Removed hosts entry: 0.0.0.0 web.adknowledge.com
Removed hosts entry: 0.0.0.0 te.adlandpro.com
Removed hosts entry: 0.0.0.0 ad.adlegend.com
Removed hosts entry: 0.0.0.0 media.adlegend.com
Removed hosts entry: 0.0.0.0 www.adminder.com
Removed hosts entry: 0.0.0.0 adsfac.net
Removed hosts entry: 0.0.0.0 www.adonweb.com
Removed hosts entry: 0.0.0.0 adreactor.com
Removed hosts entry: 0.0.0.0 adserver.adreactor.com
Removed hosts entry: 0.0.0.0 www.adrelevance.com
Removed hosts entry: 0.0.0.0 media.adrevolver.com
Removed hosts entry: 0.0.0.0 track.adrevolver.com
Removed hosts entry: 0.0.0.0 serv.ad-rotator.com
Removed hosts entry: 0.0.0.0 serv2.ad-rotator.com
Removed hosts entry: 0.0.0.0 livelines.ads365.com
Removed hosts entry: 0.0.0.0 www.ads365.com
Removed hosts entry: 0.0.0.0 ads.adsag.com
Removed hosts entry: 0.0.0.0 di.adsag.com
Removed hosts entry: 0.0.0.0 img.adsag.com
Removed hosts entry: 0.0.0.0 adserv.com
Removed hosts entry: 0.0.0.0 www.adserv.com
Removed hosts entry: 0.0.0.0 adsincontext.com
Removed hosts entry: 0.0.0.0 adserver.adsincontext.com
Removed hosts entry: 0.0.0.0 www.adsincontext.com
Removed hosts entry: 0.0.0.0 37.adsonar.com
Removed hosts entry: 0.0.0.0 ads.adsonar.com
Removed hosts entry: 0.0.0.0 js.adsonar.com
Removed hosts entry: 0.0.0.0 downldcl.adtoolsinc.com
Removed hosts entry: 0.0.0.0 www.adtoolsinc.com
Removed hosts entry: 0.0.0.0 www.adtrader.com
Removed hosts entry: 0.0.0.0 survey.advantageresearch.com
Removed hosts entry: 0.0.0.0 ads.advertise.net
Removed hosts entry: 0.0.0.0 advertisingvision.com
Removed hosts entry: 0.0.0.0 www.advertisingvision.com
Removed hosts entry: 0.0.0.0 adpowerzone.advertserve.com
Removed hosts entry: 0.0.0.0 adviva.com
Removed hosts entry: 0.0.0.0 www.adviva.com
Removed hosts entry: 0.0.0.0 ads.adviva.net
Removed hosts entry: 0.0.0.0 adstats.adviva.net
Removed hosts entry: 0.0.0.0 tracker.affistats.com
Removed hosts entry: 0.0.0.0 banners.affiliatefuel.com
Removed hosts entry: 0.0.0.0 www.affiliatefuel.com
Removed hosts entry: 0.0.0.0 affiliatetarget.com
Removed hosts entry: 0.0.0.0 www.affiliatetarget.com
Removed hosts entry: 0.0.0.0 fcds.affiliatetracking.net
Removed hosts entry: 0.0.0.0 our.affiliatetracking.net
Removed hosts entry: 0.0.0.0 www.affiliatetracking.net
Removed hosts entry: 0.0.0.0 www.affiliatetracking.com
Removed hosts entry: 0.0.0.0 aams1.aim4media.com
Removed hosts entry: 0.0.0.0 adcodes.aim4media.com
Removed hosts entry: 0.0.0.0 adserver.aim4media.com
Removed hosts entry: 0.0.0.0 adtest.aim4media.com
Removed hosts entry: 0.0.0.0 artwork.aim4media.com
Removed hosts entry: 0.0.0.0 pops.aim4media.com
Removed hosts entry: 0.0.0.0 www.aim4media.com
Removed hosts entry: 0.0.0.0 download.alexa.com
Removed hosts entry: 0.0.0.0 www.allthatsearch.com
Removed hosts entry: 0.0.0.0 v8.alwaysupdatednews.com
Removed hosts entry: 0.0.0.0 www.alwaysupdatednews.com
Removed hosts entry: 0.0.0.0 ads.as4x.tmcs.akadns.net
Removed hosts entry: 0.0.0.0 bantam.ai.net
Removed hosts entry: 0.0.0.0 fiona.ai.net
Removed hosts entry: 0.0.0.0 www.amazingcounters.com
Removed hosts entry: 0.0.0.0 ads.amazingmedia.com
Removed hosts entry: 0.0.0.0 adserver04.ancestry.com
Removed hosts entry: 0.0.0.0 search.antarasystems.com
Removed hosts entry: 0.0.0.0 www.antarasystems.com
Removed hosts entry: 0.0.0.0 ads.antionline.com
Removed hosts entry: 0.0.0.0 junior.apk.net
Removed hosts entry: 0.0.0.0 banner.arttoday.com
Removed hosts entry: 0.0.0.0 asimpleinternet.com
Removed hosts entry: 0.0.0.0 www.asimpleinternet.com
Removed hosts entry: 0.0.0.0 ads.aspalliance.com
Removed hosts entry: 0.0.0.0 dist.atlas-ia.com
Removed hosts entry: 0.0.0.0 www.atlas-ia.com
Removed hosts entry: 0.0.0.0 te.audiencematch.net
Removed hosts entry: 0.0.0.0 audiogalaxy.com
Removed hosts entry: 0.0.0.0 www.audiogalaxy.com
Removed hosts entry: 0.0.0.0 adserving.autotrader.com
Removed hosts entry: 0.0.0.0 cploving.awmhost.net
Removed hosts entry: 0.0.0.0 bar.baidu.com
Removed hosts entry: 0.0.0.0 www.banner-mania.com
Removed hosts entry: 0.0.0.0 www.bannerspace.com
Removed hosts entry: 0.0.0.0 www2.bannerspace.com
Removed hosts entry: 0.0.0.0 www3.bannerspace.com
Removed hosts entry: 0.0.0.0 www5.bannerspace.com
Removed hosts entry: 0.0.0.0 www6.bannerspace.com
Removed hosts entry: 0.0.0.0 www7.bannerspace.com
Removed hosts entry: 0.0.0.0 bannerswap.com
Removed hosts entry: 0.0.0.0 www.bannerswap.com
Removed hosts entry: 0.0.0.0 media.baventures.com
Removed hosts entry: 0.0.0.0 ads.betanews.com
Removed hosts entry: 0.0.0.0 ads.bidclix.com
Removed hosts entry: 0.0.0.0 www.bidclix.com
Removed hosts entry: 0.0.0.0 bidclix.net
Removed hosts entry: 0.0.0.0 www.bidclix.net
Removed hosts entry: 0.0.0.0 bigtracker.com
Removed hosts entry: 0.0.0.0 bighits.net
Removed hosts entry: 0.0.0.0 bigticker.bighits.net
Removed hosts entry: 0.0.0.0 bounty.bighits.net
Removed hosts entry: 0.0.0.0 www.bighits.net
Removed hosts entry: 0.0.0.0 download.bigwebportal.com
Removed hosts entry: 0.0.0.0 www.bigwebportal.com
Removed hosts entry: 0.0.0.0 counter.bizland.com
Removed hosts entry: 0.0.0.0 webads.bizservers.com
Removed hosts entry: 0.0.0.0 www.blacklogic.net
Removed hosts entry: 0.0.0.0 www.blazehits.net
Removed hosts entry: 0.0.0.0 cluster.blingblingcontent.com
Removed hosts entry: 0.0.0.0 gb.blingblingcontent.com
Removed hosts entry: 0.0.0.0 s7.blingblingcontent.com
Removed hosts entry: 0.0.0.0 weblog.blogads.com
Removed hosts entry: 0.0.0.0 images.blogads.com
Removed hosts entry: 0.0.0.0 images2.blogads.com
Removed hosts entry: 0.0.0.0 proxy.blogads.com
Removed hosts entry: 0.0.0.0 www.blogads.com
Removed hosts entry: 0.0.0.0 bookedspace.com
Removed hosts entry: 0.0.0.0 www.bookedspace.com
Removed hosts entry: 0.0.0.0 citi.bridgetrack.com
Removed hosts entry: 0.0.0.0 rccl.bridgetrack.com
Removed hosts entry: 0.0.0.0 www.browserplugin.com
Removed hosts entry: 0.0.0.0 install.browsertoolbar.com
Removed hosts entry: 0.0.0.0 www2.browsertoolbar.com
Removed hosts entry: 0.0.0.0 www.browsertoolbar.com
Removed hosts entry: 0.0.0.0 redemption.bullseye-media.net
Removed hosts entry: 0.0.0.0 users.bullseye-media.net
Removed hosts entry: 0.0.0.0 www.bullseye-media.net
Removed hosts entry: 0.0.0.0 www.buildtraffic.com
Removed hosts entry: 0.0.0.0 buy-traffic.net
Removed hosts entry: 0.0.0.0 www.cashventure.com
Removed hosts entry: 0.0.0.0 casino-on-net.com
Removed hosts entry: 0.0.0.0 java2.casino-on-net.com
Removed hosts entry: 0.0.0.0 www.casino-on-net.com
Removed hosts entry: 0.0.0.0 deliver.castads.com
Removed hosts entry: 0.0.0.0 images.castads.com
Removed hosts entry: 0.0.0.0 serve.castads.com
Removed hosts entry: 0.0.0.0 www.care2.com
Removed hosts entry: 0.0.0.0 ads.cars.com
Removed hosts entry: 0.0.0.0 ads.cdfreaks.com
Removed hosts entry: 0.0.0.0 cellaphone.net
Removed hosts entry: 0.0.0.0 www.celebritaspoglie.net
Removed hosts entry: 0.0.0.0 mds.centrport.net
Removed hosts entry: 0.0.0.0 www.cerials.net
Removed hosts entry: 0.0.0.0 abc.checkm8.com
Removed hosts entry: 0.0.0.0 web.checkm8.com
Removed hosts entry: 0.0.0.0 ad.cibleclick.com
Removed hosts entry: 0.0.0.0 www.cibleclick.com
Removed hosts entry: 0.0.0.0 classifieds1000.com
Removed hosts entry: 0.0.0.0 www.classifieds1000.com
Removed hosts entry: 0.0.0.0 clearfind.com
Removed hosts entry: 0.0.0.0 www.clearfind.com
Removed hosts entry: 0.0.0.0 ads.clickad.com
Removed hosts entry: 0.0.0.0 clickbank.net
Removed hosts entry: 0.0.0.0 hop.clickbank.net
Removed hosts entry: 0.0.0.0 zzz.clickbank.net
Removed hosts entry: 0.0.0.0 clickedyclick.com
Removed hosts entry: 0.0.0.0 click2boost.com
Removed hosts entry: 0.0.0.0 secure.click2boost.com
Removed hosts entry: 0.0.0.0 service.click2boost.com
Removed hosts entry: 0.0.0.0 www.click2boost.com
Removed hosts entry: 0.0.0.0 www.clicks2you.com
Removed hosts entry: 0.0.0.0 clicktracks.com
Removed hosts entry: 0.0.0.0 stats.clicktracks.com
Removed hosts entry: 0.0.0.0 stats1.clicktracks.com
Removed hosts entry: 0.0.0.0 www.clicktracks.com
Removed hosts entry: 0.0.0.0 www.is1.clixgalore.com
Removed hosts entry: 0.0.0.0 www.clixgalore.com
Removed hosts entry: 0.0.0.0 www2.click-fr.com
Removed hosts entry: 0.0.0.0 www3.click-fr.com
Removed hosts entry: 0.0.0.0 www4.click-fr.com
Removed hosts entry: 0.0.0.0 www.clickhouse.com
Removed hosts entry: 0.0.0.0 www.clicks4u.com
Removed hosts entry: 0.0.0.0 ad1.clickhype.com
Removed hosts entry: 0.0.0.0 cfg.clipgenie.com
Removed hosts entry: 0.0.0.0 download.clipgenie.com
Removed hosts entry: 0.0.0.0 dldw.clipgenie.com
Removed hosts entry: 0.0.0.0 ss.clipgenie.com
Removed hosts entry: 0.0.0.0 www.clipgenie.com
Removed hosts entry: 0.0.0.0 banner.clubdicecasino.com
Removed hosts entry: 0.0.0.0 www.cnstats.com
Removed hosts entry: 0.0.0.0 ads.cobrad.com
Removed hosts entry: 0.0.0.0 comclick.com
Removed hosts entry: 0.0.0.0 ct2.comclick.com
Removed hosts entry: 0.0.0.0 fl01.ct2.comclick.com
Removed hosts entry: 0.0.0.0 ihm01.ct2.comclick.com
Removed hosts entry: 0.0.0.0 www.comclick.com
Removed hosts entry: 0.0.0.0 aa.connextra.com
Removed hosts entry: 0.0.0.0 bb.connextra.com
Removed hosts entry: 0.0.0.0 cc.connextra.com
Removed hosts entry: 0.0.0.0 dd.connextra.com
Removed hosts entry: 0.0.0.0 ee.connextra.com
Removed hosts entry: 0.0.0.0 ff.connextra.com
Removed hosts entry: 0.0.0.0 data.connextra.com
Removed hosts entry: 0.0.0.0 consumeralertsystem.com
Removed hosts entry: 0.0.0.0 www.thecoolbar.com
Removed hosts entry: 0.0.0.0 ads.console.net
Removed hosts entry: 0.0.0.0 www.contextuads.com
Removed hosts entry: 0.0.0.0 tag.contextweb.com
Removed hosts entry: 0.0.0.0 www1.contextweb.com
Removed hosts entry: 0.0.0.0 www2.contextweb.com
Removed hosts entry: 0.0.0.0 www3.contextweb.com
Removed hosts entry: 0.0.0.0 www4.contextweb.com
Removed hosts entry: 0.0.0.0 www5.contextweb.com
Removed hosts entry: 0.0.0.0 www6.contextweb.com
Removed hosts entry: 0.0.0.0 www7.contextweb.com
Removed hosts entry: 0.0.0.0 www8.contextweb.com
Removed hosts entry: 0.0.0.0 coolshader.com
Removed hosts entry: 0.0.0.0 c.coolshader.com
Removed hosts entry: 0.0.0.0 www.coolshader.com
Removed hosts entry: 0.0.0.0 counted.com
Removed hosts entry: 0.0.0.0 bilbo.counted.com
Removed hosts entry: 0.0.0.0 www.counted.com
Removed hosts entry: 0.0.0.0 www.counter-gratis.com
Removed hosts entry: 0.0.0.0 www.counterguide.com
Removed hosts entry: 0.0.0.0 www.counting4free.com
Removed hosts entry: 0.0.0.0 connectionzone.com
Removed hosts entry: 0.0.0.0 count.casino-trade.com
Removed hosts entry: 0.0.0.0 www.couponsandoffers.com
Removed hosts entry: 0.0.0.0 data.coremetrics.com
Removed hosts entry: 0.0.0.0 test.coremetrics.com
Removed hosts entry: 0.0.0.0 twci.coremetrics.com
Removed hosts entry: 0.0.0.0 www.crispads.com
Removed hosts entry: 0.0.0.0 ads.crosswinds.net
Removed hosts entry: 0.0.0.0 megabyte.crosswinds.net
Removed hosts entry: 0.0.0.0 cyberbounty.com
Removed hosts entry: 0.0.0.0 js.cybermonitor.com
Removed hosts entry: 0.0.0.0 stat3.cybermonitor.com
Removed hosts entry: 0.0.0.0 cytron.com
Removed hosts entry: 0.0.0.0 www.cytron.com
Removed hosts entry: 0.0.0.0 ads.date.com
Removed hosts entry: 0.0.0.0 banner.date.com
Removed hosts entry: 0.0.0.0 au.track.decideinteractive.com
Removed hosts entry: 0.0.0.0 au.link.decideinteractive.com
Removed hosts entry: 0.0.0.0 eu.link.decideinteractive.com
Removed hosts entry: 0.0.0.0 link.decideinteractive.com
Removed hosts entry: 0.0.0.0 www.decideinteractive.com
Removed hosts entry: 0.0.0.0 www.deepcom.com
Removed hosts entry: 0.0.0.0 collector.deepmetrix.com
Removed hosts entry: 0.0.0.0 geo.deepmetrix.com
Removed hosts entry: 0.0.0.0 www.deepmetrix.com
Removed hosts entry: 0.0.0.0 delta2378493.com
Removed hosts entry: 0.0.0.0 track.did-it.com
Removed hosts entry: 0.0.0.0 didtheyreadit.com
Removed hosts entry: 0.0.0.0 www.didtheyreadit.com
Removed hosts entry: 0.0.0.0 diji-realm.net
Removed hosts entry: 0.0.0.0 comm1.digits.com
Removed hosts entry: 0.0.0.0 counter.digits.com
Removed hosts entry: 0.0.0.0 direct-ip.com
Removed hosts entry: 0.0.0.0 www.direct-ip.com
Removed hosts entry: 0.0.0.0 stats.directnic.com
Removed hosts entry: 0.0.0.0 www.divago.com
Removed hosts entry: 0.0.0.0 ad.dmpi.net
Removed hosts entry: 0.0.0.0 ad2.dmpi.net
Removed hosts entry: 0.0.0.0 ad3.dmpi.net
Removed hosts entry: 0.0.0.0 ad4.dmpi.net
Removed hosts entry: 0.0.0.0 ubnm.dmpi.net
Removed hosts entry: 0.0.0.0 www.dnscaching.net
Removed hosts entry: 0.0.0.0 www.donttrip.org
Removed hosts entry: 0.0.0.0 downloadalot.com
Removed hosts entry: 0.0.0.0 get.downloadalot.com
Removed hosts entry: 0.0.0.0 www.downloadalot.com
Removed hosts entry: 0.0.0.0 www.downseek.com
Removed hosts entry: 0.0.0.0 dqmedia.net
Removed hosts entry: 0.0.0.0 drmx01.net
Removed hosts entry: 0.0.0.0 ads.drugs.com
Removed hosts entry: 0.0.0.0 www.duenow.com
Removed hosts entry: 0.0.0.0 dumpserv.com
Removed hosts entry: 0.0.0.0 gfx.dvlabs.com
Removed hosts entry: 0.0.0.0 klipads.dvlabs.com
Removed hosts entry: 0.0.0.0 e2give.com
Removed hosts entry: 0.0.0.0 www.e2give.com
Removed hosts entry: 0.0.0.0 eaglehousing.com
Removed hosts entry: 0.0.0.0 www.eaglehousing.com
Removed hosts entry: 0.0.0.0 www.eastworldnetwork.com
Removed hosts entry: 0.0.0.0 www.easywebsearch.nl
Removed hosts entry: 0.0.0.0 www.e-bannerx.com
Removed hosts entry: 0.0.0.0 easyboxhosting.com
Removed hosts entry: 0.0.0.0 www.easycounter.com
Removed hosts entry: 0.0.0.0 banners.easydns.com
Removed hosts entry: 0.0.0.0 banner.easyspace.com
Removed hosts entry: 0.0.0.0 adserv1.ebates.com
Removed hosts entry: 0.0.0.0 www.ebates.com
Removed hosts entry: 0.0.0.0 www.ek21.com
Removed hosts entry: 0.0.0.0 epeople.com
Removed hosts entry: 0.0.0.0 errorpage404.com
Removed hosts entry: 0.0.0.0 www.errorpage404.com
Removed hosts entry: 0.0.0.0 vipuk.escritorioactivo.com
Removed hosts entry: 0.0.0.0 www.escorcher.com
Removed hosts entry: 0.0.0.0 www.eshopads2.com
Removed hosts entry: 0.0.0.0 estat.com
Removed hosts entry: 0.0.0.0 perso.estat.com
Removed hosts entry: 0.0.0.0 prof.estat.com
Removed hosts entry: 0.0.0.0 www.estat.com
Removed hosts entry: 0.0.0.0 eu-adcenter.net
Removed hosts entry: 0.0.0.0 thinknyc.eu-adcenter.net
Removed hosts entry: 0.0.0.0 ugo.eu-adcenter.net
Removed hosts entry: 0.0.0.0 euro-randomizer.com
Removed hosts entry: 0.0.0.0 engage.everyone.net
Removed hosts entry: 0.0.0.0 static.everyone.net
Removed hosts entry: 0.0.0.0 www.exchangead.com
Removed hosts entry: 0.0.0.0 exitexchange.com
Removed hosts entry: 0.0.0.0 count.exitexchange.com
Removed hosts entry: 0.0.0.0 images.exitexchange.com
Removed hosts entry: 0.0.0.0 www.exitexchange.com
Removed hosts entry: 0.0.0.0 www.exchangeexit.com
Removed hosts entry: 0.0.0.0 www.exittraffic.net
Removed hosts entry: 0.0.0.0 cdn.eyewonder.com
Removed hosts entry: 0.0.0.0 www.evidence-eliminator.com
Removed hosts entry: 0.0.0.0 www.eyeget.com
Removed hosts entry: 0.0.0.0 ezcybersearch.com
Removed hosts entry: 0.0.0.0 ads.ezcybersearch.com
Removed hosts entry: 0.0.0.0 ezcybersearch.mail.everyone.net
Removed hosts entry: 0.0.0.0 www.ezcybersearch.com
Removed hosts entry: 0.0.0.0 eziin.com
Removed hosts entry: 0.0.0.0 www.eziin.com
Removed hosts entry: 0.0.0.0 fast-web-search.com
Removed hosts entry: 0.0.0.0 www.fast-web-search.com
Removed hosts entry: 0.0.0.0 www.fast2net.com
Removed hosts entry: 0.0.0.0 www.fastfind.org
Removed hosts entry: 0.0.0.0 www.fceboard.com
Removed hosts entry: 0.0.0.0 www.fightpopups.net
Removed hosts entry: 0.0.0.0 filesharingaccess.com
Removed hosts entry: 0.0.0.0 adserver.filefront.com
Removed hosts entry: 0.0.0.0 www.filemix.net
Removed hosts entry: 0.0.0.0 www.fineclicks.com
Removed hosts entry: 0.0.0.0 firstname.com
Removed hosts entry: 0.0.0.0 clicks.firstname.com
Removed hosts entry: 0.0.0.0 www.fizzlewizzle.com
Removed hosts entry: 0.0.0.0 www.flyeagles.com
Removed hosts entry: 0.0.0.0 flyinads.com
Removed hosts entry: 0.0.0.0 www.flyinads.com
Removed hosts entry: 0.0.0.0 klipmart.forbes.com
Removed hosts entry: 0.0.0.0 www.ampira.com
Removed hosts entry: 0.0.0.0 ads.fortunecity.com
Removed hosts entry: 0.0.0.0 ads.v3.com
Removed hosts entry: 0.0.0.0 www2.fortunecity.com
Removed hosts entry: 0.0.0.0 www.freedom850.com
Removed hosts entry: 0.0.0.0 ad.freefind.com
Removed hosts entry: 0.0.0.0 www.freehistorycleaner.com
Removed hosts entry: 0.0.0.0 free-stats.com
Removed hosts entry: 0.0.0.0 counters.freewebs.com
Removed hosts entry: 0.0.0.0 www.freewebsites.com
Removed hosts entry: 0.0.0.0 www.free-windows-games.com
Removed hosts entry: 0.0.0.0 ads.gamespy.com
Removed hosts entry: 0.0.0.0 adcontent.gamespy.com
Removed hosts entry: 0.0.0.0 ads.gamespyid.com
Removed hosts entry: 0.0.0.0 ad1.gamezone.com
Removed hosts entry: 0.0.0.0 server.gamyun.net
Removed hosts entry: 0.0.0.0 www.gamyun.net
Removed hosts entry: 0.0.0.0 gd.geobytes.com
Removed hosts entry: 0.0.0.0 www.geowhere.net
Removed hosts entry: 0.0.0.0 www.getsmart.com
Removed hosts entry: 0.0.0.0 bp2.getredirect.com
Removed hosts entry: 0.0.0.0 4.getredirect.com
Removed hosts entry: 0.0.0.0 www.getredirect.com
Removed hosts entry: 0.0.0.0 getupdate.com
Removed hosts entry: 0.0.0.0 dlx.getupdate.com
Removed hosts entry: 0.0.0.0 www.getupdate.com
Removed hosts entry: 0.0.0.0 gigex.com
Removed hosts entry: 0.0.0.0 media.gigex.com
Removed hosts entry: 0.0.0.0 oascentral.gigex.com
Removed hosts entry: 0.0.0.0 www.gigex.com
Removed hosts entry: 0.0.0.0 globesearch.com
Removed hosts entry: 0.0.0.0 www.globesearch.com
Removed hosts entry: 0.0.0.0 banner.goldenpalace.com
Removed hosts entry: 0.0.0.0 goldstats.net
Removed hosts entry: 0.0.0.0 www.goldstats.net
Removed hosts entry: 0.0.0.0 www.goggle.com
Removed hosts entry: 0.0.0.0 goodcounter.com
Removed hosts entry: 0.0.0.0 www.goodcounter.com
Removed hosts entry: 0.0.0.0 adincl.gopher.com
Removed hosts entry: 0.0.0.0 ads.gorillanation.com
Removed hosts entry: 0.0.0.0 adserver.gorillanation.com
Removed hosts entry: 0.0.0.0 gostats.com
Removed hosts entry: 0.0.0.0 as.gostats.com
Removed hosts entry: 0.0.0.0 c1.gostats.com
Removed hosts entry: 0.0.0.0 c2.gostats.com
Removed hosts entry: 0.0.0.0 c3.gostats.com
Removed hosts entry: 0.0.0.0 greatstartpage.com
Removed hosts entry: 0.0.0.0 www.greatstartpage.com
Removed hosts entry: 0.0.0.0 grokster.com
Removed hosts entry: 0.0.0.0 dl.grokster.com
Removed hosts entry: 0.0.0.0 www.grokster.com
Removed hosts entry: 0.0.0.0 www.g-wizzads.net
Removed hosts entry: 0.0.0.0 hao3344.com
Removed hosts entry: 0.0.0.0 www.hao3344.com
Removed hosts entry: 0.0.0.0 ad0.haynet.com
Removed hosts entry: 0.0.0.0 ads.hitcents.com
Removed hosts entry: 0.0.0.0 hits-counter.com
Removed hosts entry: 0.0.0.0 hithopper.com
Removed hosts entry: 0.0.0.0 www.hithopper.com
Removed hosts entry: 0.0.0.0 www.hitlogger.com
Removed hosts entry: 0.0.0.0 hitmodel.net
Removed hosts entry: 0.0.0.0 hit-now.com
Removed hosts entry: 0.0.0.0 hit-parade.com
Removed hosts entry: 0.0.0.0 loga.hit-parade.com
Removed hosts entry: 0.0.0.0 hitstats.net
Removed hosts entry: 0.0.0.0 www.hiwire.com
Removed hosts entry: 0.0.0.0 ads.home.net
Removed hosts entry: 0.0.0.0 anna.homeftp.net
Removed hosts entry: 0.0.0.0 counters.honesty.com
Removed hosts entry: 0.0.0.0 horse-active.net
Removed hosts entry: 0.0.0.0 www.horse-active.net
Removed hosts entry: 0.0.0.0 horse-dns.net
Removed hosts entry: 0.0.0.0 horse-search.net
Removed hosts entry: 0.0.0.0 ad2.hotels.com
Removed hosts entry: 0.0.0.0 banners.hotlinks.net
Removed hosts entry: 0.0.0.0 horseserver.net
Removed hosts entry: 0.0.0.0 www.horseserver.net
Removed hosts entry: 0.0.0.0 hotsearch.com
Removed hosts entry: 0.0.0.0 www.hotsearch.com
Removed hosts entry: 0.0.0.0 vip.huigezi.com
Removed hosts entry: 0.0.0.0 hc2.humanclick.com
Removed hosts entry: 0.0.0.0 www.humanclick.com
Removed hosts entry: 0.0.0.0 custom1.hurricanedigitalmedia.com
Removed hosts entry: 0.0.0.0 custom3.hurricanedigitalmedia.com
Removed hosts entry: 0.0.0.0 www.hypertracker.com
Removed hosts entry: 0.0.0.0 ads.iafrica.com
Removed hosts entry: 0.0.0.0 ads.iboost.com
Removed hosts entry: 0.0.0.0 www.i-clicks.net
Removed hosts entry: 0.0.0.0 hits.icdirect.com
Removed hosts entry: 0.0.0.0 hitctr01.icdirect.com
Removed hosts entry: 0.0.0.0 idolch.net
Removed hosts entry: 0.0.0.0 image-catcher.com
Removed hosts entry: 0.0.0.0 bar.iebar8.com
Removed hosts entry: 0.0.0.0 stats.surfaid.ihost.com
Removed hosts entry: 0.0.0.0 www.impregnable.net
Removed hosts entry: 0.0.0.0 stats.indextools.com
Removed hosts entry: 0.0.0.0 adserver.indieclick.com
Removed hosts entry: 0.0.0.0 campaign.indieclick.com
Removed hosts entry: 0.0.0.0 adcenter.in2.com
Removed hosts entry: 0.0.0.0 ads.inet1.com
Removed hosts entry: 0.0.0.0 ads7.inet1.com
Removed hosts entry: 0.0.0.0 juggler.inetinteractive.com
Removed hosts entry: 0.0.0.0 rotator.juggler.inetinteractive.com
Removed hosts entry: 0.0.0.0 banners.inetfast.com
Removed hosts entry: 0.0.0.0 ads.infospace.com
Removed hosts entry: 0.0.0.0 bvads.infospace.com
Removed hosts entry: 0.0.0.0 xads.infospace.com
Removed hosts entry: 0.0.0.0 ads.injersey.com
Removed hosts entry: 0.0.0.0 ads.intellicast.com
Removed hosts entry: 0.0.0.0 ads.intelihealth.com
Removed hosts entry: 0.0.0.0 ads.intermezzia.com
Removed hosts entry: 0.0.0.0 indiads.com
Removed hosts entry: 0.0.0.0 images.indiads.com
Removed hosts entry: 0.0.0.0 infostart.com
Removed hosts entry: 0.0.0.0 popups.infostart.com
Removed hosts entry: 0.0.0.0 oc.inspectorclick.com
Removed hosts entry: 0.0.0.0 trax.inspectorclick.com
Removed hosts entry: 0.0.0.0 v2.inspectorclick.com
Removed hosts entry: 0.0.0.0 v3.inspectorclick.com
Removed hosts entry: 0.0.0.0 instadia.net
Removed hosts entry: 0.0.0.0 www.instadia.net
Removed hosts entry: 0.0.0.0 instantsearch.cc
Removed hosts entry: 0.0.0.0 www.instantsearch.cc
Removed hosts entry: 0.0.0.0 www.intelli-tracker.com
Removed hosts entry: 0.0.0.0 inqwire.com
Removed hosts entry: 0.0.0.0 ww2.inqwire.com
Removed hosts entry: 0.0.0.0 www.inqwire.com
Removed hosts entry: 0.0.0.0 ads.ipowerweb.com
Removed hosts entry: 0.0.0.0 www.ipstat.com
Removed hosts entry: 0.0.0.0 adzones.ircspy.com
Removed hosts entry: 0.0.0.0 adserver1.isohunt.com
Removed hosts entry: 0.0.0.0 ads.isoftmarketing.com
Removed hosts entry: 0.0.0.0 adcycle.isoftmarketing.com
Removed hosts entry: 0.0.0.0 www.itrafficstar.com
Removed hosts entry: 0.0.0.0 www.j4sb.com
Removed hosts entry: 0.0.0.0 www.jcount.com
Removed hosts entry: 0.0.0.0 www.jellycounter.com
Removed hosts entry: 0.0.0.0 jpedownload.joltid.com
Removed hosts entry: 0.0.0.0 www.joltid.com
Removed hosts entry: 0.0.0.0 www.joyiex.com
Removed hosts entry: 0.0.0.0 kt3.kliptracker.com
Removed hosts entry: 0.0.0.0 kt4.kliptracker.com
Removed hosts entry: 0.0.0.0 www.kliptracker.com
Removed hosts entry: 0.0.0.0 ads.kmpads.com
Removed hosts entry: 0.0.0.0 koolbar.net
Removed hosts entry: 0.0.0.0 www.koolbar.net
Removed hosts entry: 0.0.0.0 kutsap.com
Removed hosts entry: 0.0.0.0 ts1.lexmark.com
Removed hosts entry: 0.0.0.0 www.lineage0.com
Removed hosts entry: 0.0.0.0 linkbuddies.com
Removed hosts entry: 0.0.0.0 banners.linkbuddies.com
Removed hosts entry: 0.0.0.0 www.linkbuddies.com
Removed hosts entry: 0.0.0.0 www.linkcounter.com
Removed hosts entry: 0.0.0.0 link4link.com
Removed hosts entry: 0.0.0.0 plus.link4link.com
Removed hosts entry: 0.0.0.0 www.links4trade.com
Removed hosts entry: 0.0.0.0 escati.linkopp.net
Removed hosts entry: 0.0.0.0 www.linkopp.net
Removed hosts entry: 0.0.0.0 linkshelper.com
Removed hosts entry: 0.0.0.0 js.livehelper.com
Removed hosts entry: 0.0.0.0 newbrowse.livehelper.com
Removed hosts entry: 0.0.0.0 www.liveperson.com
Removed hosts entry: 0.0.0.0 liveperson.net
Removed hosts entry: 0.0.0.0 sales.liveperson.net
Removed hosts entry: 0.0.0.0 server.iad.liveperson.net
Removed hosts entry: 0.0.0.0 locators.com
Removed hosts entry: 0.0.0.0 toolbar.locators.com
Removed hosts entry: 0.0.0.0 www.locators.com
Removed hosts entry: 0.0.0.0 www.lookde5.com
Removed hosts entry: 0.0.0.0 jama.lovinghost.com
Removed hosts entry: 0.0.0.0 luckyhomepage.com
Removed hosts entry: 0.0.0.0 www.luckyhomepage.com
Removed hosts entry: 0.0.0.0 www.lvip.net
Removed hosts entry: 0.0.0.0 www.lyricspy.com
Removed hosts entry: 0.0.0.0 www.madoogali.com
Removed hosts entry: 0.0.0.0 go.mailbits.com
Removed hosts entry: 0.0.0.0 mair.net
Removed hosts entry: 0.0.0.0 we.malresearch.org
Removed hosts entry: 0.0.0.0 erotic.masterstats.com
Removed hosts entry: 0.0.0.0 image.masterstats.com
Removed hosts entry: 0.0.0.0 link.masterstats.com
Removed hosts entry: 0.0.0.0 vw.masterstats.com
Removed hosts entry: 0.0.0.0 ads.affiliates.match.com
Removed hosts entry: 0.0.0.0 associmage.match.com
Removed hosts entry: 0.0.0.0 adserver.matchcraft.com
Removed hosts entry: 0.0.0.0 ads.mcafee.com
Removed hosts entry: 0.0.0.0 directads.mcafee.com
Removed hosts entry: 0.0.0.0 ads.mdchoice.com
Removed hosts entry: 0.0.0.0 ads.mediaodyssey.com
Removed hosts entry: 0.0.0.0 acvs.mediaonenetwork.net
Removed hosts entry: 0.0.0.0 acvsrv.mediaonenetwork.net
Removed hosts entry: 0.0.0.0 ads.mediaturf.net
Removed hosts entry: 0.0.0.0 exit.megago.com
Removed hosts entry: 0.0.0.0 www.megago.com
Removed hosts entry: 0.0.0.0 www.megaseek.net
Removed hosts entry: 0.0.0.0 megatds.com
Removed hosts entry: 0.0.0.0 admintds.megatds.com
Removed hosts entry: 0.0.0.0 tds.megatds.com
Removed hosts entry: 0.0.0.0 www.megatds.com
Removed hosts entry: 0.0.0.0 pubs.mgn.net
Removed hosts entry: 0.0.0.0 ads.mgnetwork.com
Removed hosts entry: 0.0.0.0 media.mgnetwork.com
Removed hosts entry: 0.0.0.0 www.mgshareware.com
Removed hosts entry: 0.0.0.0 www.mini-player.com
Removed hosts entry: 0.0.0.0 banner.missingkids.com
Removed hosts entry: 0.0.0.0 ads.mixtraffic.com
Removed hosts entry: 0.0.0.0 smile.modchipstore.com
Removed hosts entry: 0.0.0.0 ads.monster.com
Removed hosts entry: 0.0.0.0 adserver.monster.com
Removed hosts entry: 0.0.0.0 adserver.a.in.monster.com
Removed hosts entry: 0.0.0.0 ads.monstermoving.com
Removed hosts entry: 0.0.0.0 cookie.monster.com
Removed hosts entry: 0.0.0.0 mp3today.net
Removed hosts entry: 0.0.0.0 www.mp3yes.com
Removed hosts entry: 0.0.0.0 mpamexit.com
Removed hosts entry: 0.0.0.0 www.messagetag.com
Removed hosts entry: 0.0.0.0 msgtag.com
Removed hosts entry: 0.0.0.0 img.msgtag.com
Removed hosts entry: 0.0.0.0 www.msgtag.com
Removed hosts entry: 0.0.0.0 msxpsupport.com
Removed hosts entry: 0.0.0.0 www.msxpsupport.com
Removed hosts entry: 0.0.0.0 www.musicmass.com
Removed hosts entry: 0.0.0.0 www.musicsonglyrics.com
Removed hosts entry: 0.0.0.0 mvtracker.com
Removed hosts entry: 0.0.0.0 www.mvtracker.com
Removed hosts entry: 0.0.0.0 mvr3d.net
Removed hosts entry: 0.0.0.0 www.myadtrack.com
Removed hosts entry: 0.0.0.0 www.myaffiliateprogram.com
Removed hosts entry: 0.0.0.0 www.myarmory.com
Removed hosts entry: 0.0.0.0 www.myemessenger.com
Removed hosts entry: 0.0.0.0 noe.myftp.biz
Removed hosts entry: 0.0.0.0 www.mylinker.net
Removed hosts entry: 0.0.0.0 rm.myoc.com
Removed hosts entry: 0.0.0.0 myhitlogger.com
Removed hosts entry: 0.0.0.0 liveupdate.myim.cn
Removed hosts entry: 0.0.0.0 mypagefinder.com
Removed hosts entry: 0.0.0.0 auxput.myvnc.com
Removed hosts entry: 0.0.0.0 hit.namimedia.com
Removed hosts entry: 0.0.0.0 ads.nandomedia.com
Removed hosts entry: 0.0.0.0 naupoint.com
Removed hosts entry: 0.0.0.0 feed.naupoint.com
Removed hosts entry: 0.0.0.0 hp.naupoint.com
Removed hosts entry: 0.0.0.0 www.naupoint.com
Removed hosts entry: 0.0.0.0 ads.neowin.net
Removed hosts entry: 0.0.0.0 code.netbreak.com.au
Removed hosts entry: 0.0.0.0 banners.netcraft.com
Removed hosts entry: 0.0.0.0 www.netflip.com
Removed hosts entry: 0.0.0.0 money2.netfirms.com
Removed hosts entry: 0.0.0.0 partner.netmechanic.com
Removed hosts entry: 0.0.0.0 tracker.netmechanic.com
Removed hosts entry: 0.0.0.0 counter.netmore.net
Removed hosts entry: 0.0.0.0 www.netpumper.com
Removed hosts entry: 0.0.0.0 servedby.netshelter.net
Removed hosts entry: 0.0.0.0 www.network-tool.net
Removed hosts entry: 0.0.0.0 www.newsh.com
Removed hosts entry: 0.0.0.0 adq.nextag.com
Removed hosts entry: 0.0.0.0 nowbox.com
Removed hosts entry: 0.0.0.0 www.nowbox.com
Removed hosts entry: 0.0.0.0 ns2.iad1.nssrv.com
Removed hosts entry: 0.0.0.0 nugget-sales.com
Removed hosts entry: 0.0.0.0 file.obalduyam.net
Removed hosts entry: 0.0.0.0 node2.ocslab.com
Removed hosts entry: 0.0.0.0 okcounter.com
Removed hosts entry: 0.0.0.0 www.okww.net
Removed hosts entry: 0.0.0.0 stat.onestat.com
Removed hosts entry: 0.0.0.0 www.onestat.com
Removed hosts entry: 0.0.0.0 www.oneandonlynetwork.com
Removed hosts entry: 0.0.0.0 www.onseo.com
Removed hosts entry: 0.0.0.0 server1.opentracker.net
Removed hosts entry: 0.0.0.0 ccc00.opinionlab.com
Removed hosts entry: 0.0.0.0 ccc01.opinionlab.com
Removed hosts entry: 0.0.0.0 rate.opinionlab.com
Removed hosts entry: 0.0.0.0 www.opinionlab.com
Removed hosts entry: 0.0.0.0 by.optimost.com
Removed hosts entry: 0.0.0.0 banner.orb.net
Removed hosts entry: 0.0.0.0 tg-images.osdn.com
Removed hosts entry: 0.0.0.0 otx5.otxresearch.com
Removed hosts entry: 0.0.0.0 otx.ifilm.com
Removed hosts entry: 0.0.0.0 survey.otxresearch.com
Removed hosts entry: 0.0.0.0 www.otxresearch.com
Removed hosts entry: 0.0.0.0 adpopper.outblaze.com
Removed hosts entry: 0.0.0.0 adp4.us4.outblaze.com
Removed hosts entry: 0.0.0.0 adserver.hk.outblaze.com
Removed hosts entry: 0.0.0.0 adserver.us.outblaze.com
Removed hosts entry: 0.0.0.0 download2.us4.outblaze.com
Removed hosts entry: 0.0.0.0 img1.us4.outblaze.com
Removed hosts entry: 0.0.0.0 www.overpeer.com
Removed hosts entry: 0.0.0.0 www.p3marketing.com
Removed hosts entry: 0.0.0.0 click.payserve.com
Removed hosts entry: 0.0.0.0 www.pc-test.net
Removed hosts entry: 0.0.0.0 ad1.peel.com
Removed hosts entry: 0.0.0.0 ad3.peel.com
Removed hosts entry: 0.0.0.0 ads.peel.com
Removed hosts entry: 0.0.0.0 ad4.peel.com
Removed hosts entry: 0.0.0.0 ads5.peel.com
Removed hosts entry: 0.0.0.0 freeps3.peel.com
Removed hosts entry: 0.0.0.0 www.peel.com
Removed hosts entry: 0.0.0.0 www.peel.net
Removed hosts entry: 0.0.0.0 ads.pennyweb.com
Removed hosts entry: 0.0.0.0 banners.pennyweb.com
Removed hosts entry: 0.0.0.0 www.peruvianmarket.com
Removed hosts entry: 0.0.0.0 phpadsnew.com
Removed hosts entry: 0.0.0.0 www.phpadsnew.com
Removed hosts entry: 0.0.0.0 ads2.playnet.com
Removed hosts entry: 0.0.0.0 adserver.pollstar.com
Removed hosts entry: 0.0.0.0 popfind.net
Removed hosts entry: 0.0.0.0 www.pops-stop.com
Removed hosts entry: 0.0.0.0 www.popupads.com
Removed hosts entry: 0.0.0.0 www.popupad.net
Removed hosts entry: 0.0.0.0 popupblockade.com
Removed hosts entry: 0.0.0.0 www.popupblockade.com
Removed hosts entry: 0.0.0.0 popupmoney.com
Removed hosts entry: 0.0.0.0 server01.popupmoney.com
Removed hosts entry: 0.0.0.0 www.popupmoney.com
Removed hosts entry: 0.0.0.0 popadstop.com
Removed hosts entry: 0.0.0.0 www.popadstop.com
Removed hosts entry: 0.0.0.0 www2.portdetective.com
Removed hosts entry: 0.0.0.0 www.ppctracking.net
Removed hosts entry: 0.0.0.0 www.praize.com
Removed hosts entry: 0.0.0.0 www.promarketingclub.com
Removed hosts entry: 0.0.0.0 www.prtracker.com
Removed hosts entry: 0.0.0.0 www.profitzone.com
Removed hosts entry: 0.0.0.0 ads.pro-market.net
Removed hosts entry: 0.0.0.0 www.prutect.com
Removed hosts entry: 0.0.0.0 www.protectedmedia.com
Removed hosts entry: 0.0.0.0 ad.sma.punto.net
Removed hosts entry: 0.0.0.0 sma.punto.net
Removed hosts entry: 0.0.0.0 www.pureseeker.com
Removed hosts entry: 0.0.0.0 www.pwallet.com
Removed hosts entry: 0.0.0.0 questionmarket.com
Removed hosts entry: 0.0.0.0 amch.questionmarket.com
Removed hosts entry: 0.0.0.0 ch.questionmarket.com
Removed hosts entry: 0.0.0.0 survey.questionmarket.com
Removed hosts entry: 0.0.0.0 www.questionmarket.com
Removed hosts entry: 0.0.0.0 download.quickflicks.com
Removed hosts entry: 0.0.0.0 quickmetasearch.com
Removed hosts entry: 0.0.0.0 www.qq886.com
Removed hosts entry: 0.0.0.0 counter.rapidcounter.com
Removed hosts entry: 0.0.0.0 www.rapidcounter.com
Removed hosts entry: 0.0.0.0 www.autoraskrutka.ru
Removed hosts entry: 0.0.0.0 www.realclicks.com
Removed hosts entry: 0.0.0.0 ads.rediff.com
Removed hosts entry: 0.0.0.0 visit.referralware.com
Removed hosts entry: 0.0.0.0 ads.register.com
Removed hosts entry: 0.0.0.0 www.registrarads.com
Removed hosts entry: 0.0.0.0 www.relmaxtop.com
Removed hosts entry: 0.0.0.0 adservice.recon-networks.com
Removed hosts entry: 0.0.0.0 dae.responsetarget.com
Removed hosts entry: 0.0.0.0 ads.revsci.net
Removed hosts entry: 0.0.0.0 js.revsci.net
Removed hosts entry: 0.0.0.0 pix01.revsci.net
Removed hosts entry: 0.0.0.0 rightstats.com
Removed hosts entry: 0.0.0.0 www.rightstats.com
Removed hosts entry: 0.0.0.0 m.rmbclick.com
Removed hosts entry: 0.0.0.0 hits.roitracker.com
Removed hosts entry: 0.0.0.0 ad.ro2cn.com
Removed hosts entry: 0.0.0.0 judo.salon.com
Removed hosts entry: 0.0.0.0 oas.salon.com
Removed hosts entry: 0.0.0.0 www.savehits.com
Removed hosts entry: 0.0.0.0 matchnet.st.sageanalyst.net
Removed hosts entry: 0.0.0.0 st.sageanalyst.net
Removed hosts entry: 0.0.0.0 pigmailer.scarryserv.biz
Removed hosts entry: 0.0.0.0 scorpionsearch.com
Removed hosts entry: 0.0.0.0 www.scorpionsearch.com
Removed hosts entry: 0.0.0.0 www.scratchindian.com
Removed hosts entry: 0.0.0.0 adsremote.scripps.com
Removed hosts entry: 0.0.0.0 te.scripps.com
Removed hosts entry: 0.0.0.0 counter.search.bg
Removed hosts entry: 0.0.0.0 searchalot.com
Removed hosts entry: 0.0.0.0 cards.searchalot.com
Removed hosts entry: 0.0.0.0 mail.searchalot.com
Removed hosts entry: 0.0.0.0 search.searchalot.com
Removed hosts entry: 0.0.0.0 web.searchalot.com
Removed hosts entry: 0.0.0.0 www.searchalot.com
Removed hosts entry: 0.0.0.0 searchandclick.com
Removed hosts entry: 0.0.0.0 search.searchandclick.com
Removed hosts entry: 0.0.0.0 www.searchandclick.com
Removed hosts entry: 0.0.0.0 www.searchgauge.com
Removed hosts entry: 0.0.0.0 searchitquick.com
Removed hosts entry: 0.0.0.0 tb.searchitquick.com
Removed hosts entry: 0.0.0.0 www.searchitquick.com
Removed hosts entry: 0.0.0.0 www.searchmachine.com
Removed hosts entry: 0.0.0.0 searchmaid.com
Removed hosts entry: 0.0.0.0 www.searchmaid.com
Removed hosts entry: 0.0.0.0 www.searchmagnifier.com
Removed hosts entry: 0.0.0.0 searchproject.net
Removed hosts entry: 0.0.0.0 www.searchrelevancy.com
Removed hosts entry: 0.0.0.0 www.searchresult.net
Removed hosts entry: 0.0.0.0 www.search-toolbar.com
Removed hosts entry: 0.0.0.0 home.searchwords.com
Removed hosts entry: 0.0.0.0 www.searchwords.com
Removed hosts entry: 0.0.0.0 browser.secondpower.com
Removed hosts entry: 0.0.0.0 download.secondpower.com
Removed hosts entry: 0.0.0.0 www1.secondpower.com
Removed hosts entry: 0.0.0.0 www3.secondpower.com
Removed hosts entry: 0.0.0.0 www.secondpower.com
Removed hosts entry: 0.0.0.0 adserver.securityfocus.com
Removed hosts entry: 0.0.0.0 www.selfsurveys.com
Removed hosts entry: 0.0.0.0 www.seehits.com
Removed hosts entry: 0.0.0.0 www.seekmp3.com
Removed hosts entry: 0.0.0.0 www.send-safe.com
Removed hosts entry: 0.0.0.0 track.sendtraffic.com
Removed hosts entry: 0.0.0.0 www.sendtraffic.com
Removed hosts entry: 0.0.0.0 sesso.com
Removed hosts entry: 0.0.0.0 www.sesso.com
Removed hosts entry: 0.0.0.0 simplenter.com
Removed hosts entry: 0.0.0.0 www.simplenter.com
Removed hosts entry: 0.0.0.0 www.simpletoolbar.com
Removed hosts entry: 0.0.0.0 sincooweb.com
Removed hosts entry: 0.0.0.0 quasar.sitegauge.com
Removed hosts entry: 0.0.0.0 tracker.sitescout.com
Removed hosts entry: 0.0.0.0 advertpro.sitepoint.com
Removed hosts entry: 0.0.0.0 www.sitestatslive.com
Removed hosts entry: 0.0.0.0 adserver.sharewareonline.com
Removed hosts entry: 0.0.0.0 www.shockcounter.com
Removed hosts entry: 0.0.0.0 skeech.com
Removed hosts entry: 0.0.0.0 www.skeech.com
Removed hosts entry: 0.0.0.0 smart-browser.com
Removed hosts entry: 0.0.0.0 update.smart-browser.com
Removed hosts entry: 0.0.0.0 www.smart-browser.com
Removed hosts entry: 0.0.0.0 smartclicks.net
Removed hosts entry: 0.0.0.0 www.smartclicks.net
Removed hosts entry: 0.0.0.0 smarter.com
Removed hosts entry: 0.0.0.0 sidebar.smarter.com
Removed hosts entry: 0.0.0.0 www.smarter.com
Removed hosts entry: 0.0.0.0 ads.smni.com
Removed hosts entry: 0.0.0.0 static.smni.com
Removed hosts entry: 0.0.0.0 adserver.softwareonline.com
Removed hosts entry: 0.0.0.0 www1.spaex.com
Removed hosts entry: 0.0.0.0 www.spedia.net
Removed hosts entry: 0.0.0.0 www.spyarsenal.com
Removed hosts entry: 0.0.0.0 www.spysniper.net
Removed hosts entry: 0.0.0.0 www.spymoon.com
Removed hosts entry: 0.0.0.0 spyware.com
Removed hosts entry: 0.0.0.0 ss999ss.com
Removed hosts entry: 0.0.0.0 www.ssppyy.com
Removed hosts entry: 0.0.0.0 www.s-tracking.com
Removed hosts entry: 0.0.0.0 ads.starpulse.com
Removed hosts entry: 0.0.0.0 adsintl.starwave.com
Removed hosts entry: 0.0.0.0 c1.statcounter.com
Removed hosts entry: 0.0.0.0 c2.statcounter.com
Removed hosts entry: 0.0.0.0 c3.statcounter.com
Removed hosts entry: 0.0.0.0 c4.statcounter.com
Removed hosts entry: 0.0.0.0 c5.statcounter.com
Removed hosts entry: 0.0.0.0 c6.statcounter.com
Removed hosts entry: 0.0.0.0 c7.statcounter.com
Removed hosts entry: 0.0.0.0 c8.statcounter.com
Removed hosts entry: 0.0.0.0 s2.statcounter.com
Removed hosts entry: 0.0.0.0 www.statcounter.com
Removed hosts entry: 0.0.0.0 www.statomatic.com
Removed hosts entry: 0.0.0.0 statistik-gallup.net
Removed hosts entry: 0.0.0.0 stats4you.com
Removed hosts entry: 0.0.0.0 reg.stats4all.com
Removed hosts entry: 0.0.0.0 www.stats4you.com
Removed hosts entry: 0.0.0.0 statswhere.com
Removed hosts entry: 0.0.0.0 www.stickypops.com
Removed hosts entry: 0.0.0.0 www.stone122.com
Removed hosts entry: 0.0.0.0 www2.stone122.com
Removed hosts entry: 0.0.0.0 www.stone199.com
Removed hosts entry: 0.0.0.0 www.superlogy.com
Removed hosts entry: 0.0.0.0 sqwire.com
Removed hosts entry: 0.0.0.0 www.sqwire.com
Removed hosts entry: 0.0.0.0 rd1.surfernetwork.com
Removed hosts entry: 0.0.0.0 www.surfernetwork.com
Removed hosts entry: 0.0.0.0 www2.surveyfocus.com
Removed hosts entry: 0.0.0.0 www.surveynetworks.com
Removed hosts entry: 0.0.0.0 www.surveysite.com
Removed hosts entry: 0.0.0.0 www2.survey-poll.com
Removed hosts entry: 0.0.0.0 www1.sweetbar.com
Removed hosts entry: 0.0.0.0 www.sweetbar.com
Removed hosts entry: 0.0.0.0 www.symantic.com
Removed hosts entry: 0.0.0.0 adpick.switchboard.com
Removed hosts entry: 0.0.0.0 www.szadk.com
Removed hosts entry: 0.0.0.0 an.tacoda.net
Removed hosts entry: 0.0.0.0 anad.tacoda.net
Removed hosts entry: 0.0.0.0 te.tacoda.net
Removed hosts entry: 0.0.0.0 ads.tagword.com
Removed hosts entry: 0.0.0.0 ad.uk.tangozebra.com
Removed hosts entry: 0.0.0.0 srs.targetpoint.com
Removed hosts entry: 0.0.0.0 www.tenmonkey.com
Removed hosts entry: 0.0.0.0 www.textads.biz
Removed hosts entry: 0.0.0.0 theaffiliateprogram.com
Removed hosts entry: 0.0.0.0 adbot.theonion.com
Removed hosts entry: 0.0.0.0 oascentral.theonionavclub.com
Removed hosts entry: 0.0.0.0 www.thepokerclub.com
Removed hosts entry: 0.0.0.0 tnc4u.com
Removed hosts entry: 0.0.0.0 new.tnc4u.com
Removed hosts entry: 0.0.0.0 www.tnc4u.com
Removed hosts entry: 0.0.0.0 www.toilet.com
Removed hosts entry: 0.0.0.0 ad.tomshardware.com
Removed hosts entry: 0.0.0.0 tool4ame.com
Removed hosts entry: 0.0.0.0 www.toolshack.com
Removed hosts entry: 0.0.0.0 www.top-search.com
Removed hosts entry: 0.0.0.0 ad.topstat.com
Removed hosts entry: 0.0.0.0 nl.topstat.com
Removed hosts entry: 0.0.0.0 s26.topstat.com
Removed hosts entry: 0.0.0.0 xl.topstat.com
Removed hosts entry: 0.0.0.0 banners.toteme.com
Removed hosts entry: 0.0.0.0 cachebanners.toteme.com
Removed hosts entry: 0.0.0.0 ads.track-star.com
Removed hosts entry: 0.0.0.0 adserver.track-star.com
Removed hosts entry: 0.0.0.0 geo2.track-star.com
Removed hosts entry: 0.0.0.0 www.track-star.com
Removed hosts entry: 0.0.0.0 www.traffic-stock.com
Removed hosts entry: 0.0.0.0 tradeexit.com
Removed hosts entry: 0.0.0.0 www.tradeexit.com
Removed hosts entry: 0.0.0.0 ads.traderonline.com
Removed hosts entry: 0.0.0.0 trafficg.com
Removed hosts entry: 0.0.0.0 www.trafficg.com
Removed hosts entry: 0.0.0.0 www.trafficflame.com
Removed hosts entry: 0.0.0.0 trafficfile.com
Removed hosts entry: 0.0.0.0 www.trafficfile.com
Removed hosts entry: 0.0.0.0 trackyourstats.com
Removed hosts entry: 0.0.0.0 hit.traxdb.net
Removed hosts entry: 0.0.0.0 media.travelzoo.com
Removed hosts entry: 0.0.0.0 media2.travelzoo.com
Removed hosts entry: 0.0.0.0 troyanov.net
Removed hosts entry: 0.0.0.0 www.troyanov.net
Removed hosts entry: 0.0.0.0 tribalfusion.com
Removed hosts entry: 0.0.0.0 a.tribalfusion.com
Removed hosts entry: 0.0.0.0 cdn1.tribalfusion.com
Removed hosts entry: 0.0.0.0 cdn3.tribalfusion.com
Removed hosts entry: 0.0.0.0 cdn4.tribalfusion.com
Removed hosts entry: 0.0.0.0 cdn5.tribalfusion.com
Removed hosts entry: 0.0.0.0 m.tribalfusion.com
Removed hosts entry: 0.0.0.0 www.tribalfusion.com
Removed hosts entry: 0.0.0.0 www.trusttoolbar.com
Removed hosts entry: 0.0.0.0 counts.tucows.com
Removed hosts entry: 0.0.0.0 google.tucows.com
Removed hosts entry: 0.0.0.0 www.turbomemorycharger.com
Removed hosts entry: 0.0.0.0 ads.ucomics.com
Removed hosts entry: 0.0.0.0 image.ugo.com
Removed hosts entry: 0.0.0.0 mediamgr.ugo.com
Removed hosts entry: 0.0.0.0 www.ukbanners.com
Removed hosts entry: 0.0.0.0 ukstories.net
Removed hosts entry: 0.0.0.0 ultimatecounter.com
Removed hosts entry: 0.0.0.0 www.ultimatecounter.com
Removed hosts entry: 0.0.0.0 adcontroller.unicast.com
Removed hosts entry: 0.0.0.0 ads.unlimitedbanners.com
Removed hosts entry: 0.0.0.0 ads1.updated.com
Removed hosts entry: 0.0.0.0 www.updatenow.org
Removed hosts entry: 0.0.0.0 www.upgradenow.org
Removed hosts entry: 0.0.0.0 www.up-the-creek.com
Removed hosts entry: 0.0.0.0 www.upspiral.com
Removed hosts entry: 0.0.0.0 usachoice.net
Removed hosts entry: 0.0.0.0 ushuistov.net
Removed hosts entry: 0.0.0.0 beacon.valeoip.com
Removed hosts entry: 0.0.0.0 counters.vendio.com
Removed hosts entry: 0.0.0.0 www.verticlick.com
Removed hosts entry: 0.0.0.0 image.versiontracker.com
Removed hosts entry: 0.0.0.0 spinbox.versiontracker.com
Removed hosts entry: 0.0.0.0 ads.vesperexchange.com
Removed hosts entry: 0.0.0.0 www.vesperexchange.com
Removed hosts entry: 0.0.0.0 cinnam.vibrahost.com
Removed hosts entry: 0.0.0.0 vivi.vibrahost.com
Removed hosts entry: 0.0.0.0 oas.villagevoice.com
Removed hosts entry: 0.0.0.0 stat1.vipstat.com
Removed hosts entry: 0.0.0.0 banners.vipprofits.com
Removed hosts entry: 0.0.0.0 visit-link.com
Removed hosts entry: 0.0.0.0 vnp7s.net
Removed hosts entry: 0.0.0.0 www.voonda.com
Removed hosts entry: 0.0.0.0 www.vstats.net
Removed hosts entry: 0.0.0.0 ads.vnuemedia.com
Removed hosts entry: 0.0.0.0 vxiframe.biz
Removed hosts entry: 0.0.0.0 www.vxiframe.biz
Removed hosts entry: 0.0.0.0 sevenc.vze.com
Removed hosts entry: 0.0.0.0 www.w3exit.com
Removed hosts entry: 0.0.0.0 www.warezdownload.ws
Removed hosts entry: 0.0.0.0 ng3.ads.warnerbros.com
Removed hosts entry: 0.0.0.0 way4find.com
Removed hosts entry: 0.0.0.0 www.way4find.com
Removed hosts entry: 0.0.0.0 wcft.net
Removed hosts entry: 0.0.0.0 www.wcft.net
Removed hosts entry: 0.0.0.0 ads.weather.com
Removed hosts entry: 0.0.0.0 ads.webattack.com
Removed hosts entry: 0.0.0.0 webcounter.com
Removed hosts entry: 0.0.0.0 www.webcounter.com
Removed hosts entry: 0.0.0.0 banners.webmasterplan.com
Removed hosts entry: 0.0.0.0 adv.webmd.com
Removed hosts entry: 0.0.0.0 bannervip.web1000.com
Removed hosts entry: 0.0.0.0 ads.webads360.com
Removed hosts entry: 0.0.0.0 clickcash.webpower.com
Removed hosts entry: 0.0.0.0 orders.webpower.com
Removed hosts entry: 0.0.0.0 img.webring.com
Removed hosts entry: 0.0.0.0 img1.webring.com
Removed hosts entry: 0.0.0.0 web-save.net
Removed hosts entry: 0.0.0.0 ads.webshots.com
Removed hosts entry: 0.0.0.0 www.webstars2000.com
Removed hosts entry: 0.0.0.0 www.webstat.net
Removed hosts entry: 0.0.0.0 weirdontheweb.net
Removed hosts entry: 0.0.0.0 www.weirdontheweb.net
Removed hosts entry: 0.0.0.0 www.wenksdisdkjeilsow.com
Removed hosts entry: 0.0.0.0 www.wgutv.com
Removed hosts entry: 0.0.0.0 partner1.whatsfind.com
Removed hosts entry: 0.0.0.0 www.whatsfind.com
Removed hosts entry: 0.0.0.0 y0.windows-center.com
Removed hosts entry: 0.0.0.0 www.win-update.net
Removed hosts entry: 0.0.0.0 window1.com
Removed hosts entry: 0.0.0.0 ads.winhelp2002.com
Removed hosts entry: 0.0.0.0 ads.winsite.com
Removed hosts entry: 0.0.0.0 winstream.com
Removed hosts entry: 0.0.0.0 www.winstream.com
Removed hosts entry: 0.0.0.0 clicktrack.wnu.com
Removed hosts entry: 0.0.0.0 www.wowweb.net
Removed hosts entry: 0.0.0.0 www.wslm.net
Removed hosts entry: 0.0.0.0 x0x.biz
Removed hosts entry: 0.0.0.0 www.x0x.biz
Removed hosts entry: 0.0.0.0 xcounters.com
Removed hosts entry: 0.0.0.0 a.xcounters.com
Removed hosts entry: 0.0.0.0 count.xhit.com
Removed hosts entry: 0.0.0.0 xlonhcld.xlontech.net
Removed hosts entry: 0.0.0.0 hit1.xstats.com
Removed hosts entry: 0.0.0.0 view1.xstats.com
Removed hosts entry: 0.0.0.0 freegames.yaboo.dk
Removed hosts entry: 0.0.0.0 crsky2004.yeah.net
Removed hosts entry: 0.0.0.0 ysearchus.com
Removed hosts entry: 0.0.0.0 www.ysearchus.com
Removed hosts entry: 0.0.0.0 www.yuups.com
Removed hosts entry: 0.0.0.0 www.yyue.com
Removed hosts entry: 0.0.0.0 ad.zanox.com
Removed hosts entry: 0.0.0.0 www.zenotecnico.com
Removed hosts entry: 0.0.0.0 mp3.zonebg.com
Removed hosts entry: 0.0.0.0 ads.zone-media.com
Removed hosts entry: 0.0.0.0 ayb.zone-media.com
Removed hosts entry: 0.0.0.0 www.zone-media.com
Removed hosts entry: 0.0.0.0 bannerads.zwire.com
Removed hosts entry: 0.0.0.0 zxserv0.com
Removed hosts entry: 0.0.0.0 0cat.com
Removed hosts entry: 0.0.0.0 www.0cat.com
Removed hosts entry: 0.0.0.0 www.0stats.com
Removed hosts entry: 0.0.0.0 cc.1asphost.com
Removed hosts entry: 0.0.0.0 123mania.com
Removed hosts entry: 0.0.0.0 www.123mania.com
Removed hosts entry: 0.0.0.0 123stat.com
Removed hosts entry: 0.0.0.0 ad2.163.com
Removed hosts entry: 0.0.0.0 adclient.163.com
Removed hosts entry: 0.0.0.0 images.163.com
Removed hosts entry: 0.0.0.0 popme.163.com
Removed hosts entry: 0.0.0.0 smtp.163.com
Removed hosts entry: 0.0.0.0 1234.2bro.com
Removed hosts entry: 0.0.0.0 www.241hits.com
Removed hosts entry: 0.0.0.0 up.isp.2ch.net
Removed hosts entry: 0.0.0.0 pop1.2z0o.net
Removed hosts entry: 0.0.0.0 www.3d-icons.com
Removed hosts entry: 0.0.0.0 www.3241.com
Removed hosts entry: 0.0.0.0 guannan.3322.net
Removed hosts entry: 0.0.0.0 download.35mb.com
Removed hosts entry: 0.0.0.0 static.35mb.com
Removed hosts entry: 0.0.0.0 www.35mb.com
Removed hosts entry: 0.0.0.0 ct.360i.com
Removed hosts entry: 0.0.0.0 ad.37.com
Removed hosts entry: 0.0.0.0 www.40best.com
Removed hosts entry: 0.0.0.0 41m.com
Removed hosts entry: 0.0.0.0 cshacks.41m.com
Removed hosts entry: 0.0.0.0 msncheck.41m.com
Removed hosts entry: 0.0.0.0 www.41m.com
Removed hosts entry: 0.0.0.0 5sec.biz
Removed hosts entry: 0.0.0.0 5sec.org
Removed hosts entry: 0.0.0.0 10000hits.net
Removed hosts entry: 0.0.0.0 7am.com
Removed hosts entry: 0.0.0.0 www.777search.com
Removed hosts entry: 0.0.0.0 www.7000n.com
Removed hosts entry: 0.0.0.0 ajim.delphibbs.com
Removed hosts entry: 0.0.0.0 banners.4d5.net
Removed hosts entry: 0.0.0.0 banner.50megs.com
Removed hosts entry: 0.0.0.0 www.53best.com
Removed hosts entry: 0.0.0.0 www.9ringtone.com
Removed hosts entry: 0.0.0.0 www.123banners.com
Removed hosts entry: 0.0.0.0 ftp.123banners.com
Removed hosts entry: 0.0.0.0 123go.com
Removed hosts entry: 0.0.0.0 ns1.123go.net
Removed hosts entry: 0.0.0.0 n-case.com
Removed hosts entry: 0.0.0.0 www.n-case.com
Removed hosts entry: 0.0.0.0 ads.180solutions.com
Removed hosts entry: 0.0.0.0 ax.180solutions.com
Removed hosts entry: 0.0.0.0 bis.180solutions.com
Removed hosts entry: 0.0.0.0 bisads.180solutions.com
Removed hosts entry: 0.0.0.0 config.180solutions.com
Removed hosts entry: 0.0.0.0 cts.180solutions.com
Removed hosts entry: 0.0.0.0 downloads.180solutions.com
Removed hosts entry: 0.0.0.0 installs.180solutions.com
Removed hosts entry: 0.0.0.0 ping.180solutions.com
Removed hosts entry: 0.0.0.0 test-downloads.180solutions.com
Removed hosts entry: 0.0.0.0 tv.180solutions.com
Removed hosts entry: 0.0.0.0 www.180solutions.com
Removed hosts entry: 0.0.0.0 infinity.180searchassistant.com
Removed hosts entry: 0.0.0.0 www.180searchassistant.com
Removed hosts entry: 0.0.0.0 www.metricsdirect.com
Removed hosts entry: 0.0.0.0 downloads.zango.com
Removed hosts entry: 0.0.0.0 games.zango.com
Removed hosts entry: 0.0.0.0 infinity.zango.com
Removed hosts entry: 0.0.0.0 lp.zango.com
Removed hosts entry: 0.0.0.0 messenger.zango.com
Removed hosts entry: 0.0.0.0 showtimes.zango.com
Removed hosts entry: 0.0.0.0 www.zango.com
Removed hosts entry: 0.0.0.0 www.zangomessenger.com
Removed hosts entry: 0.0.0.0 www.zangoshowtimes.com
Removed hosts entry: 0.0.0.0 address.3721.com
Removed hosts entry: 0.0.0.0 agent.3721.com
Removed hosts entry: 0.0.0.0 assistant.3721.com
Removed hosts entry: 0.0.0.0 cns.3721.com
Removed hosts entry: 0.0.0.0 cnsmin.3721.com
Removed hosts entry: 0.0.0.0 corp.3721.com
Removed hosts entry: 0.0.0.0 dir.3721.com
Removed hosts entry: 0.0.0.0 download.3721.com
Removed hosts entry: 0.0.0.0 express.3721.com
Removed hosts entry: 0.0.0.0 img.3721.com
Removed hosts entry: 0.0.0.0 magic.3721.com
Removed hosts entry: 0.0.0.0 mark.3721.com
Removed hosts entry: 0.0.0.0 meta.3721.com
Removed hosts entry: 0.0.0.0 msearch.3721.com
Removed hosts entry: 0.0.0.0 sbox.3721.com
Removed hosts entry: 0.0.0.0 shanghai.3721.com
Removed hosts entry: 0.0.0.0 sina.3721.com
Removed hosts entry: 0.0.0.0 user.3721.com
Removed hosts entry: 0.0.0.0 wap.3721.com
Removed hosts entry: 0.0.0.0 www.3721.com
Removed hosts entry: 0.0.0.0 yahoo.3721.com
Removed hosts entry: 0.0.0.0 3721.com
Removed hosts entry: 0.0.0.0 download.feiyang.com
Removed hosts entry: 0.0.0.0 adtracker.411web.com
Removed hosts entry: 0.0.0.0 hits.411web.com
Removed hosts entry: 0.0.0.0 overture.411web.com
Removed hosts entry: 0.0.0.0 static.411web.com
Removed hosts entry: 0.0.0.0 xml.411web.com
Removed hosts entry: 0.0.0.0 search.letssearch.com
Removed hosts entry: 0.0.0.0 search2.letssearch.com
Removed hosts entry: 0.0.0.0 www.letssearch.com
Removed hosts entry: 0.0.0.0 sidebysidesearch.com
Removed hosts entry: 0.0.0.0 go.sidebysidesearch.com
Removed hosts entry: 0.0.0.0 www.sidebysidesearch.com
Removed hosts entry: 0.0.0.0 7search.com
Removed hosts entry: 0.0.0.0 fstrack.7search.com
Removed hosts entry: 0.0.0.0 ia1.7search.com
Removed hosts entry: 0.0.0.0 mainws2.7search.com
Removed hosts entry: 0.0.0.0 meta.7search.com
Removed hosts entry: 0.0.0.0 impression.7search.com
Removed hosts entry: 0.0.0.0 www.7search.com
Removed hosts entry: 0.0.0.0 img.7meta.com
Removed hosts entry: 0.0.0.0 www.7metasearch.com
Removed hosts entry: 0.0.0.0 www.a1fax.com
Removed hosts entry: 0.0.0.0 adtactics.com
Removed hosts entry: 0.0.0.0 bannerx.adtactics.com
Removed hosts entry: 0.0.0.0 www.adtactics.com
Removed hosts entry: 0.0.0.0 advertisingagent.com
Removed hosts entry: 0.0.0.0 ajokeaday.com
Removed hosts entry: 0.0.0.0 bestsearch.com
Removed hosts entry: 0.0.0.0 scripts.bestsearch.com
Removed hosts entry: 0.0.0.0 www.bestsearch.com
Removed hosts entry: 0.0.0.0 browseraccelerator.com
Removed hosts entry: 0.0.0.0 data.browseraccelerator.com
Removed hosts entry: 0.0.0.0 download.browseraccelerator.com
Removed hosts entry: 0.0.0.0 client.browseraccelerator.com
Removed hosts entry: 0.0.0.0 www.browseraccelerator.com
Removed hosts entry: 0.0.0.0 www.buscamundo.com
Removed hosts entry: 0.0.0.0 bannersxchange.com
Removed hosts entry: 0.0.0.0 img.bannersxchange.com
Removed hosts entry: 0.0.0.0 www.bannersxchange.com
Removed hosts entry: 0.0.0.0 internetsecurity.com
Removed hosts entry: 0.0.0.0 www.internetsecurity.com
Removed hosts entry: 0.0.0.0 www.linkstoyou.com
Removed hosts entry: 0.0.0.0 www.payperranking.com
Removed hosts entry: 0.0.0.0 www.pay-per-search.com
Removed hosts entry: 0.0.0.0 paypertext.com
Removed hosts entry: 0.0.0.0 predictivesearch.com
Removed hosts entry: 0.0.0.0 seal.ranking.com
Removed hosts entry: 0.0.0.0 www.ranking.com
Removed hosts entry: 0.0.0.0 tracking.roispy.com
Removed hosts entry: 0.0.0.0 www.roispy.com
Removed hosts entry: 0.0.0.0 ftp.sevenmetasearch.com
Removed hosts entry: 0.0.0.0 www.sevenmetasearch.com
Removed hosts entry: 0.0.0.0 tracking.spiderbait.com
Removed hosts entry: 0.0.0.0 www.spiderbait.com
Removed hosts entry: 0.0.0.0 www.textadvertising.com
Removed hosts entry: 0.0.0.0 www.thetop10.com
Removed hosts entry: 0.0.0.0 trustgauge.com
Removed hosts entry: 0.0.0.0 www.trustgauge.com
Removed hosts entry: 0.0.0.0 seal.validatedsite.com
Removed hosts entry: 0.0.0.0 www.validatedsite.com
Removed hosts entry: 0.0.0.0 www.watch24.com
Removed hosts entry: 0.0.0.0 clicks.about.com
Removed hosts entry: 0.0.0.0 f.about.com
Removed hosts entry: 0.0.0.0 home.about.com
Removed hosts entry: 0.0.0.0 js.get.about.com
Removed hosts entry: 0.0.0.0 images.about.com
Removed hosts entry: 0.0.0.0 lunafetch.about.com
Removed hosts entry: 0.0.0.0 pixel3.about.com
Removed hosts entry: 0.0.0.0 sprinks-clicks.about.com
Removed hosts entry: 0.0.0.0 statistics.s5.com
Removed hosts entry: 0.0.0.0 ad.aboutwebservices.com
Removed hosts entry: 0.0.0.0 button.clickability.com
Removed hosts entry: 0.0.0.0 sftp.clickability.com
Removed hosts entry: 0.0.0.0 stats.clickability.com
Removed hosts entry: 0.0.0.0 ad101com.adbureau.net
Removed hosts entry: 0.0.0.0 adops.adbureau.net
Removed hosts entry: 0.0.0.0 bbcww.adbureau.net
Removed hosts entry: 0.0.0.0 capitali-images.adbureau.net
Removed hosts entry: 0.0.0.0 cent.adbureau.net
Removed hosts entry: 0.0.0.0 etype.adbureau.net
Removed hosts entry: 0.0.0.0 etype-images.adbureau.net
Removed hosts entry: 0.0.0.0 granada.adbureau.net
Removed hosts entry: 0.0.0.0 imediac.adbureau.net
Removed hosts entry: 0.0.0.0 studenti.adbureau.net
Removed hosts entry: 0.0.0.0 ttarget.adbureau.net
Removed hosts entry: 0.0.0.0 www.adbureau.net
Removed hosts entry: 0.0.0.0 www.acez.com
Removed hosts entry: 0.0.0.0 www.acezsoftware.com
Removed hosts entry: 0.0.0.0 www.searchnugget.com
Removed hosts entry: 0.0.0.0 www.screengizmos.com
Removed hosts entry: 0.0.0.0 ad-blaster.com
Removed hosts entry: 0.0.0.0 www.ad-blaster.com
Removed hosts entry: 0.0.0.0 promote4profit.com
Removed hosts entry: 0.0.0.0 www.promote4profit.com
Removed hosts entry: 0.0.0.0 www.3dstats.com
Removed hosts entry: 0.0.0.0 addfreestats.com
Removed hosts entry: 0.0.0.0 top.addfreestats.com
Removed hosts entry: 0.0.0.0 www.addfreestats.com
Removed hosts entry: 0.0.0.0 www1.addfreestats.com
Removed hosts entry: 0.0.0.0 www2.addfreestats.com
Removed hosts entry: 0.0.0.0 www3.addfreestats.com
Removed hosts entry: 0.0.0.0 www4.addfreestats.com
Removed hosts entry: 0.0.0.0 www5.addfreestats.com
Removed hosts entry: 0.0.0.0 ncontext.adacuity.com
Removed hosts entry: 0.0.0.0 www.adacuity.com
Removed hosts entry: 0.0.0.0 adlogix.com
Removed hosts entry: 0.0.0.0 lasagne.adlogix.com
Removed hosts entry: 0.0.0.0 publisher.adlogix.com
Removed hosts entry: 0.0.0.0 traffic.adlogix.com
Removed hosts entry: 0.0.0.0 trafficsource.adlogix.com
Removed hosts entry: 0.0.0.0 www.adlogix.com
Removed hosts entry: 0.0.0.0 www.creatrixads.com
Removed hosts entry: 0.0.0.0 hitgo.com
Removed hosts entry: 0.0.0.0 www.hitgo.com
Removed hosts entry: 0.0.0.0 ncontextmedia.com
Removed hosts entry: 0.0.0.0 www.ncontextmedia.com
Removed hosts entry: 0.0.0.0 www.ncontextsearch.com
Removed hosts entry: 0.0.0.0 neededware.com
Removed hosts entry: 0.0.0.0 www.neededware.com
Removed hosts entry: 0.0.0.0 www.tinkopal.com
Removed hosts entry: 0.0.0.0 tinko-pal.com
Removed hosts entry: 0.0.0.0 www.tinkopal.net
Removed hosts entry: 0.0.0.0 r2.trafficserverstats.com
Removed hosts entry: 0.0.0.0 r5.trafficserverstats.com
Removed hosts entry: 0.0.0.0 r10.trafficserverstats.com
Removed hosts entry: 0.0.0.0 r18.trafficserverstats.com
Removed hosts entry: 0.0.0.0 r25.trafficserverstats.com
Removed hosts entry: 0.0.0.0 webengo.com
Removed hosts entry: 0.0.0.0 ads.adorigin.com
Removed hosts entry: 0.0.0.0 dev.adorigin.com
Removed hosts entry: 0.0.0.0 www.adorigin.com
Removed hosts entry: 0.0.0.0 blowsearch.com
Removed hosts entry: 0.0.0.0 msxml.blowsearch.com
Removed hosts entry: 0.0.0.0 web.blowsearch.com
Removed hosts entry: 0.0.0.0 www.blowsearch.com
Removed hosts entry: 0.0.0.0 www.1-viagra-on-line.com
Removed hosts entry: 0.0.0.0 www.all-casinos.org
Removed hosts entry: 0.0.0.0 www.all-lyrics.org
Removed hosts entry: 0.0.0.0 www.best-poker.biz
Removed hosts entry: 0.0.0.0 www.chenjesu.com
Removed hosts entry: 0.0.0.0 halflemon.com
Removed hosts entry: 0.0.0.0 www.halflemon.com
Removed hosts entry: 0.0.0.0 www.spycounter.net
Removed hosts entry: 0.0.0.0 www-start-page.com
Removed hosts entry: 0.0.0.0 www.www-start-page.com
Removed hosts entry: 0.0.0.0 www.start-page.net
Removed hosts entry: 0.0.0.0 www.start-page.org
Removed hosts entry: 0.0.0.0 the-roulette.net
Removed hosts entry: 0.0.0.0 www.usa-phendimetrazine.com
Removed hosts entry: 0.0.0.0 www.ad-souk.com
Removed hosts entry: 0.0.0.0 bilbob.com
Removed hosts entry: 0.0.0.0 didtal.com
Removed hosts entry: 0.0.0.0 quinst.com
Removed hosts entry: 0.0.0.0 cb.adprofile.net
Removed hosts entry: 0.0.0.0 content.adprofile.net
Removed hosts entry: 0.0.0.0 tx.adprofile.net
Removed hosts entry: 0.0.0.0 w2-ver.adprofile.net
Removed hosts entry: 0.0.0.0 adteractive.com
Removed hosts entry: 0.0.0.0 www.adteractive.com
Removed hosts entry: 0.0.0.0 icc.intellisrv.net
Removed hosts entry: 0.0.0.0 adtegrity.com
Removed hosts entry: 0.0.0.0 www.adtegrity.com
Removed hosts entry: 0.0.0.0 webalize.com
Removed hosts entry: 0.0.0.0 toolbar.webalize.com
Removed hosts entry: 0.0.0.0 www.webalize.com
Removed hosts entry: 0.0.0.0 webalize.net
Removed hosts entry: 0.0.0.0 www.webalize.net
Removed hosts entry: 0.0.0.0 webalize.mygeek.com
Removed hosts entry: 0.0.0.0 ads.adtomi.com
Removed hosts entry: 0.0.0.0 www.adtomi.com
Removed hosts entry: 0.0.0.0 aidintime.com
Removed hosts entry: 0.0.0.0 www.aidintime.com
Removed hosts entry: 0.0.0.0 www.bascowater.com
Removed hosts entry: 0.0.0.0 bianka.cafreedom.com
Removed hosts entry: 0.0.0.0 margo.cafreedom.com
Removed hosts entry: 0.0.0.0 mirka.cafreedom.com
Removed hosts entry: 0.0.0.0 money.cafreedom.com
Removed hosts entry: 0.0.0.0 morze.cafreedom.com
Removed hosts entry: 0.0.0.0 www.camberageflex.com
Removed hosts entry: 0.0.0.0 www.collarsaround.com
Removed hosts entry: 0.0.0.0 www.emorningmoss.net
Removed hosts entry: 0.0.0.0 www.etightstrings.net
Removed hosts entry: 0.0.0.0 www.logiose.com
Removed hosts entry: 0.0.0.0 www.moltenmagnet.net
Removed hosts entry: 0.0.0.0 www.netremoteline.com
Removed hosts entry: 0.0.0.0 www.treestompertime.net
Removed hosts entry: 0.0.0.0 install.007guard.com
Removed hosts entry: 0.0.0.0 download.007guard.com
Removed hosts entry: 0.0.0.0 www.007guard.com
Removed hosts entry: 0.0.0.0 2search.org
Removed hosts entry: 0.0.0.0 www.2search.org
Removed hosts entry: 0.0.0.0 hotmsnnames.com
Removed hosts entry: 0.0.0.0 www.hotmsnnames.com
Removed hosts entry: 0.0.0.0 www.hottestgames.net
Removed hosts entry: 0.0.0.0 adserver.shizzlehost.com
Removed hosts entry: 0.0.0.0 www.shizzlelyrics.com
Removed hosts entry: 0.0.0.0 www.shizzletraffic.com
Removed hosts entry: 0.0.0.0 sv1.xmcmx.net
Removed hosts entry: 0.0.0.0 webmasterz.biz
Removed hosts entry: 0.0.0.0 www.webmasterz.biz
Removed hosts entry: 0.0.0.0 www.xyfex.com
Removed hosts entry: 0.0.0.0 alset.com
Removed hosts entry: 0.0.0.0 www.alset.com
Removed hosts entry: 0.0.0.0 allcybersearch.com
Removed hosts entry: 0.0.0.0 www.allcybersearch.com
Removed hosts entry: 0.0.0.0 amigeek.com
Removed hosts entry: 0.0.0.0 www.amigeek.com
Removed hosts entry: 0.0.0.0 clickyestoenter.net
Removed hosts entry: 0.0.0.0 www.clickyestoenter.net
Removed hosts entry: 0.0.0.0 www.gay50.com
Removed hosts entry: 0.0.0.0 gocybersearch.com
Removed hosts entry: 0.0.0.0 www.gocybersearch.com
Removed hosts entry: 0.0.0.0 www.hotelxxxcams.com
Removed hosts entry: 0.0.0.0 hotpopup.com
Removed hosts entry: 0.0.0.0 search.hotpopup.com
Removed hosts entry: 0.0.0.0 www.hotpopup.com
Removed hosts entry: 0.0.0.0 hotsearchbox.com
Removed hosts entry: 0.0.0.0 www.hotsearchbox.com
Removed hosts entry: 0.0.0.0 i--search.com
Removed hosts entry: 0.0.0.0 www.i--search.com
Removed hosts entry: 0.0.0.0 jethomepage.com
Removed hosts entry: 0.0.0.0 www.jethomepage.com
Removed hosts entry: 0.0.0.0 jetseeker.com
Removed hosts entry: 0.0.0.0 www.jetseeker.com
Removed hosts entry: 0.0.0.0 searchxl.com
Removed hosts entry: 0.0.0.0 www.searchxl.com
Removed hosts entry: 0.0.0.0 tinybar.com
Removed hosts entry: 0.0.0.0 www.tinybar.com
Removed hosts entry: 0.0.0.0 topsearcher.com
Removed hosts entry: 0.0.0.0 www.topsearcher.com
Removed hosts entry: 0.0.0.0 trixscripts.com
Removed hosts entry: 0.0.0.0 www.trixscripts.com
Removed hosts entry: 0.0.0.0 zeropopup.com
Removed hosts entry: 0.0.0.0 www.zeropopup.com
Removed hosts entry: 0.0.0.0 znext.com
Removed hosts entry: 0.0.0.0 www.znext.com
Removed hosts entry: 0.0.0.0 cdn1.adsdk.com
Removed hosts entry: 0.0.0.0 cdn2.adsdk.com
Removed hosts entry: 0.0.0.0 advertising.com
Removed hosts entry: 0.0.0.0 adserve.advertising.com
Removed hosts entry: 0.0.0.0 bannerfarm.ace.advertising.com
Removed hosts entry: 0.0.0.0 dbs.advertising.com
Removed hosts entry: 0.0.0.0 demo.advertising.com
Removed hosts entry: 0.0.0.0 opera1-servedby.advertising.com
Removed hosts entry: 0.0.0.0 servedby.advertising.com
Removed hosts entry: 0.0.0.0 rd.advertising.com
Removed hosts entry: 0.0.0.0 wap.advertising.com
Removed hosts entry: 0.0.0.0 www.advertising.com
Removed hosts entry: 0.0.0.0 clk4.com
Removed hosts entry: 0.0.0.0 www.clk4.com
Removed hosts entry: 0.0.0.0 www.contextualclicks.com
Removed hosts entry: 0.0.0.0 fastseeker.com
Removed hosts entry: 0.0.0.0 www.fastseeker.com
Removed hosts entry: 0.0.0.0 spyblast.com
Removed hosts entry: 0.0.0.0 www.spyblast.com
Removed hosts entry: 0.0.0.0 www.thesearchster.com
Removed hosts entry: 0.0.0.0 ads.ign.com
Removed hosts entry: 0.0.0.0 adserver.ign.com
Removed hosts entry: 0.0.0.0 t.ign.com
Removed hosts entry: 0.0.0.0 tracker.ign.com
Removed hosts entry: 0.0.0.0 adserver.snowball.com
Removed hosts entry: 0.0.0.0 polls.snowball.com
Removed hosts entry: 0.0.0.0 scripts.snowball.com
Removed hosts entry: 0.0.0.0 t.snowball.com
Removed hosts entry: 0.0.0.0 tracker.snowball.com
Removed hosts entry: 0.0.0.0 www.allheadlinenews.com
Removed hosts entry: 0.0.0.0 www.americlicks.com
Removed hosts entry: 0.0.0.0 www.weatherclicks.com
Removed hosts entry: 0.0.0.0 altnet.com
Removed hosts entry: 0.0.0.0 file.altnet.com
Removed hosts entry: 0.0.0.0 media.altnet.com
Removed hosts entry: 0.0.0.0 ts.altnet.com
Removed hosts entry: 0.0.0.0 tss.altnet.com
Removed hosts entry: 0.0.0.0 pm.altnet.com
Removed hosts entry: 0.0.0.0 www.altnet.com
Removed hosts entry: 0.0.0.0 www.altnetp2p.com
Removed hosts entry: 0.0.0.0 brilliantdigital.com
Removed hosts entry: 0.0.0.0 st.brilliantdigital.com
Removed hosts entry: 0.0.0.0 www.brilliantdigital.com
Removed hosts entry: 0.0.0.0 b3d.com
Removed hosts entry: 0.0.0.0 bde3d.com
Removed hosts entry: 0.0.0.0 www.b3d.com
Removed hosts entry: 0.0.0.0 xiti.com
Removed hosts entry: 0.0.0.0 loga.xiti.com
Removed hosts entry: 0.0.0.0 logc13.xiti.com
Removed hosts entry: 0.0.0.0 logi6.xiti.com
Removed hosts entry: 0.0.0.0 logi7.xiti.com
Removed hosts entry: 0.0.0.0 logv3.xiti.com
Removed hosts entry: 0.0.0.0 logv18.xiti.com
Removed hosts entry: 0.0.0.0 logv20.xiti.com
Removed hosts entry: 0.0.0.0 logv21.xiti.com
Removed hosts entry: 0.0.0.0 logv26.xiti.com
Removed hosts entry: 0.0.0.0 logp.xiti.com
Removed hosts entry: 0.0.0.0 trafic.xiti.com
Removed hosts entry: 0.0.0.0 www.xiti.com
Removed hosts entry: 0.0.0.0 adintelligence.net
Removed hosts entry: 0.0.0.0 acc.adintelligence.net
Removed hosts entry: 0.0.0.0 adchannel.adintelligence.net
Removed hosts entry: 0.0.0.0 creatives.adintelligence.net
Removed hosts entry: 0.0.0.0 download.adintelligence.net
Removed hosts entry: 0.0.0.0 www.adintelligence.net
Removed hosts entry: 0.0.0.0 adchannel.contextplus.net
Removed hosts entry: 0.0.0.0 au.contextplus.net
Removed hosts entry: 0.0.0.0 download.contextplus.net
Removed hosts entry: 0.0.0.0 www.contextplus.net
Removed hosts entry: 0.0.0.0 www.contextplus.com
Removed hosts entry: 0.0.0.0 adv.peopleonpage.com
Removed hosts entry: 0.0.0.0 app.peopleonpage.com
Removed hosts entry: 0.0.0.0 download.peopleonpage.com
Removed hosts entry: 0.0.0.0 envolo.peopleonpage.com
Removed hosts entry: 0.0.0.0 img.peopleonpage.com
Removed hosts entry: 0.0.0.0 srv.peopleonpage.com
Removed hosts entry: 0.0.0.0 www.peopleonpage.com
Removed hosts entry: 0.0.0.0 www.avenuea.com
Removed hosts entry: 0.0.0.0 att.atdmt.com
Removed hosts entry: 0.0.0.0 click.atdmt.com
Removed hosts entry: 0.0.0.0 clk.atdmt.com
Removed hosts entry: 0.0.0.0 image.atdmt.com
Removed hosts entry: 0.0.0.0 spd.atdmt.com
Removed hosts entry: 0.0.0.0 spe.atdmt.com
Removed hosts entry: 0.0.0.0 switch.atdmt.com
Removed hosts entry: 0.0.0.0 view.atdmt.com
Removed hosts entry: 0.0.0.0 www.atdmt.com
Removed hosts entry: 0.0.0.0 atlasdmt.com
Removed hosts entry: 0.0.0.0 www.atlasdmt.com
Removed hosts entry: 0.0.0.0 www.avenueainc.com
Removed hosts entry: 0.0.0.0 ads.toplayerserver.com
Removed hosts entry: 0.0.0.0 www1.toplayerserver.com
Removed hosts entry: 0.0.0.0 www.toplayerserver.com
Removed hosts entry: 0.0.0.0 track.roiservice.com
Removed hosts entry: 0.0.0.0 affiliates.jeanharris.com
Removed hosts entry: 0.0.0.0 popup.jeanharris.com
Removed hosts entry: 0.0.0.0 spyware-removal.net
Removed hosts entry: 0.0.0.0 www.systemdetective.com
Removed hosts entry: 0.0.0.0 ztrack.net
Removed hosts entry: 0.0.0.0 active-alert-server.com
Removed hosts entry: 0.0.0.0 www.active-alert-server.com
Removed hosts entry: 0.0.0.0 amnv.net
Removed hosts entry: 0.0.0.0 www.amnv.net
Removed hosts entry: 0.0.0.0 avenuemedia.com
Removed hosts entry: 0.0.0.0 www.avenuemedia.com
Removed hosts entry: 0.0.0.0 climaxbucks.com
Removed hosts entry: 0.0.0.0 cdn.climaxbucks.com
Removed hosts entry: 0.0.0.0 mt1.climaxbucks.com
Removed hosts entry: 0.0.0.0 mt23.climaxbucks.com
Removed hosts entry: 0.0.0.0 xbs.climaxbucks.com
Removed hosts entry: 0.0.0.0 www.climaxbucks.com
Removed hosts entry: 0.0.0.0 xbs.cocktailcash.com
Removed hosts entry: 0.0.0.0 cocktailcash.com
Removed hosts entry: 0.0.0.0 www.cocktailcash.com
Removed hosts entry: 0.0.0.0 internet-optimizer.com
Removed hosts entry: 0.0.0.0 ads.internet-optimizer.com
Removed hosts entry: 0.0.0.0 configure.internet-optimizer.com
Removed hosts entry: 0.0.0.0 help.internet-optimizer.com
Removed hosts entry: 0.0.0.0 www.internet-optimizer.com
Removed hosts entry: 0.0.0.0 www.lunasearch.com
Removed hosts entry: 0.0.0.0 movies-etc.com
Removed hosts entry: 0.0.0.0 cdn.movies-etc.com
Removed hosts entry: 0.0.0.0 cdn2.movies-etc.com
Removed hosts entry: 0.0.0.0 www.movies-etc.com
Removed hosts entry: 0.0.0.0 yoogee.com
Removed hosts entry: 0.0.0.0 www.yoogee.com
Removed hosts entry: 0.0.0.0 i.1100i.com
Removed hosts entry: 0.0.0.0 images.1100i.com
Removed hosts entry: 0.0.0.0 www.adroz.com
Removed hosts entry: 0.0.0.0 c.azjmp.com
Removed hosts entry: 0.0.0.0 www.azjmp.com
Removed hosts entry: 0.0.0.0 images.azoogleads.com
Removed hosts entry: 0.0.0.0 images.azooimages.com
Removed hosts entry: 0.0.0.0 www.azoogleads.com
Removed hosts entry: 0.0.0.0 b.bluetime.com
Removed hosts entry: 0.0.0.0 b1.bluetime.com
Removed hosts entry: 0.0.0.0 images.bluetime.com
Removed hosts entry: 0.0.0.0 www.bluetime.com
Removed hosts entry: 0.0.0.0 www.giftfox.com
Removed hosts entry: 0.0.0.0 images.hostimages.net
Removed hosts entry: 0.0.0.0 images.imagesbyaz.com
Removed hosts entry: 0.0.0.0 images.imgehost.com
Removed hosts entry: 0.0.0.0 impulseleads.com
Removed hosts entry: 0.0.0.0 www.impulseleads.com
Removed hosts entry: 0.0.0.0 images.imgserver.net
Removed hosts entry: 0.0.0.0 www.merchantportal.com
Removed hosts entry: 0.0.0.0 www.mport.com
Removed hosts entry: 0.0.0.0 www.mptrack.com
Removed hosts entry: 0.0.0.0 www.mydishprovider.com
Removed hosts entry: 0.0.0.0 noadware.biz
Removed hosts entry: 0.0.0.0 www.noadware.biz
Removed hosts entry: 0.0.0.0 1.primaryads.com
Removed hosts entry: 0.0.0.0 c.qckjmp.com
Removed hosts entry: 0.0.0.0 google.begin2search.com
Removed hosts entry: 0.0.0.0 toolbar.begin2search.com
Removed hosts entry: 0.0.0.0 www.begin2search.com
Removed hosts entry: 0.0.0.0 bigtrafficnetwork.com
Removed hosts entry: 0.0.0.0 www2.bigtrafficnetwork.com
Removed hosts entry: 0.0.0.0 www3.bigtrafficnetwork.com
Removed hosts entry: 0.0.0.0 www.bigtrafficnetwork.com
Removed hosts entry: 0.0.0.0 www2.click2begin.com
Removed hosts entry: 0.0.0.0 desktoptraffic.net
Removed hosts entry: 0.0.0.0 toolbar.desktoptraffic.net
Removed hosts entry: 0.0.0.0 popupsearches.com
Removed hosts entry: 0.0.0.0 www2.popupsearches.com
Removed hosts entry: 0.0.0.0 www.popupsearches.com
Removed hosts entry: 0.0.0.0 trafficgeneration.biz
Removed hosts entry: 0.0.0.0 toolbar.trafficgeneration.biz
Removed hosts entry: 0.0.0.0 toolbar2.trafficgeneration.biz
Removed hosts entry: 0.0.0.0 toolbar3.trafficgeneration.biz
Removed hosts entry: 0.0.0.0 toolbar4.trafficgeneration.biz
Removed hosts entry: 0.0.0.0 www.trafficgeneration.biz
Removed hosts entry: 0.0.0.0 www2.1evidencekiller.com
Removed hosts entry: 0.0.0.0 www2.1historyeraser.com
Removed hosts entry: 0.0.0.0 www2.1popupblocker.com
Removed hosts entry: 0.0.0.0 www2.1registrycleaner.com
Removed hosts entry: 0.0.0.0 www.1spywarekiller.com
Removed hosts entry: 0.0.0.0 www2.1spywarekiller.com
Removed hosts entry: 0.0.0.0 www3.1spywarekiller.com
Removed hosts entry: 0.0.0.0 exits.evilbucks.com
Removed hosts entry: 0.0.0.0 stats.evilbucks.com
Removed hosts entry: 0.0.0.0 www.evilmembers.com
Removed hosts entry: 0.0.0.0 www2.surfertools.com
Removed hosts entry: 0.0.0.0 www.surfertools.com
Removed hosts entry: 0.0.0.0 zippy-lookup.com
Removed hosts entry: 0.0.0.0 www.zippy-lookup.com
Removed hosts entry: 0.0.0.0 www.eaffiliateinc.com
Removed hosts entry: 0.0.0.0 gpstool.globaladserver.com
Removed hosts entry: 0.0.0.0 www.globaladserver.com
Removed hosts entry: 0.0.0.0 globalwebsearch.com
Removed hosts entry: 0.0.0.0 toolbar.globalwebsearch.com
Removed hosts entry: 0.0.0.0 toolbar2.globalwebsearch.com
Removed hosts entry: 0.0.0.0 www.globalwebsearch.com
Removed hosts entry: 0.0.0.0 goldmembersarea.com
Removed hosts entry: 0.0.0.0 www.goldmembersarea.com
Removed hosts entry: 0.0.0.0 gophersearch.com
Removed hosts entry: 0.0.0.0 www.gophersearch.com
Removed hosts entry: 0.0.0.0 www.megaadultsite.com
Removed hosts entry: 0.0.0.0 secure.pinkpays.com
Removed hosts entry: 0.0.0.0 www.pinkpays.com
Removed hosts entry: 0.0.0.0 vroomsearch.com
Removed hosts entry: 0.0.0.0 www.vroomsearch.com
Removed hosts entry: 0.0.0.0 worldanywhere.com
Removed hosts entry: 0.0.0.0 toolbar.worldanywhere.com
Removed hosts entry: 0.0.0.0 www.worldanywhere.com
Removed hosts entry: 0.0.0.0 www.icannnews.com
Removed hosts entry: 0.0.0.0 kvmmedia.com
Removed hosts entry: 0.0.0.0 mononews.com
Removed hosts entry: 0.0.0.0 www.alarm-works.com
Removed hosts entry: 0.0.0.0 www.beachtrash.com
Removed hosts entry: 0.0.0.0 www.600.net
Removed hosts entry: 0.0.0.0 www.aimface.com
Removed hosts entry: 0.0.0.0 www.funnyjoke.net
Removed hosts entry: 0.0.0.0 www.imbuddy.net
Removed hosts entry: 0.0.0.0 www.ratepic.com
Removed hosts entry: 0.0.0.0 1cat.com
Removed hosts entry: 0.0.0.0 i.1cat.com
Removed hosts entry: 0.0.0.0 www.1cat.com
Removed hosts entry: 0.0.0.0 selectbonus.com
Removed hosts entry: 0.0.0.0 www.selectbonus.com
Removed hosts entry: 0.0.0.0 www.shopathome.com
Removed hosts entry: 0.0.0.0 shopathomeselect.com
Removed hosts entry: 0.0.0.0 download1.shopathomeselect.com
Removed hosts entry: 0.0.0.0 downloads.shopathomeselect.com
Removed hosts entry: 0.0.0.0 download21.shopathomeselect.com
Removed hosts entry: 0.0.0.0 www.shopathomeselect.com
Removed hosts entry: 0.0.0.0 adcounter.theglobeandmail.com
Removed hosts entry: 0.0.0.0 adrates.theglobeandmail.com
Removed hosts entry: 0.0.0.0 ads.globeandmail.com
Removed hosts entry: 0.0.0.0 ads1.theglobeandmail.com
Removed hosts entry: 0.0.0.0 visit.theglobeandmail.com
Removed hosts entry: 0.0.0.0 www1.theglobeandmail.com
Removed hosts entry: 0.0.0.0 www.321search.com
Removed hosts entry: 0.0.0.0 www.bitwisepublishing.com
Removed hosts entry: 0.0.0.0 www.free-patriotic-screensavers.com
Removed hosts entry: 0.0.0.0 www.my247eshop.com
Removed hosts entry: 0.0.0.0 www.scenicreflections.com
Removed hosts entry: 0.0.0.0 adbot.com
Removed hosts entry: 0.0.0.0 w1.adbot.com
Removed hosts entry: 0.0.0.0 www.adbot.com
Removed hosts entry: 0.0.0.0 counter.bloke.com
Removed hosts entry: 0.0.0.0 www1.counter.bloke.com
Removed hosts entry: 0.0.0.0 www3.counter.bloke.com
Removed hosts entry: 0.0.0.0 www4.counter.bloke.com
Removed hosts entry: 0.0.0.0 www5.counter.bloke.com
Removed hosts entry: 0.0.0.0 www6.counter.bloke.com
Removed hosts entry: 0.0.0.0 www7.counter.bloke.com
Removed hosts entry: 0.0.0.0 counterbot.com
Removed hosts entry: 0.0.0.0 cb1.counterbot.com
Removed hosts entry: 0.0.0.0 bluestreak.com
Removed hosts entry: 0.0.0.0 ak.bluestreak.com
Removed hosts entry: 0.0.0.0 ca1.bluestreak.com
Removed hosts entry: 0.0.0.0 s0.bluestreak.com
Removed hosts entry: 0.0.0.0 s0b.bluestreak.com
Removed hosts entry: 0.0.0.0 s1.bluestreak.com
Removed hosts entry: 0.0.0.0 s2.bluestreak.com
Removed hosts entry: 0.0.0.0 s3.bluestreak.com
Removed hosts entry: 0.0.0.0 s4.bluestreak.com
Removed hosts entry: 0.0.0.0 s5.bluestreak.com
Removed hosts entry: 0.0.0.0 s6.bluestreak.com
Removed hosts entry: 0.0.0.0 s7.bluestreak.com
Removed hosts entry: 0.0.0.0 s8.bluestreak.com
Removed hosts entry: 0.0.0.0 www.bluestreak.com
Removed hosts entry: 0.0.0.0 www.bluetidesoftware.com
Removed hosts entry: 0.0.0.0 surfsidekick.com
Removed hosts entry: 0.0.0.0 ads.surfsidekick.com
Removed hosts entry: 0.0.0.0 dl.surfsidekick.com
Removed hosts entry: 0.0.0.0 www.surfsidekick.com
Removed hosts entry: 0.0.0.0 www.block-checker.com
Removed hosts entry: 0.0.0.0 www.spootie.com
Removed hosts entry: 0.0.0.0 www.system-processes.com
Removed hosts entry: 0.0.0.0 secure.certone.com
Removed hosts entry: 0.0.0.0 www.filefront.net
Removed hosts entry: 0.0.0.0 www.gizmoyo.com
Removed hosts entry: 0.0.0.0 www.torrentsearcher.net
Removed hosts entry: 0.0.0.0 www.xcode.info
Removed hosts entry: 0.0.0.0 files.xeol.net
Removed hosts entry: 0.0.0.0 pr.xeol.net
Removed hosts entry: 0.0.0.0 download.bonzi.com
Removed hosts entry: 0.0.0.0 images.bonzi.com
Removed hosts entry: 0.0.0.0 www.bonzi.com
Removed hosts entry: 0.0.0.0 www.bonzibuddy.com
Removed hosts entry: 0.0.0.0 cdn.gms1.net
Removed hosts entry: 0.0.0.0 i.gms1.net
Removed hosts entry: 0.0.0.0 www.gms1.net
Removed hosts entry: 0.0.0.0 bravenet.com
Removed hosts entry: 0.0.0.0 adserv.bravenet.com
Removed hosts entry: 0.0.0.0 images.bravenet.com
Removed hosts entry: 0.0.0.0 linktrack.bravenet.com
Removed hosts entry: 0.0.0.0 pub1.bravenet.com
Removed hosts entry: 0.0.0.0 www.bravenet.com
Removed hosts entry: 0.0.0.0 belgiandip.com
Removed hosts entry: 0.0.0.0 www.belgiandip.com
Removed hosts entry: 0.0.0.0 www.illtemperedguppys.com
Removed hosts entry: 0.0.0.0 www.no-beba-el-agua.com
Removed hosts entry: 0.0.0.0 www.undergroundlair.net
Removed hosts entry: 0.0.0.0 www2.undergroundlair.net
Removed hosts entry: 0.0.0.0 www.00z70az77mnsa-00swj1zzprh.com
Removed hosts entry: 0.0.0.0 www.funcionamiento-con-la-tijera.com
Removed hosts entry: 0.0.0.0 www.pshnw6510990nmo-34nue7700.net
Removed hosts entry: 0.0.0.0 www.anquiro.com
Removed hosts entry: 0.0.0.0 show.budsinc.com
Removed hosts entry: 0.0.0.0 www.budsinc.com
Removed hosts entry: 0.0.0.0 www.musicfeet.com
Removed hosts entry: 0.0.0.0 www.iwebmusic.com
Removed hosts entry: 0.0.0.0 iwebtunes.com
Removed hosts entry: 0.0.0.0 www.iwebtunes.com
Removed hosts entry: 0.0.0.0 ads.addesktop.com
Removed hosts entry: 0.0.0.0 burstmedia.com
Removed hosts entry: 0.0.0.0 web.burstmedia.com
Removed hosts entry: 0.0.0.0 roscoe.burstmedia.com
Removed hosts entry: 0.0.0.0 ads.burstnet.com
Removed hosts entry: 0.0.0.0 gifs.burstnet.com
Removed hosts entry: 0.0.0.0 sj.burstnet.com
Removed hosts entry: 0.0.0.0 te.burstnet.com
Removed hosts entry: 0.0.0.0 text.burstnet.com
Removed hosts entry: 0.0.0.0 www.burstnet.com
Removed hosts entry: 0.0.0.0 www2.burstnet.com
Removed hosts entry: 0.0.0.0 www3.burstnet.com
Removed hosts entry: 0.0.0.0 www4.burstnet.com
Removed hosts entry: 0.0.0.0 www5.burstnet.com
Removed hosts entry: 0.0.0.0 www6.burstnet.com
Removed hosts entry: 0.0.0.0 www.burstnet.akadns.net
Removed hosts entry: 0.0.0.0 casalemedia.com
Removed hosts entry: 0.0.0.0 as.casalemedia.com
Removed hosts entry: 0.0.0.0 asg01.casalemedia.com
Removed hosts entry: 0.0.0.0 asg02.casalemedia.com
Removed hosts entry: 0.0.0.0 asg03.casalemedia.com
Removed hosts entry: 0.0.0.0 asg04.casalemedia.com
Removed hosts entry: 0.0.0.0 asg05.casalemedia.com
Removed hosts entry: 0.0.0.0 asg06.casalemedia.com
Removed hosts entry: 0.0.0.0 asg07.casalemedia.com
Removed hosts entry: 0.0.0.0 asg08.casalemedia.com
Removed hosts entry: 0.0.0.0 asg09.casalemedia.com
Removed hosts entry: 0.0.0.0 asg10.casalemedia.com
Removed hosts entry: 0.0.0.0 asg11.casalemedia.com
Removed hosts entry: 0.0.0.0 asg12.casalemedia.com
Removed hosts entry: 0.0.0.0 asg13.casalemedia.com
Removed hosts entry: 0.0.0.0 asg14.casalemedia.com
Removed hosts entry: 0.0.0.0 asg15.casalemedia.com
Removed hosts entry: 0.0.0.0 asg16.casalemedia.com
Removed hosts entry: 0.0.0.0 asg17.casalemedia.com
Removed hosts entry: 0.0.0.0 asg18.casalemedia.com
Removed hosts entry: 0.0.0.0 asg19.casalemedia.com
Removed hosts entry: 0.0.0.0 asg20.casalemedia.com
Removed hosts entry: 0.0.0.0 asg21.casalemedia.com
Removed hosts entry: 0.0.0.0 asg22.casalemedia.com
Removed hosts entry: 0.0.0.0 asg23.casalemedia.com
Removed hosts entry: 0.0.0.0 asg24.casalemedia.com
Removed hosts entry: 0.0.0.0 asg25.casalemedia.com
Removed hosts entry: 0.0.0.0 asg26.casalemedia.com
Removed hosts entry: 0.0.0.0 asg27.casalemedia.com
Removed hosts entry: 0.0.0.0 asg28.casalemedia.com
Removed hosts entry: 0.0.0.0 asg29.casalemedia.com
Removed hosts entry: 0.0.0.0 asg30.casalemedia.com
Removed hosts entry: 0.0.0.0 asg31.casalemedia.com
Removed hosts entry: 0.0.0.0 asg32.casalemedia.com
Removed hosts entry: 0.0.0.0 asg33.casalemedia.com
Removed hosts entry: 0.0.0.0 asg34.casalemedia.com
Removed hosts entry: 0.0.0.0 asg35.casalemedia.com
Removed hosts entry: 0.0.0.0 asg36.casalemedia.com
Removed hosts entry: 0.0.0.0 asg37.casalemedia.com
Removed hosts entry: 0.0.0.0 asg38.casalemedia.com
Removed hosts entry: 0.0.0.0 asg39.casalemedia.com
Removed hosts entry: 0.0.0.0 asg40.casalemedia.com
Removed hosts entry: 0.0.0.0 asg41.casalemedia.com
Removed hosts entry: 0.0.0.0 asg42.casalemedia.com
Removed hosts entry: 0.0.0.0 asg43.casalemedia.com
Removed hosts entry: 0.0.0.0 asg44.casalemedia.com
Removed hosts entry: 0.0.0.0 asg45.casalemedia.com
Removed hosts entry: 0
Baixe o MSN Vírus Cleaner em : http://dcmagnet.eu/download/MsnCleaner/down/MsnCleaner.exe
Utilize o MSN Vírus Cleaner para eliminar processos suspeitos (como os de vírus, por exemplo) e limpar arquivos temporários, cache e lixeira. Para conseguir rodá-lo, você deve fechar o MSN e executar o arquivo, reiniciando o computador logo em seguida. Não é necessário realizar instalação.
Quando executei o arquivo apareceu um erro veja:
/applications/core/interface/imageproxy/imageproxy.php?img=http://img216.imageshack.us/img216/7529/edvdx2.jpg&key=25784b1389eee2ff7e90dadca3139d3eb908cd06627f1362954c53c57dee31a9" alt="edvdx2.jpg" />
Baixe o ComboFix em:
**1)** Desabilite o seu **anti-vírus** temporariamente;
**2)** Dê um **duplo-clique** no **combofix.exe** e aguarde (**o processo total demora cerca de 10 minutos**);3) A janela de “NEGAÇÃO DE GARANTIA DO SOFTWARE” abrir-se-á. Leia atentamente o texto contido nesta janela e clique sobre “SIM” para continuar.
PS.: Caso não concorde com os termos clique sobre “NÃO” para sair do software, cabendo lembrar que o processo de desinfecção não será possível sem a continuidade do ComboFix.
4) Outra janela irá abrir, caso a sua máquina não possua o CONSOLE DE RECUPERAÇÃO DO WINDOWS. É recomendável executar a instalação do console ante de dar continuidade ao processo, pois tal ação proporcionará a garantia de que o sistema poderá ser recuperado em caso de problemas durante a varredura.
Clique sobre “SIM” e aguarde, pois o processo de instalação do console dar-se-á automaticamente através do próprio ComboFix. Ele poderá demorar alguns minutos (dependerá da velocidade de sua conexão), portanto seja paciente.
Quando a janela “INSTALANDO O CONSOLE DE RECUPERAÇÃO” aparecer clique em “OK”, depois clique sobre “SIM” para aceitar a licença EULA.
Ao término da instalação do console de recuperação abrir-se-á uma janela avisando que “O CONSOLE DE RECUPERAÇÃO FOI INSTALADA COM SUCESSO”.
Clique sobre “SIM” para continuar a varredura.
5) O ComboFix iniciará o AUTOSCAN (aguarde).
ATENÇÃO: Não clique na janela do ComboFix, nem termine o processo abruptamente enquanto a ferramenta estiver sendo executada, pois isto implicará na desconfiguração de seu desktop (ele ficará todo branco).
Ao término do processo a máquina será reiniciada para a emissão do relatório.
6) Ao reiniciar a máquina o ComboFix irá executar o FIND3M para a criação do relatório final da varredura. O log ficará alocado em C:\ComboFix.txt.
7) Reabilite o seu anti-vírus;
8) Preciso que você cole o conteúdo do ComboFix.txt em sua próxima resposta.
OBS.1: Caso apareça uma mensagem avisando que ESTE NÃO É UM APLICATIVO WIN 32 VÁLIDO baixe o ComboFix novamente, mas salve-o em seu Desktop como KomboFix. Em último caso, tente utilizar o ComboFix em MODO SEGURO.
OBS.2: Caso haja um clique sobre a janela do ComboFix em execução, ela irá MAXIMIZAR, sobrepondo-se sobre as demais. Para minimizá-la novamente basta utilizar a combinação ALT + TAB.
Atenção:
Não clique em nada enquanto o Combofix estiver rodando, Do contrário seu desktop ficará em branco.
Para parar o processo ou sair do ComboFix, tecle "2" e Enter.
Aguardo o retorno
ComboFix 09-02-12.03 - Administrador 2009-02-12 21:50:41.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.383.147 [GMT -2:00]
Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090212-0] On-access scanning disabled (Updated)
* Criado um novo ponto de restauro
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.exe
c:\windows\system32\autorun.ini
c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL
c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\desktop.ini
c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\erma.inf
c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\gbieh.gmd
c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\gbpdist.dll
c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\gbpdist.inf
c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\LegitCheckControl.inf
c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\swflash.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_GBPSV
-------\Legacy_NPF
-------\Service_GbpSv
-------\Service_NPF
(((((((((((((((( Arquivos/Ficheiros criados de 2009-01-12 to 2009-02-12 ))))))))))))))))))))))))))))
.
2009-01-27 21:04 . 2009-01-27 21:04 401,720 --a------ C:\HiJackThis.exe
2009-01-23 21:08 . 2009-01-23 21:08 <DIR> d-------- c:\arquivos de programas\Alwil Software
2009-01-23 20:57 . 2009-01-27 19:59 <DIR> d-------- c:\arquivos de programas\Add Remove Pro
2009-01-23 09:12 . 2009-01-23 09:12 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Avira
2009-01-23 09:12 . 2009-01-23 09:12 <DIR> d-------- c:\arquivos de programas\Avira2009-01-23 09:05 . 2009-01-23 09:05 268 --ah----- C:\sqmdata14.sqm
2009-01-23 09:05 . 2009-01-23 09:05 244 --ah----- C:\sqmnoopt14.sqm
2009-01-18 09:10 . 2009-01-23 09:12 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Avira(2)
2009-01-16 09:58 . 2009-01-16 09:58 268 --ah----- C:\sqmdata13.sqm
2009-01-16 09:58 . 2009-01-16 09:58 244 --ah----- C:\sqmnoopt13.sqm
2009-01-14 08:16 . 2009-01-14 08:16 268 --ah----- C:\sqmdata12.sqm
2009-01-14 08:16 . 2009-01-14 08:16 244 --ah----- C:\sqmnoopt12.sqm
2009-01-13 22:26 . 2009-01-13 22:26 268 --ah----- C:\sqmdata11.sqm
2009-01-13 22:26 . 2009-01-13 22:26 244 --ah----- C:\sqmnoopt11.sqm
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 23:54 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2009-02-12 23:54 --------- d-----w c:\arquivos de programas\GbPlugin
2009-01-23 11:20 --------- d-----w c:\arquivos de programas\Yahoo!
2009-01-23 11:13 --------- d-----w c:\arquivos de programas\Google
2009-01-10 10:53 --------- d-----w c:\arquivos de programas\Arquivos comuns\Windows Live
2008-12-21 22:20 --------- d-----w c:\arquivos de programas\Método de Guitarra - Volumen I DEMO
2008-12-21 21:13 --------- d-----w c:\arquivos de programas\LenMus3.6
2008-12-18 22:00 --------- d--h--r c:\documents and settings\All Users\Dados de aplicativos\yahoo!
2008-12-18 21:59 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Yahoo!
2008-12-18 12:44 --------- d-----w c:\arquivos de programas\CCleaner
2008-12-16 23:49 --------- d--h--w c:\arquivos de programas\InstallShield Installation Information
2008-12-16 23:49 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\BVRP Software
2008-12-16 23:42 24,192 ----a-w c:\documents and settings\Administrador\usbsermptxp.sys
2008-12-16 23:42 22,768 ----a-w c:\documents and settings\Administrador\usbsermpt.sys
2006-07-31 00:20 959 --sha-r c:\windows\system32\autorun.bin
2006-03-20 17:01 729,088 --sha-r c:\windows\system32\AutoRun.exe
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Octoshape Streaming Services"="c:\documents and settings\Administrador\Configurações locais\Dados de aplicativos\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2008-05-22 156944]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"MsnMsgr"="c:\arquivos de programas\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]
c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
Assistente Wireless Intelbras WBG901.lnk - c:\documents and settings\Administrador\Configura‡äes locais\Dados de aplicativos\Microsoft\Messenger\antoniol399@hotmail.com\Sharing Folders\Installer\WINXP\WBG901.exe [2008-11-26 671744]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2008-09-01 14:47 384840 c:\arquiv~1\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__GbPluginBb]
2008-09-01 14:47 384840 c:\arquivos de programas\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKLM\~\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^UOL Voip.lnk]
path=c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\UOL Voip.lnk
backup=c:\windows\pss\UOL Voip.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicio rápido de HP Image Zone.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Inicio rápido de HP Image Zone.lnk
backup=c:\windows\pss\Inicio rápido de HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABAEnglish MiniCourse]
--a------ 2008-08-01 09:24 785920 c:\abaenglishminicourse\abaenglishminicourse.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 02:38 34672 c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 00:20 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 02:41 49152 c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lingoes]
--a------ 2008-08-10 05:15 2064384 c:\arquivos de programas\Lingoes\Translator2\Lingoes.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-01-19 13:54 5674352 c:\arquivos de programas\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RMC]
--a------ 2005-03-28 18:55 24576 c:\windows\system32\drivers\RMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
--a------ 2005-01-14 11:00 339968 c:\windows\vsnpstd3.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-11-20 10:35 136600 c:\arquivos de programas\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-25 22:28 68856 c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
--a------ 2008-07-11 15:06 223984 c:\arquivos de programas\Yahoo!\Search Protection\SearchProtection.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-04-12 02:10 65536 c:\windows\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Atalho para a Página de Propriedades do High Definition Audio]
--------- 2005-01-07 18:07 61952 c:\windows\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2008-04-14 00:21 110592 c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2005-04-13 00:21 14156800 c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Arquivos de programas\\UOL\\UIM\\uim.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\MSN Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-23 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-23 20560]
R2 MTC0001_RMC;Remove Control Device;c:\windows\system32\drivers\RMC.sys [2005-04-22 13912]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [2007-05-05 28672]
UnknownUnknown GbpSv;GbpSv; [x]
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-02-12 c:\windows\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job
.
Notify-AtiExtEvent - (no file)
.
------- Scan Suplementar -------
.
uStart Page = hxxp://br.yahoo.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://br.yahoo.com
mSearch Bar = hxxp://farejador.ig.com.br/ie/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Windows Live Search - c:\arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: {156086F0-6C6A-4D0A-8E6B-A8013B76EB5B} = 192.168.0.1
DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab
DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - hxxp://www.terra.com.br/ads/campanhas/vxp/install.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-12 21:56:07
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GbpSv]
"ImagePath"="c:\arquiv~1\GbPlugin\GbpSv.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\arquiv~1\GBPLUGIN\gbieh.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
c:\arquivos de programas\Alwil Software\Avast4\ashServ.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\slserv.exe
c:\arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Tempo para conclusão: 2009-02-12 22:00:21 - Máquina reiniciou [Administrador]
ComboFix-quarantined-files.txt 2009-02-13 00:00:13
Pré-execução: 14 pasta(s) 44.487.987.200 bytes disponíveis
Pós execução: 14 pasta(s) 44,425,527,296 bytes disponíveis
WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
249 --- E O F --- 2009-02-11 11:11:53
Logfile of Trend Micro HijackThis v2.0.2 ATUALIZADO
Scan saved at 22:06:58, on 12/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Arquivos de programas\internet explorer\iexplore.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Global Startup: Assistente Wireless Intelbras WBG901.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O16 - DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - http://www.terra.com.br/ads/campanhas/vxp/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify: __GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8635 bytes
Estou esperando resposta...
Desculpe a demora mas não havia marcado seu tópico.
Retomando a análise:
Baixe o bankerfix.exe.
desative o seu antivírus temporariamente, para não haver conflitos e para uma melhor detecção.
Clique duas vezes sobre bankerfix.exe, dê o Enter e espere ele terminar. Ao terminar, leia a mensagem na tela e aperte Enter novamente.
Habilite o seu antivírus. e gere um novo log do hijackthis, e poste juntamente com o relatório .txt do Bankerfix.
Aguardo o Retorno
BankerFix 3.0 VALKYRIE - Banker Trojan Remover
Linha Defensiva | http://www.linhadefensiva.org
http://www.linhadefensiva.org/bankerfix/
-------------------------------------------------------
Date: 2009-03-23 - 19:52
-------------------------------------------------------
Version: 2009-01-21-2 | CORE: 2009-01-21-1
=======================================================
----- End -------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:55:47, on 23/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\NitroPC\NitroPC.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Messenger\antoniol399@hotmail.com\Sharing Folders\Installer\WINXP\WBG901.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Global Startup: Assistente Wireless Intelbras WBG901.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O16 - DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - http://www.terra.com.br/ads/campanhas/vxp/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify: __GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 9546 bytes
1ºPasso
Vá em Iniciar > Executar e digite (ou copie e cole): ComboFix /u
Dê o OK. Aguarde, pois isso irá desinstalar o ComboFix.
Apague as pastas C:\ComboFix e C:\Qoobox, caso existam.
2ºPasso:
Baixe o ComboFix em:
**1)** Desabilite o seu **anti-vírus** temporariamente;
**2)** Dê um **duplo-clique** no **combofix.exe** e aguarde (**o processo total demora cerca de 10 minutos**);3) A janela de “NEGAÇÃO DE GARANTIA DO SOFTWARE” abrir-se-á. Leia atentamente o texto contido nesta janela e clique sobre “SIM” para continuar.
PS.: Caso não concorde com os termos clique sobre “NÃO” para sair do software, cabendo lembrar que o processo de desinfecção não será possível sem a continuidade do ComboFix.
4) Outra janela irá abrir, caso a sua máquina não possua o CONSOLE DE RECUPERAÇÃO DO WINDOWS. É recomendável executar a instalação do console ante de dar continuidade ao processo, pois tal ação proporcionará a garantia de que o sistema poderá ser recuperado em caso de problemas durante a varredura.
Clique sobre “SIM” e aguarde, pois o processo de instalação do console dar-se-á automaticamente através do próprio ComboFix. Ele poderá demorar alguns minutos (dependerá da velocidade de sua conexão), portanto seja paciente.
Quando a janela “INSTALANDO O CONSOLE DE RECUPERAÇÃO” aparecer clique em “OK”, depois clique sobre “SIM” para aceitar a licença EULA.
Ao término da instalação do console de recuperação abrir-se-á uma janela avisando que “O CONSOLE DE RECUPERAÇÃO FOI INSTALADA COM SUCESSO”.
Clique sobre “SIM” para continuar a varredura.
5) O ComboFix iniciará o AUTOSCAN (aguarde).
ATENÇÃO: Não clique na janela do ComboFix, nem termine o processo abruptamente enquanto a ferramenta estiver sendo executada, pois isto implicará na desconfiguração de seu desktop (ele ficará todo branco).
Ao término do processo a máquina será reiniciada para a emissão do relatório.
6) Ao reiniciar a máquina o ComboFix irá executar o FIND3M para a criação do relatório final da varredura. O log ficará alocado em C:\ComboFix.txt.
7) Reabilite o seu anti-vírus;
8) Preciso que você cole o conteúdo do ComboFix.txt e do novo log Hijackthis em sua próxima resposta.
OBS.1: Caso apareça uma mensagem avisando que ESTE NÃO É UM APLICATIVO WIN 32 VÁLIDO baixe o ComboFix novamente, mas salve-o em seu Desktop como KomboFix. Em último caso, tente utilizar o ComboFix em MODO SEGURO.
OBS.2: Caso haja um clique sobre a janela do ComboFix em execução, ela irá MAXIMIZAR, sobrepondo-se sobre as demais. Para minimizá-la novamente basta utilizar a combinação ALT + TAB.
Aguardo retorno
ComboFix 09-03-23.01 - Administrador 2009-03-25 20:09:18.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.383.152 [GMT -3:00]
Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090324-0] On-access scanning disabled (Updated)
* Criado um novo ponto de restauro
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_GBPSV
-------\Service_GbpSv
(((((((((((((((( Arquivos/Ficheiros criados de 2009-02-25 to 2009-03-25 ))))))))))))))))))))))))))))
.
2009-03-25 20:00 . 2009-03-25 20:00 4,444 --a------ c:\windows\system32\pid.PNF
2009-03-25 17:09 . 2006-01-12 08:46 252,928 -ra------ c:\windows\system32\drivers\rt73.sys
2009-03-24 20:41 . 2009-03-24 20:41 <DIR> d-------- c:\windows\system32\KB905474
2009-03-24 20:41 . 2009-03-10 22:26 1,434,496 --a------ c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-03-24 20:41 . 2009-03-10 22:18 454,536 --a------ c:\windows\system32\KB905474\wgasetup.exe
2009-03-24 20:41 . 2009-02-09 18:51 14,318 --a------ c:\windows\system32\KB905474\wga_eula.txt
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-25 23:16 --------- d---a-w c:\documents and settings\All Users\Dados de aplicativos\TEMP
2009-03-05 06:22 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2009-02-27 06:15 --------- d-----w c:\arquivos de programas\Microsoft Silverlight
2009-02-22 12:55 --------- d-----w c:\arquivos de programas\NitroPC
2009-02-14 22:52 --------- d-----w c:\arquivos de programas\Windows Live
2009-02-14 22:52 --------- d-----w c:\arquivos de programas\Microsoft
2009-02-14 22:45 --------- d-----w c:\arquivos de programas\Microsoft Sync Framework
2009-02-14 22:44 --------- d-----w c:\arquivos de programas\Microsoft SQL Server Compact Edition
2009-02-14 22:42 --------- d-----w c:\arquivos de programas\Windows Live SkyDrive
2009-02-14 10:07 --------- d-----w c:\arquivos de programas\Google
2009-02-12 23:54 --------- d-----w c:\arquivos de programas\GbPlugin
2009-02-06 21:34 308,616 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 20:08 55,152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-01-27 23:04 401,720 ----a-w C:\HiJackThis.exe
2009-01-27 21:59 --------- d-----w c:\arquivos de programas\Add Remove Pro
2008-12-16 23:42 24,192 ----a-w c:\documents and settings\Administrador\usbsermptxp.sys
2008-12-16 23:42 22,768 ----a-w c:\documents and settings\Administrador\usbsermpt.sys
2006-07-31 00:20 959 --sha-r c:\windows\system32\autorun.bin
2006-03-20 17:01 729,088 --sha-r c:\windows\system32\AutoRun.exe
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NitroPC"="c:\arquivos de programas\NitroPC\NitroPC.exe" [2008-04-08 3434000]
"MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2008-04-13 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2008-09-01 13:47 384840 c:\arquiv~1\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__GbPluginBb]
2008-09-01 13:47 384840 c:\arquivos de programas\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKLM\~\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^UOL Voip.lnk]
path=c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\UOL Voip.lnk
backup=c:\windows\pss\UOL Voip.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicio rápido de HP Image Zone.lnk]
backup=c:\windows\pss\Inicio rápido de HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABAEnglish MiniCourse]
--a------ 2008-08-01 08:24 785920 c:\abaenglishminicourse\abaenglishminicourse.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 23:20 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 01:41 49152 c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lingoes]
--a------ 2008-08-10 04:15 2064384 c:\arquivos de programas\Lingoes\Translator2\Lingoes.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RMC]
--a------ 2005-03-28 17:55 24576 c:\windows\system32\drivers\RMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
--a------ 2005-01-14 10:00 339968 c:\windows\vsnpstd3.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-11-20 09:35 136600 c:\arquivos de programas\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-25 21:28 68856 c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
--a------ 2008-07-11 14:06 223984 c:\arquivos de programas\Yahoo!\Search Protection\SearchProtection.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-04-12 01:10 65536 c:\windows\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Atalho para a Página de Propriedades do High Definition Audio]
--------- 2005-01-07 17:07 61952 c:\windows\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2008-04-13 23:21 110592 c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2005-04-12 23:21 14156800 c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Arquivos de programas\\UOL\\UIM\\uim.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R3 cpuz129;cpuz129; [x]
R3 fsssvc;Windows Live Protección Infantil;c:\arquivos de programas\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
S2 MTC0001_RMC;Remove Control Device;c:\windows\system32\drivers\RMC.sys [2005-04-22 13912]
S2 SeaPort;SeaPort;c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
--- ---
Deregistered - ALG
Deregistered - AntiVirScheduler
Deregistered - aswUpdSv
Deregistered - AudioSrv
Deregistered - audstub
Deregistered - avast! Antivirus
Deregistered - avast! Mail Scanner
Deregistered - avast! Web Scanner
Deregistered - avipbb
Deregistered - Beep
Deregistered - BITS
Deregistered - BthServ
Deregistered - Cdfs
Deregistered - Compbatt
Deregistered - CryptSvc
Deregistered - DcomLaunch
Deregistered - Dhcp
Deregistered - dmio
Deregistered - dmload
Deregistered - dmserver
Deregistered - Dnscache
Deregistered - ERSvc
Deregistered - EventSystem
Deregistered - FastUserSwitchingCompatibility
Deregistered - Fips
Deregistered - FltMgr
Deregistered - fssfltr
Deregistered - Ftdisk
Deregistered - Gpc
Deregistered - helpsvc
Deregistered - HidServ
Deregistered - HTTP
Deregistered - ImapiService
Deregistered - IpNat
Deregistered - IPSec
Deregistered - JavaQuickStarterService
Deregistered - KSecDD
Deregistered - LmHosts
Deregistered - mnmdd
Deregistered - Modem
Deregistered - MountMgr
Deregistered - MRxDAV
Deregistered - Msfs
Deregistered - mssmbios
Deregistered - Mup
Deregistered - NDIS
Deregistered - NdisTapi
Deregistered - Ndisuio
Deregistered - NdisWan
Deregistered - NDProxy
Deregistered - NetBT
Deregistered - Netman
Deregistered - Nla
Deregistered - Npfs
Deregistered - Ntfs
Deregistered - Null
Deregistered - PartMgr
Deregistered - Pml Driver HPZ12
Deregistered - PolicyAgent
Deregistered - PptpMiniport
Deregistered - ProtectedStorage
Deregistered - RasAcd
Deregistered - Rasl2tp
Deregistered - RasMan
Deregistered - RasPppoe
Deregistered - Raspti
Deregistered - RDPCDD
Deregistered - rdpdr
Deregistered - RecAgent
Deregistered - RemoteRegistry
Deregistered - RpcSs
Deregistered - SamSs
Deregistered - Schedule
Deregistered - SeaPort
Deregistered - seclogon
Deregistered - SENS
Deregistered - Serenum
Deregistered - SharedAccess
Deregistered - ShellHWDetection
Deregistered - SLService
Deregistered - SlWdmSup
Deregistered - Spooler
Deregistered - sr
Deregistered - srservice
Deregistered - SSDPSRV
Deregistered - ssmdrv
Deregistered - stisvc
Deregistered - swenum
Deregistered - TapiSrv
Deregistered - Tcpip
Deregistered - TermDD
Deregistered - TermService
Deregistered - Themes
Deregistered - TrkWks
Deregistered - Update
Deregistered - VcommMgr
Deregistered - VgaSave
Deregistered - VolSnap
Deregistered - W32Time
Deregistered - Wanarp
Deregistered - WebClient
Deregistered - winmgmt
Deregistered - WmiApSrv
Deregistered - wscsvc
Deregistered - wuauserv
Deregistered - WZCSVC
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-03-25 c:\windows\Tasks\WGASetup.job
.
HKU-Default-Run-MsnMsgr - c:\arquivos de programas\MSN Messenger\MsnMsgr.Exe
MSConfigStartUp-msnmsgr - c:\arquivos de programas\MSN Messenger\MsnMsgr.Exe
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://br.yahoo.com
mSearch Bar = hxxp://farejador.ig.com.br/ie/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: {156086F0-6C6A-4D0A-8E6B-A8013B76EB5B} = 192.168.0.1
DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab
DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - hxxp://www.terra.com.br/ads/campanhas/vxp/install.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-25 20:15:46
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\arquiv~1\GBPLUGIN\gbieh.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
c:\arquivos de programas\Alwil Software\Avast4\ashServ.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\slserv.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Tempo para conclusão: 2009-03-25 20:23:14 - Máquina reiniciou
ComboFix-quarantined-files.txt 2009-03-25 23:23:04
Pré-execução: 14 pasta(s) 46.031.839.232 bytes disponíveis
Pós execução: 14 pasta(s) 46,024,593,408 bytes disponíveis
326 --- E O F --- 2009-03-24 23:41:31
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:27:31, on 25/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\NitroPC\NitroPC.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe
C:\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O16 - DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - http://www.terra.com.br/ads/campanhas/vxp/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify: __GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 9040 bytes
CFScript
Copie,todo conteúdo citado abaixo e cole no Bloco de Notas.
Salve o arquivo na área de trabalho com o nome de: CFScript.txt
File::c:\windows\system32\AutoRun.exe
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
Arraste o CFScript.txt até o ícone do Combofix, conforme ilustração abaixo:
/applications/core/interface/imageproxy/imageproxy.php?img=http://virus-protect.org/artikel/bilder/cfscript.gif&key=9b762e2062a60b210b24ca6bb45677b226357ecae5fca060027ef09f35e03016" alt="cfscript.gif" />
Atenda à solicitação,que deverá surgir,para rodar o ComboFix
OBS: Arraste o CFScript até para o ícone até que apareça a janela(pequena) do combofix
Ao final poste o ComboFix.txt juntamente com o novo log do hijackthis
Obs.: Execute a ação com o seu pendrive conectado ao PC.
Aguardo retorno
ComboFix 09-03-23.01 - Administrador 2009-03-25 20:58:59.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.383.126 [GMT -3:00]
Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe
Comandos utilizados :: c:\documents and settings\Administrador\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090325-0] On-access scanning enabled (Updated)
* Criado um novo ponto de restauro
FILE ::
c:\windows\system32\AutoRun.exe
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\AutoRun.exe
.
(((((((((((((((( Arquivos/Ficheiros criados de 2009-02-25 to 2009-03-25 ))))))))))))))))))))))))))))
.
2009-03-25 20:56 . 2009-03-25 20:57 <DIR> d-------- C:\32788R22FWJFW
2009-03-25 20:00 . 2009-03-25 20:00 4,444 --a------ c:\windows\system32\pid.PNF
2009-03-25 17:09 . 2006-01-12 08:46 252,928 -ra------ c:\windows\system32\drivers\rt73.sys
2009-03-24 20:41 . 2009-03-24 20:41 <DIR> d-------- c:\windows\system32\KB905474
2009-03-24 20:41 . 2009-03-10 22:26 1,434,496 --a------ c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-03-24 20:41 . 2009-03-10 22:18 454,536 --a------ c:\windows\system32\KB905474\wgasetup.exe
2009-03-24 20:41 . 2009-02-09 18:51 14,318 --a------ c:\windows\system32\KB905474\wga_eula.txt
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-25 23:16 --------- d---a-w c:\documents and settings\All Users\Dados de aplicativos\TEMP
2009-03-05 06:22 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2009-02-27 06:15 --------- d-----w c:\arquivos de programas\Microsoft Silverlight
2009-02-22 12:55 --------- d-----w c:\arquivos de programas\NitroPC
2009-02-14 22:52 --------- d-----w c:\arquivos de programas\Windows Live
2009-02-14 22:52 --------- d-----w c:\arquivos de programas\Microsoft
2009-02-14 22:45 --------- d-----w c:\arquivos de programas\Microsoft Sync Framework
2009-02-14 22:44 --------- d-----w c:\arquivos de programas\Microsoft SQL Server Compact Edition
2009-02-14 22:42 --------- d-----w c:\arquivos de programas\Windows Live SkyDrive
2009-02-14 10:07 --------- d-----w c:\arquivos de programas\Google
2009-02-12 23:54 --------- d-----w c:\arquivos de programas\GbPlugin
2009-02-09 14:06 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:06 1,846,912 ------w c:\windows\system32\DllCache\win32k.sys
2009-02-06 21:34 308,616 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 20:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 20:08 55,152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-01-27 23:04 401,720 ----a-w C:\HiJackThis.exe
2009-01-27 21:59 --------- d-----w c:\arquivos de programas\Add Remove Pro
2009-01-16 23:16 3,594,752 ------w c:\windows\system32\DllCache\mshtml.dll
2008-12-16 23:42 24,192 ----a-w c:\documents and settings\Administrador\usbsermptxp.sys
2008-12-16 23:42 22,768 ----a-w c:\documents and settings\Administrador\usbsermpt.sys
2006-07-31 00:20 959 --sha-r c:\windows\system32\autorun.bin
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NitroPC"="c:\arquivos de programas\NitroPC\NitroPC.exe" [2008-04-08 3434000]
"MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2008-04-13 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2008-09-01 13:47 384840 c:\arquiv~1\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__GbPluginBb]
2008-09-01 13:47 384840 c:\arquivos de programas\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKLM\~\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^UOL Voip.lnk]
path=c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\UOL Voip.lnk
backup=c:\windows\pss\UOL Voip.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicio rápido de HP Image Zone.lnk]
backup=c:\windows\pss\Inicio rápido de HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABAEnglish MiniCourse]
--a------ 2008-08-01 08:24 785920 c:\abaenglishminicourse\abaenglishminicourse.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 23:20 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 01:41 49152 c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lingoes]
--a------ 2008-08-10 04:15 2064384 c:\arquivos de programas\Lingoes\Translator2\Lingoes.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RMC]
--a------ 2005-03-28 17:55 24576 c:\windows\system32\drivers\RMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
--a------ 2005-01-14 10:00 339968 c:\windows\vsnpstd3.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-11-20 09:35 136600 c:\arquivos de programas\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-25 21:28 68856 c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
--a------ 2008-07-11 14:06 223984 c:\arquivos de programas\Yahoo!\Search Protection\SearchProtection.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-04-12 01:10 65536 c:\windows\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Atalho para a Página de Propriedades do High Definition Audio]
--------- 2005-01-07 17:07 61952 c:\windows\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2008-04-13 23:21 110592 c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2005-04-12 23:21 14156800 c:\windows\RTHDCPL.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Arquivos de programas\\UOL\\UIM\\uim.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-23 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-23 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-02-14 55152]
R2 MTC0001_RMC;Remove Control Device;c:\windows\system32\drivers\RMC.sys [2005-04-22 13912]
R2 SeaPort;SeaPort;c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [2005-01-05 226768]
S3 cpuz129;cpuz129;\??\c:\docume~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys --> c:\docume~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys [?]
S3 fsssvc;Windows Live Protección Infantil;c:\arquivos de programas\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [2007-05-05 28672]
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-03-25 c:\windows\Tasks\WGASetup.job
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://br.yahoo.com
mSearch Bar = hxxp://farejador.ig.com.br/ie/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: {156086F0-6C6A-4D0A-8E6B-A8013B76EB5B} = 192.168.0.1
DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab
DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - hxxp://www.terra.com.br/ads/campanhas/vxp/install.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-25 21:01:14
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\arquiv~1\GBPLUGIN\gbieh.dll
.
Tempo para conclusão: 2009-03-25 21:04:00
ComboFix-quarantined-files.txt 2009-03-26 00:03:32
ComboFix2.txt 2009-03-25 23:23:17
Pré-execução: 15 pasta(s) 45.938.282.496 bytes disponíveis
Pós execução: 15 pasta(s) 45,930,008,576 bytes disponíveis
203 --- E O F --- 2009-03-24 23:41:31
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:08:13, on 25/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\NitroPC\NitroPC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O16 - DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - http://www.terra.com.br/ads/campanhas/vxp/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify: __GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 9344 bytes
CFScript
Copie,todo conteúdo citado abaixo e cole no Bloco de Notas.
Salve o arquivo na área de trabalho com o nome de: CFScript.txt
File::C?\\WINDOWS\\system32\\FM20ENU.DLL
Registry::
[-HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Arraste o CFScript.txt até o ícone do Combofix, conforme ilustração abaixo:
/applications/core/interface/imageproxy/imageproxy.php?img=http://virus-protect.org/artikel/bilder/cfscript.gif&key=9b762e2062a60b210b24ca6bb45677b226357ecae5fca060027ef09f35e03016" alt="cfscript.gif" />
Atenda à solicitação,que deverá surgir,para rodar o ComboFix
OBS: Arraste o CFScript até para o ícone até que apareça a janela(pequena) do combofix
Ao final poste o ComboFix.txt juntamente com o novo log do hijackthis
Obs.: Execute a ação com o seu pendrive conectado
2ºPasso
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll"
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
Aguardo o retorno
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:59:13, on 25/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\NitroPC\NitroPC.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\KB905474\wgasetup.exe
C:\WINDOWS\system32\KB905474\wgasetup.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O16 - DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - http://www.terra.com.br/ads/campanhas/vxp/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify: __GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 8975 bytes
ComboFix 09-03-23.01 - Administrador 2009-03-25 21:35:38.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.383.136 [GMT -3:00]
Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe
Comandos utilizados :: c:\documents and settings\Administrador\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090325-0] On-access scanning disabled (Updated)
* Criado um novo ponto de restauro
.
(((((((((((((((( Arquivos/Ficheiros criados de 2009-02-26 to 2009-03-26 ))))))))))))))))))))))))))))
.
2009-03-25 20:00 . 2009-03-25 20:00 4,444 --a------ c:\windows\system32\pid.PNF
2009-03-25 17:09 . 2006-01-12 08:46 252,928 -ra------ c:\windows\system32\drivers\rt73.sys
2009-03-24 20:41 . 2009-03-24 20:41 <DIR> d-------- c:\windows\system32\KB905474
2009-03-24 20:41 . 2009-03-10 22:26 1,434,496 --a------ c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-03-24 20:41 . 2009-03-10 22:18 454,536 --a------ c:\windows\system32\KB905474\wgasetup.exe
2009-03-24 20:41 . 2009-02-09 18:51 14,318 --a------ c:\windows\system32\KB905474\wga_eula.txt
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-25 23:16 --------- d---a-w c:\documents and settings\All Users\Dados de aplicativos\TEMP
2009-03-05 06:22 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2009-02-27 06:15 --------- d-----w c:\arquivos de programas\Microsoft Silverlight
2009-02-22 12:55 --------- d-----w c:\arquivos de programas\NitroPC
2009-02-14 22:52 --------- d-----w c:\arquivos de programas\Windows Live
2009-02-14 22:52 --------- d-----w c:\arquivos de programas\Microsoft
2009-02-14 22:45 --------- d-----w c:\arquivos de programas\Microsoft Sync Framework
2009-02-14 22:44 --------- d-----w c:\arquivos de programas\Microsoft SQL Server Compact Edition
2009-02-14 22:42 --------- d-----w c:\arquivos de programas\Windows Live SkyDrive
2009-02-14 10:07 --------- d-----w c:\arquivos de programas\Google
2009-02-12 23:54 --------- d-----w c:\arquivos de programas\GbPlugin
2009-02-09 14:06 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:06 1,846,912 ------w c:\windows\system32\DllCache\win32k.sys
2009-02-06 21:34 308,616 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 20:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 20:08 55,152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-01-27 23:04 401,720 ----a-w C:\HiJackThis.exe
2009-01-27 21:59 --------- d-----w c:\arquivos de programas\Add Remove Pro
2009-01-16 23:16 3,594,752 ------w c:\windows\system32\DllCache\mshtml.dll
2008-12-16 23:42 24,192 ----a-w c:\documents and settings\Administrador\usbsermptxp.sys
2008-12-16 23:42 22,768 ----a-w c:\documents and settings\Administrador\usbsermpt.sys
2006-07-31 00:20 959 --sha-r c:\windows\system32\autorun.bin
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NitroPC"="c:\arquivos de programas\NitroPC\NitroPC.exe" [2008-04-08 3434000]
"MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2008-04-13 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2008-09-01 13:47 384840 c:\arquiv~1\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__GbPluginBb]
2008-09-01 13:47 384840 c:\arquivos de programas\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKLM\~\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^UOL Voip.lnk]
path=c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\UOL Voip.lnk
backup=c:\windows\pss\UOL Voip.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicio rápido de HP Image Zone.lnk]
backup=c:\windows\pss\Inicio rápido de HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABAEnglish MiniCourse]
--a------ 2008-08-01 08:24 785920 c:\abaenglishminicourse\abaenglishminicourse.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 23:20 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 01:41 49152 c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lingoes]
--a------ 2008-08-10 04:15 2064384 c:\arquivos de programas\Lingoes\Translator2\Lingoes.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RMC]
--a------ 2005-03-28 17:55 24576 c:\windows\system32\drivers\RMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
--a------ 2005-01-14 10:00 339968 c:\windows\vsnpstd3.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-11-20 09:35 136600 c:\arquivos de programas\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-25 21:28 68856 c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
--a------ 2008-07-11 14:06 223984 c:\arquivos de programas\Yahoo!\Search Protection\SearchProtection.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-04-12 01:10 65536 c:\windows\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Atalho para a Página de Propriedades do High Definition Audio]
--------- 2005-01-07 17:07 61952 c:\windows\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2008-04-13 23:21 110592 c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2005-04-12 23:21 14156800 c:\windows\RTHDCPL.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Arquivos de programas\\UOL\\UIM\\uim.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-23 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-23 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-02-14 55152]
R2 MTC0001_RMC;Remove Control Device;c:\windows\system32\drivers\RMC.sys [2005-04-22 13912]
R2 SeaPort;SeaPort;c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [2005-01-05 226768]
S3 cpuz129;cpuz129;\??\c:\docume~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys --> c:\docume~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys [?]
S3 fsssvc;Windows Live Protección Infantil;c:\arquivos de programas\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [2007-05-05 28672]
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-03-25 c:\windows\Tasks\WGASetup.job
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://br.yahoo.com
mSearch Bar = hxxp://farejador.ig.com.br/ie/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: {156086F0-6C6A-4D0A-8E6B-A8013B76EB5B} = 192.168.0.1
DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab
DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - hxxp://www.terra.com.br/ads/campanhas/vxp/install.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-25 21:37:50
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\arquiv~1\GBPLUGIN\gbieh.dll
.
Tempo para conclusão: 2009-03-25 21:40:52
ComboFix-quarantined-files.txt 2009-03-26 00:40:29
Pré-execução: 14 pasta(s) 45.911.732.224 bytes disponíveis
Pós execução: 14 pasta(s) 45,901,963,264 bytes disponíveis
195 --- E O F --- 2009-03-24 23:41:31
1. Baixe o Kaspersky Virus Removal Tool.
2. O arquivo possui aproximadamente 32 Mb, mas o resultado compensará o trabalho.
3. Reinicie a máquina em Modo Seguro.
4. Execute a ferramenta dando duplo-clique sobre o arquivo baixado.
5. Abrir-se-á a seguinte janela:
/applications/core/interface/imageproxy/imageproxy.php?img=http://www.softpedia.com/screenshots/Kaspersky-Virus-Removal-Tool_1.png&key=f6d568ce4d80c9d3646adebaff2a335ebc3856caefe3c3a2f8040c9e7c2092a6" alt="Kaspersky-Virus-Removal-Tool_1.png" />
6. Marque os diretórios que deseja varrer (é melhor marcar todos).
7. Clique em Scan e aguarde o término do processo.
8. Terminada a varredura, retorne com o resultado.
Aguardo retorno
ComboFix 09-03-27.02 - Administrador 2009-03-28 19:57:50.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.383.106 [GMT -3:00]
Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090328-0] On-access scanning disabled (Updated)
* Criado um novo ponto de restauro
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_GBPSV
-------\Service_GbpSv
-------\Service_PCIDump
(((((((((((((((( Arquivos/Ficheiros criados de 2009-02-28 to 2009-03-28 ))))))))))))))))))))))))))))
.
2009-03-28 18:38 . 2009-03-28 18:38 <DIR> d-------- c:\documents and settings\TEMP\Configurações locais
2009-03-28 18:38 . 2009-03-28 18:38 <DIR> d---s---- c:\documents and settings\TEMP
2009-03-25 22:06 . 2009-03-28 18:38 <DIR> d-------- C:\RECYCLER(2)
2009-03-25 21:53 . 2009-03-25 21:53 <DIR> d-------- C:\backups
.((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-28 23:03 --------- d---a-w c:\documents and settings\All Users\Dados de aplicativos\TEMP
2009-03-05 06:22 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2009-02-27 06:15 --------- d-----w c:\arquivos de programas\Microsoft Silverlight
2009-02-22 12:55 --------- d-----w c:\arquivos de programas\NitroPC
2009-02-14 22:52 --------- d-----w c:\arquivos de programas\Windows Live
2009-02-14 22:52 --------- d-----w c:\arquivos de programas\Microsoft
2009-02-14 22:45 --------- d-----w c:\arquivos de programas\Microsoft Sync Framework
2009-02-14 22:44 --------- d-----w c:\arquivos de programas\Microsoft SQL Server Compact Edition
2009-02-14 22:42 --------- d-----w c:\arquivos de programas\Windows Live SkyDrive
2009-02-14 10:07 --------- d-----w c:\arquivos de programas\Google
2009-02-12 23:54 --------- d-----w c:\arquivos de programas\GbPlugin
2009-02-06 21:34 308,616 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 20:08 55,152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-01-27 23:04 401,720 ----a-w C:\HiJackThis.exe
2008-12-16 23:42 24,192 ----a-w c:\documents and settings\Administrador\usbsermptxp.sys
2008-12-16 23:42 22,768 ----a-w c:\documents and settings\Administrador\usbsermpt.sys
2006-07-31 00:20 959 --sha-r c:\windows\system32\autorun.bin
2006-03-20 17:01 729,088 --sha-r c:\windows\system32\AutoRun.exe
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NitroPC"="c:\arquivos de programas\NitroPC\NitroPC.exe" [2008-04-08 3434000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]
c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
Assistente Wireless Intelbras WBG901.lnk - c:\documents and settings\Administrador\Configura‡äes locais\Dados de aplicativos\Microsoft\Messenger\antoniol399@hotmail.com\Sharing Folders\Installer\WINXP\WBG901.exe [2008-11-26 671744]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2008-09-01 13:47 384840 c:\arquiv~1\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__GbPluginBb]
2008-09-01 13:47 384840 c:\arquivos de programas\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKLM\~\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^UOL Voip.lnk]
path=c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\UOL Voip.lnk
backup=c:\windows\pss\UOL Voip.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicio rápido de HP Image Zone.lnk]
backup=c:\windows\pss\Inicio rápido de HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABAEnglish MiniCourse]
--a------ 2008-08-01 08:24 785920 c:\abaenglishminicourse\abaenglishminicourse.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 23:20 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 01:41 49152 c:\arquivos de programas\HP\HP Software Update\hpwuSchd2.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lingoes]
--a------ 2008-08-10 04:15 2064384 c:\arquivos de programas\Lingoes\Translator2\Lingoes.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RMC]
--a------ 2005-03-28 17:55 24576 c:\windows\system32\drivers\RMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
--a------ 2005-01-14 10:00 339968 c:\windows\vsnpstd3.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-11-20 09:35 136600 c:\arquivos de programas\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-25 21:28 68856 c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
--a------ 2008-07-11 14:06 223984 c:\arquivos de programas\Yahoo!\Search Protection\SearchProtection.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-04-12 01:10 65536 c:\windows\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Atalho para a Página de Propriedades do High Definition Audio]
--------- 2005-01-07 17:07 61952 c:\windows\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2008-04-13 23:21 110592 c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2005-04-12 23:21 14156800 c:\windows\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Arquivos de programas\\UOL\\UIM\\uim.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-23 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-23 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-02-14 55152]
R2 MTC0001_RMC;Remove Control Device;c:\windows\system32\drivers\RMC.sys [2005-04-22 13912]
R2 SeaPort;SeaPort;c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [2005-01-05 226768]
S3 cpuz129;cpuz129;\??\c:\docume~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys --> c:\docume~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys [?]
S3 fsssvc;Windows Live Protección Infantil;c:\arquivos de programas\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [2007-05-05 28672]
UnknownUnknown GbpSv;GbpSv; [x]
--- ---
NewlyCreated - GBPSV
.
HKU-Default-Run-MsnMsgr - c:\arquivos de programas\MSN Messenger\MsnMsgr.Exe
MSConfigStartUp-msnmsgr - c:\arquivos de programas\MSN Messenger\MsnMsgr.Exe
.
------- Scan Suplementar -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://br.yahoo.com
mSearch Bar = hxxp://farejador.ig.com.br/ie/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: {156086F0-6C6A-4D0A-8E6B-A8013B76EB5B} = 192.168.0.1
DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab
DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - hxxp://www.terra.com.br/ads/campanhas/vxp/install.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-28 20:03:36
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GbpSv]
"ImagePath"="c:\arquiv~1\GbPlugin\GbpSv.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\arquiv~1\GBPLUGIN\gbieh.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\WgaTray.exe
c:\arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
c:\arquivos de programas\Alwil Software\Avast4\ashServ.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\slserv.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Tempo para conclusão: 2009-03-28 20:07:45 - Máquina reiniciou
ComboFix-quarantined-files.txt 2009-03-28 23:07:41
ComboFix2.txt 2009-03-26 00:40:53
Pré-execução: 16 pasta(s) 45.656.428.544 bytes disponíveis
Pós execução: 15 pasta(s) 45,607,415,808 bytes disponíveis
220 --- E O F --- 2009-03-21 13:33:36
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:40:17, on 29/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\NitroPC\NitroPC.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Messenger\antoniol399@hotmail.com\Sharing Folders\Installer\WINXP\WBG901.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe
C:\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NitroPC] "C:\Arquivos de programas\NitroPC\NitroPC.exe" -minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Global Startup: Assistente Wireless Intelbras WBG901.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O16 - DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - http://www.terra.com.br/ads/campanhas/vxp/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify: __GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 9582 bytes
Scan
----
Scanned: 365665
Detected: 0
Untreated: 0
Start time: 28/03/2009 20:25:24
Duration: 04:02:47
Finish time: 29/03/2009 0:28:11
Detected
--------
Status Object
------ ------
Events
------
Time Name Status Reason
---- ---- ------ ------
28/03/2009 20:25:34 Running module: smss.exe\smss.exe ok scanned
28/03/2009 20:25:35 File: C:\WINDOWS\System32\smss.exe ok scanned
28/03/2009 20:25:35 Running module: smss.exe\ntdll.dll ok scanned
28/03/2009 20:25:35 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:25:35 Running module: csrss.exe\csrss.exe ok scanned
28/03/2009 20:25:35 File: C:\WINDOWS\system32\csrss.exe ok scanned
28/03/2009 20:25:35 Running module: csrss.exe\ntdll.dll ok scanned
28/03/2009 20:25:35 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:25:35 Running module: csrss.exe\CSRSRV.dll ok scanned
28/03/2009 20:25:35 File: C:\WINDOWS\system32\CSRSRV.dll ok scanned
28/03/2009 20:25:35 Running module: csrss.exe\basesrv.dll ok scanned
28/03/2009 20:25:35 File: C:\WINDOWS\system32\basesrv.dll ok scanned
28/03/2009 20:25:35 Running module: csrss.exe\winsrv.dll ok scanned
28/03/2009 20:25:36 File: C:\WINDOWS\system32\winsrv.dll ok scanned
28/03/2009 20:25:36 Running module: csrss.exe\GDI32.dll ok scanned
28/03/2009 20:25:36 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:25:36 Running module: csrss.exe\KERNEL32.dll ok scanned
28/03/2009 20:25:36 File: C:\WINDOWS\system32\KERNEL32.dll ok scanned
28/03/2009 20:25:36 Running module: csrss.exe\USER32.dll ok scanned
28/03/2009 20:25:37 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:25:37 Running module: csrss.exe\sxs.dll ok scanned
28/03/2009 20:25:38 File: C:\WINDOWS\system32\sxs.dll ok scanned
28/03/2009 20:25:38 Running module: csrss.exe\ADVAPI32.dll ok scanned
28/03/2009 20:25:38 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:25:38 Running module: csrss.exe\RPCRT4.dll ok scanned
28/03/2009 20:25:39 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:25:39 Running module: csrss.exe\Secur32.dll ok scanned
28/03/2009 20:25:39 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:25:39 Running module: csrss.exe\Apphelp.dll ok scanned
28/03/2009 20:25:39 File: C:\WINDOWS\system32\Apphelp.dll ok scanned
28/03/2009 20:25:39 Running module: csrss.exe\VERSION.dll ok scanned
28/03/2009 20:25:39 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:25:39 Running module: winlogon.exe\winlogon.exe ok scanned
28/03/2009 20:25:42 File: C:\WINDOWS\system32\winlogon.exe ok scanned
28/03/2009 20:25:42 Running module: winlogon.exe\ntdll.dll ok scanned
28/03/2009 20:25:42 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:25:42 Running module: winlogon.exe\kernel32.dll ok scanned
28/03/2009 20:25:42 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:25:42 Running module: winlogon.exe\ADVAPI32.dll ok scanned
28/03/2009 20:25:42 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:25:42 Running module: winlogon.exe\RPCRT4.dll ok scanned
28/03/2009 20:25:42 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:25:42 Running module: winlogon.exe\Secur32.dll ok scanned
28/03/2009 20:25:42 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:25:42 Running module: winlogon.exe\AUTHZ.dll ok scanned
28/03/2009 20:25:43 File: C:\WINDOWS\system32\AUTHZ.dll ok scanned
28/03/2009 20:25:43 Running module: winlogon.exe\msvcrt.dll ok scanned
28/03/2009 20:25:43 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:25:43 Running module: winlogon.exe\CRYPT32.dll ok scanned
28/03/2009 20:25:44 File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
28/03/2009 20:25:44 Running module: winlogon.exe\MSASN1.dll ok scanned
28/03/2009 20:25:44 File: C:\WINDOWS\system32\MSASN1.dll ok scanned
28/03/2009 20:25:44 Running module: winlogon.exe\USER32.dll ok scanned
28/03/2009 20:25:44 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:25:44 Running module: winlogon.exe\GDI32.dll ok scanned
28/03/2009 20:25:44 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:25:44 Running module: winlogon.exe\NDdeApi.dll ok scanned
28/03/2009 20:25:44 File: C:\WINDOWS\system32\NDdeApi.dll ok scanned
28/03/2009 20:25:44 Running module: winlogon.exe\PROFMAP.dll ok scanned
28/03/2009 20:25:44 File: C:\WINDOWS\system32\PROFMAP.dll ok scanned
28/03/2009 20:25:44 Running module: winlogon.exe\NETAPI32.dll ok scanned
28/03/2009 20:25:45 File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
28/03/2009 20:25:45 Running module: winlogon.exe\USERENV.dll ok scanned
28/03/2009 20:25:45 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:25:45 Running module: winlogon.exe\PSAPI.DLL ok scanned
28/03/2009 20:25:45 File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
28/03/2009 20:25:45 Running module: winlogon.exe\REGAPI.dll ok scanned
28/03/2009 20:25:45 File: C:\WINDOWS\system32\REGAPI.dll ok scanned
28/03/2009 20:25:45 Running module: winlogon.exe\SETUPAPI.dll ok scanned
28/03/2009 20:25:46 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:25:46 Running module: winlogon.exe\VERSION.dll ok scanned
28/03/2009 20:25:46 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:25:46 Running module: winlogon.exe\WINSTA.dll ok scanned
28/03/2009 20:25:46 File: C:\WINDOWS\system32\WINSTA.dll ok scanned
28/03/2009 20:25:46 Running module: winlogon.exe\WINTRUST.dll ok scanned
28/03/2009 20:25:47 File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
28/03/2009 20:25:47 Running module: winlogon.exe\IMAGEHLP.dll ok scanned
28/03/2009 20:25:47 File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
28/03/2009 20:25:47 Running module: winlogon.exe\WS2_32.dll ok scanned
28/03/2009 20:25:47 File: C:\WINDOWS\system32\WS2_32.dll ok scanned
28/03/2009 20:25:47 Running module: winlogon.exe\WS2HELP.dll ok scanned
28/03/2009 20:25:47 File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
28/03/2009 20:25:47 Running module: winlogon.exe\IMM32.DLL ok scanned
28/03/2009 20:25:48 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:25:48 Running module: winlogon.exe\MSGINA.dll ok scanned
28/03/2009 20:25:49 File: C:\WINDOWS\system32\MSGINA.dll ok scanned
28/03/2009 20:25:49 Running module: winlogon.exe\COMCTL32.dll ok scanned
28/03/2009 20:25:50 File: C:\WINDOWS\system32\COMCTL32.dll ok scanned
28/03/2009 20:25:50 Running module: winlogon.exe\ODBC32.dll ok scanned
28/03/2009 20:25:50 File: C:\WINDOWS\system32\ODBC32.dll ok scanned
28/03/2009 20:25:50 Running module: winlogon.exe\comdlg32.dll ok scanned
28/03/2009 20:25:51 File: C:\WINDOWS\system32\comdlg32.dll ok scanned
28/03/2009 20:25:51 Running module: winlogon.exe\SHELL32.dll ok scanned
28/03/2009 20:26:02 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:26:02 Running module: winlogon.exe\SHLWAPI.dll ok scanned
28/03/2009 20:26:02 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:26:02 Running module: winlogon.exe\comctl32.dll ok scanned
28/03/2009 20:26:03 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:26:03 Running module: winlogon.exe\odbcint.dll ok scanned
28/03/2009 20:26:03 File: C:\WINDOWS\system32\odbcint.dll ok scanned
28/03/2009 20:26:03 Running module: winlogon.exe\SHSVCS.dll ok scanned
28/03/2009 20:26:04 File: C:\WINDOWS\system32\SHSVCS.dll ok scanned
28/03/2009 20:26:04 Running module: winlogon.exe\sfc.dll ok scanned
28/03/2009 20:26:04 File: C:\WINDOWS\system32\sfc.dll ok scanned
28/03/2009 20:26:04 Running module: winlogon.exe\sfc_os.dll ok scanned
28/03/2009 20:26:04 File: C:\WINDOWS\system32\sfc_os.dll ok scanned
28/03/2009 20:26:04 Running module: winlogon.exe\ole32.dll ok scanned
28/03/2009 20:26:05 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:26:05 Running module: winlogon.exe\Apphelp.dll ok scanned
28/03/2009 20:26:05 File: C:\WINDOWS\system32\Apphelp.dll ok scanned
28/03/2009 20:26:05 Running module: winlogon.exe\msctfime.ime ok scanned
28/03/2009 20:26:05 File: C:\WINDOWS\system32\msctfime.ime ok scanned
28/03/2009 20:26:05 Running module: winlogon.exe\WINMM.dll ok scanned
28/03/2009 20:26:05 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:26:05 Running module: winlogon.exe\gbieh.dll ok scanned
28/03/2009 20:26:06 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll packed file ASPack
28/03/2009 20:26:07 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll//ASPack ok scanned
28/03/2009 20:26:07 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll ok scanned
28/03/2009 20:26:07 Running module: winlogon.exe\oleaut32.dll ok scanned
28/03/2009 20:26:07 File: C:\WINDOWS\system32\oleaut32.dll ok scanned
28/03/2009 20:26:07 Running module: winlogon.exe\rsaenh.dll ok scanned
28/03/2009 20:26:07 File: C:\WINDOWS\system32\rsaenh.dll ok scanned
28/03/2009 20:26:07 Running module: winlogon.exe\cscdll.dll ok scanned
28/03/2009 20:26:07 File: C:\WINDOWS\system32\cscdll.dll ok scanned
28/03/2009 20:26:07 Running module: winlogon.exe\dimsntfy.dll ok scanned
28/03/2009 20:26:07 File: C:\WINDOWS\System32\dimsntfy.dll ok scanned
28/03/2009 20:26:07 Running module: winlogon.exe\WlNotify.dll ok scanned
28/03/2009 20:26:08 File: C:\WINDOWS\system32\WlNotify.dll ok scanned
28/03/2009 20:26:08 Running module: winlogon.exe\MPR.dll ok scanned
28/03/2009 20:26:08 File: C:\WINDOWS\system32\MPR.dll ok scanned
28/03/2009 20:26:08 Running module: winlogon.exe\WinSCard.dll ok scanned
28/03/2009 20:26:08 File: C:\WINDOWS\system32\WinSCard.dll ok scanned
28/03/2009 20:26:08 Running module: winlogon.exe\WTSAPI32.dll ok scanned
28/03/2009 20:26:08 File: C:\WINDOWS\system32\WTSAPI32.dll ok scanned
28/03/2009 20:26:08 Running module: winlogon.exe\WINSPOOL.DRV ok scanned
28/03/2009 20:26:08 File: C:\WINDOWS\system32\WINSPOOL.DRV ok scanned
28/03/2009 20:26:08 Running module: winlogon.exe\WgaLogon.dll ok scanned
28/03/2009 20:26:09 File: C:\WINDOWS\system32\WgaLogon.dll ok scanned
28/03/2009 20:26:09 Running module: winlogon.exe\NTMARTA.DLL ok scanned
28/03/2009 20:26:09 File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
28/03/2009 20:26:09 Running module: winlogon.exe\SAMLIB.dll ok scanned
28/03/2009 20:26:09 File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
28/03/2009 20:26:09 Running module: winlogon.exe\WLDAP32.dll ok scanned
28/03/2009 20:26:10 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:26:10 Running module: winlogon.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:26:10 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:26:10 Running module: winlogon.exe\COMRes.dll ok scanned
28/03/2009 20:26:11 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:26:11 Running module: winlogon.exe\msxml3.dll ok scanned
28/03/2009 20:26:12 File: C:\WINDOWS\system32\msxml3.dll ok scanned
28/03/2009 20:26:12 Running module: winlogon.exe\UxTheme.dll ok scanned
28/03/2009 20:26:12 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:26:12 Running module: winlogon.exe\MSIMG32.DLL ok scanned
28/03/2009 20:26:12 File: C:\WINDOWS\system32\MSIMG32.DLL ok scanned
28/03/2009 20:26:12 Running module: winlogon.exe\cscui.dll ok scanned
28/03/2009 20:26:13 File: C:\WINDOWS\system32\cscui.dll ok scanned
28/03/2009 20:26:13 Running module: winlogon.exe\LINKINFO.dll ok scanned
28/03/2009 20:26:13 File: C:\WINDOWS\system32\LINKINFO.dll ok scanned
28/03/2009 20:26:13 Running module: winlogon.exe\ntshrui.dll ok scanned
28/03/2009 20:26:14 File: C:\WINDOWS\system32\ntshrui.dll ok scanned
28/03/2009 20:26:14 Running module: winlogon.exe\ATL.DLL ok scanned
28/03/2009 20:26:14 File: C:\WINDOWS\system32\ATL.DLL ok scanned
28/03/2009 20:26:14 Running module: winlogon.exe\ieframe.dll ok scanned
28/03/2009 20:26:20 File: C:\WINDOWS\system32\ieframe.dll ok scanned
28/03/2009 20:26:20 Running module: winlogon.exe\iertutil.dll ok scanned
28/03/2009 20:26:21 File: C:\WINDOWS\system32\iertutil.dll ok scanned
28/03/2009 20:26:21 Running module: winlogon.exe\xpsp2res.dll ok scanned
28/03/2009 20:26:28 File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
28/03/2009 20:26:28 Running module: services.exe\services.exe ok scanned
28/03/2009 20:26:29 File: C:\WINDOWS\system32\services.exe ok scanned
28/03/2009 20:26:29 Running module: services.exe\ntdll.dll ok scanned
28/03/2009 20:26:29 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:26:29 Running module: services.exe\kernel32.dll ok scanned
28/03/2009 20:26:30 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:26:30 Running module: services.exe\ADVAPI32.dll ok scanned
28/03/2009 20:26:30 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:26:30 Running module: services.exe\RPCRT4.dll ok scanned
28/03/2009 20:26:30 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:26:30 Running module: services.exe\Secur32.dll ok scanned
28/03/2009 20:26:30 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:26:30 Running module: services.exe\msvcrt.dll ok scanned
28/03/2009 20:26:30 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:26:30 Running module: services.exe\NCObjAPI.DLL ok scanned
28/03/2009 20:26:30 File: C:\WINDOWS\system32\NCObjAPI.DLL ok scanned
28/03/2009 20:26:30 Running module: services.exe\MSVCP60.dll ok scanned
28/03/2009 20:26:30 File: C:\WINDOWS\system32\MSVCP60.dll ok scanned
28/03/2009 20:26:30 Running module: services.exe\SCESRV.dll ok scanned
28/03/2009 20:26:31 File: C:\WINDOWS\system32\SCESRV.dll ok scanned
28/03/2009 20:26:31 Running module: services.exe\AUTHZ.dll ok scanned
28/03/2009 20:26:31 File: C:\WINDOWS\system32\AUTHZ.dll ok scanned
28/03/2009 20:26:31 Running module: services.exe\USER32.dll ok scanned
28/03/2009 20:26:31 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:26:31 Running module: services.exe\GDI32.dll ok scanned
28/03/2009 20:26:31 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:26:31 Running module: services.exe\USERENV.dll ok scanned
28/03/2009 20:26:31 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:26:31 Running module: services.exe\umpnpmgr.dll ok scanned
28/03/2009 20:26:32 File: C:\WINDOWS\system32\umpnpmgr.dll ok scanned
28/03/2009 20:26:32 Running module: services.exe\WINSTA.dll ok scanned
28/03/2009 20:26:32 File: C:\WINDOWS\system32\WINSTA.dll ok scanned
28/03/2009 20:26:32 Running module: services.exe\NETAPI32.dll ok scanned
28/03/2009 20:26:32 File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
28/03/2009 20:26:32 Running module: services.exe\ShimEng.dll ok scanned
28/03/2009 20:26:32 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:26:32 Running module: services.exe\AcAdProc.dll ok scanned
28/03/2009 20:26:32 File: C:\WINDOWS\AppPatch\AcAdProc.dll ok scanned
28/03/2009 20:26:32 Running module: services.exe\IMM32.DLL ok scanned
28/03/2009 20:26:32 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:26:32 Running module: services.exe\Apphelp.dll ok scanned
28/03/2009 20:26:32 File: C:\WINDOWS\system32\Apphelp.dll ok scanned
28/03/2009 20:26:32 Running module: services.exe\VERSION.dll ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:26:33 Running module: services.exe\eventlog.dll ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\eventlog.dll ok scanned
28/03/2009 20:26:33 Running module: services.exe\PSAPI.DLL ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
28/03/2009 20:26:33 Running module: services.exe\WS2_32.dll ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\WS2_32.dll ok scanned
28/03/2009 20:26:33 Running module: services.exe\WS2HELP.dll ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
28/03/2009 20:26:33 Running module: services.exe\wtsapi32.dll ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\wtsapi32.dll ok scanned
28/03/2009 20:26:33 Running module: lsass.exe\lsass.exe ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\lsass.exe ok scanned
28/03/2009 20:26:33 Running module: lsass.exe\ntdll.dll ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:26:33 Running module: lsass.exe\kernel32.dll ok scanned
28/03/2009 20:26:33 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:26:33 Running module: lsass.exe\ADVAPI32.dll ok scanned
28/03/2009 20:26:34 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:26:34 Running module: lsass.exe\RPCRT4.dll ok scanned
28/03/2009 20:26:34 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:26:34 Running module: lsass.exe\Secur32.dll ok scanned
28/03/2009 20:26:34 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:26:34 Running module: lsass.exe\LSASRV.dll ok scanned
28/03/2009 20:26:34 File: C:\WINDOWS\system32\LSASRV.dll ok scanned
28/03/2009 20:26:34 Running module: lsass.exe\MPR.dll ok scanned
28/03/2009 20:26:34 File: C:\WINDOWS\system32\MPR.dll ok scanned
28/03/2009 20:26:34 Running module: lsass.exe\USER32.dll ok scanned
28/03/2009 20:26:34 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:26:34 Running module: lsass.exe\GDI32.dll ok scanned
28/03/2009 20:26:34 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:26:34 Running module: lsass.exe\MSASN1.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\MSASN1.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\msvcrt.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\NETAPI32.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\NTDSAPI.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\NTDSAPI.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\DNSAPI.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\DNSAPI.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\WS2_32.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\WS2_32.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\WS2HELP.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\WLDAP32.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\SAMLIB.dll ok scanned
28/03/2009 20:26:35 File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
28/03/2009 20:26:35 Running module: lsass.exe\SAMSRV.dll ok scanned
28/03/2009 20:26:36 File: C:\WINDOWS\system32\SAMSRV.dll ok scanned
28/03/2009 20:26:36 Running module: lsass.exe\cryptdll.dll ok scanned
28/03/2009 20:26:36 File: C:\WINDOWS\system32\cryptdll.dll ok scanned
28/03/2009 20:26:36 Running module: lsass.exe\ShimEng.dll ok scanned
28/03/2009 20:26:36 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:26:36 Running module: lsass.exe\AcGenral.DLL ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\WINMM.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\ole32.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\OLEAUT32.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\MSACM32.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\VERSION.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\SHELL32.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\SHLWAPI.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\USERENV.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\UxTheme.dll ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\IMM32.DLL ok scanned
28/03/2009 20:26:38 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:26:38 Running module: lsass.exe\comctl32.dll ok scanned
28/03/2009 20:26:39 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:26:39 Running module: lsass.exe\comctl32.dll ok scanned
28/03/2009 20:26:39 File: C:\WINDOWS\system32\comctl32.dll ok scanned
28/03/2009 20:26:39 Running module: lsass.exe\msprivs.dll ok scanned
28/03/2009 20:26:39 File: C:\WINDOWS\system32\msprivs.dll ok scanned
28/03/2009 20:26:39 Running module: lsass.exe\kerberos.dll ok scanned
28/03/2009 20:26:39 File: C:\WINDOWS\system32\kerberos.dll ok scanned
28/03/2009 20:26:39 Running module: lsass.exe\msv1_0.dll ok scanned
28/03/2009 20:26:39 File: C:\WINDOWS\system32\msv1_0.dll ok scanned
28/03/2009 20:26:39 Running module: lsass.exe\iphlpapi.dll ok scanned
28/03/2009 20:26:40 File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
28/03/2009 20:26:40 Running module: lsass.exe\netlogon.dll ok scanned
28/03/2009 20:26:40 File: C:\WINDOWS\system32\netlogon.dll ok scanned
28/03/2009 20:26:40 Running module: lsass.exe\w32time.dll ok scanned
28/03/2009 20:26:41 File: C:\WINDOWS\system32\w32time.dll ok scanned
28/03/2009 20:26:41 Running module: lsass.exe\MSVCP60.dll ok scanned
28/03/2009 20:26:41 File: C:\WINDOWS\system32\MSVCP60.dll ok scanned
28/03/2009 20:26:41 Running module: lsass.exe\schannel.dll ok scanned
28/03/2009 20:26:41 File: C:\WINDOWS\system32\schannel.dll ok scanned
28/03/2009 20:26:41 Running module: lsass.exe\CRYPT32.dll ok scanned
28/03/2009 20:26:41 File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
28/03/2009 20:26:41 Running module: lsass.exe\wdigest.dll ok scanned
28/03/2009 20:26:41 File: C:\WINDOWS\system32\wdigest.dll ok scanned
28/03/2009 20:26:41 Running module: lsass.exe\rsaenh.dll ok scanned
28/03/2009 20:26:42 File: C:\WINDOWS\system32\rsaenh.dll ok scanned
28/03/2009 20:26:42 Running module: lsass.exe\scecli.dll ok scanned
28/03/2009 20:26:42 File: C:\WINDOWS\system32\scecli.dll ok scanned
28/03/2009 20:26:42 Running module: lsass.exe\SETUPAPI.dll ok scanned
28/03/2009 20:26:42 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:26:42 Running module: svchost.exe\svchost.exe ok scanned
28/03/2009 20:26:42 File: C:\WINDOWS\system32\svchost.exe ok scanned
28/03/2009 20:26:42 Running module: svchost.exe\ntdll.dll ok scanned
28/03/2009 20:26:42 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:26:42 Running module: svchost.exe\kernel32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\ADVAPI32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\RPCRT4.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\Secur32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\ShimEng.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\AcGenral.DLL ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\USER32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\GDI32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\WINMM.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\ole32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\msvcrt.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\OLEAUT32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\MSACM32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\VERSION.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\SHELL32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\SHLWAPI.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\USERENV.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\UxTheme.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\IMM32.DLL ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\comctl32.dll ok scanned
28/03/2009 20:26:43 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:26:43 Running module: svchost.exe\comctl32.dll ok scanned
28/03/2009 20:26:44 File: C:\WINDOWS\system32\comctl32.dll ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\NTMARTA.DLL ok scanned
28/03/2009 20:26:44 File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\SAMLIB.dll ok scanned
28/03/2009 20:26:44 File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\WLDAP32.dll ok scanned
28/03/2009 20:26:44 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\rpcss.dll ok scanned
28/03/2009 20:26:44 File: c:\windows\system32\rpcss.dll ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\WS2_32.dll ok scanned
28/03/2009 20:26:44 File: c:\windows\system32\WS2_32.dll ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\WS2HELP.dll ok scanned
28/03/2009 20:26:44 File: c:\windows\system32\WS2HELP.dll ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\xpsp2res.dll ok scanned
28/03/2009 20:26:44 File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:26:44 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\COMRes.dll ok scanned
28/03/2009 20:26:44 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:26:44 Running module: svchost.exe\Apphelp.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\Apphelp.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\svchost.exe ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\svchost.exe ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\ntdll.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\kernel32.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\ADVAPI32.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\RPCRT4.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\Secur32.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\ShimEng.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\AcGenral.DLL ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\USER32.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\GDI32.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\WINMM.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\ole32.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\msvcrt.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\OLEAUT32.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\MSACM32.dll ok scanned
28/03/2009 20:26:45 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:26:45 Running module: svchost.exe\VERSION.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\SHELL32.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\SHLWAPI.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\USERENV.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\UxTheme.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\IMM32.DLL ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\comctl32.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\comctl32.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\comctl32.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\rpcss.dll ok scanned
28/03/2009 20:26:46 File: c:\windows\system32\rpcss.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\WS2_32.dll ok scanned
28/03/2009 20:26:46 File: c:\windows\system32\WS2_32.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\WS2HELP.dll ok scanned
28/03/2009 20:26:46 File: c:\windows\system32\WS2HELP.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\xpsp2res.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\rsaenh.dll ok scanned
28/03/2009 20:26:46 File: C:\WINDOWS\system32\rsaenh.dll ok scanned
28/03/2009 20:26:46 Running module: svchost.exe\mswsock.dll ok scanned
28/03/2009 20:26:47 File: C:\WINDOWS\system32\mswsock.dll ok scanned
28/03/2009 20:26:47 Running module: svchost.exe\hnetcfg.dll ok scanned
28/03/2009 20:26:47 File: C:\WINDOWS\system32\hnetcfg.dll ok scanned
28/03/2009 20:26:47 Running module: svchost.exe\wshtcpip.dll ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\System32\wshtcpip.dll ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\DNSAPI.dll ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\system32\DNSAPI.dll ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\iphlpapi.dll ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\winrnr.dll ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\System32\winrnr.dll ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\WLDAP32.dll ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\wshbth.dll ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\system32\wshbth.dll ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\SETUPAPI.dll ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\rasadhlp.dll ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\system32\rasadhlp.dll ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:26:48 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:26:48 Running module: svchost.exe\COMRes.dll ok scanned
28/03/2009 20:26:49 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:26:49 Running module: svchost.exe\msi.dll ok scanned
28/03/2009 20:26:54 File: C:\WINDOWS\system32\msi.dll ok scanned
28/03/2009 20:26:54 Running module: svchost.exe\svchost.exe ok scanned
28/03/2009 20:26:54 File: C:\WINDOWS\system32\svchost.exe ok scanned
28/03/2009 20:26:54 Running module: svchost.exe\ntdll.dll ok scanned
28/03/2009 20:26:54 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:26:54 Running module: svchost.exe\kernel32.dll ok scanned
28/03/2009 20:26:54 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:26:54 Running module: svchost.exe\ADVAPI32.dll ok scanned
28/03/2009 20:26:54 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:26:54 Running module: svchost.exe\RPCRT4.dll ok scanned
28/03/2009 20:26:54 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:26:54 Running module: svchost.exe\Secur32.dll ok scanned
28/03/2009 20:26:54 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:26:54 Running module: svchost.exe\ShimEng.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\AcGenral.DLL ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\USER32.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\GDI32.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\WINMM.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\ole32.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\msvcrt.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\OLEAUT32.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\MSACM32.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\VERSION.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\SHELL32.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\SHLWAPI.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\USERENV.dll ok scanned
28/03/2009 20:26:55 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:26:55 Running module: svchost.exe\UxTheme.dll ok scanned
28/03/2009 20:26:56 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\IMM32.DLL ok scanned
28/03/2009 20:26:56 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\comctl32.dll ok scanned
28/03/2009 20:26:56 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\comctl32.dll ok scanned
28/03/2009 20:26:56 File: C:\WINDOWS\system32\comctl32.dll ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\NTMARTA.DLL ok scanned
28/03/2009 20:26:56 File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\SAMLIB.dll ok scanned
28/03/2009 20:26:56 File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\WLDAP32.dll ok scanned
28/03/2009 20:26:56 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\xpsp2res.dll ok scanned
28/03/2009 20:26:56 File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\cryptsvc.dll ok scanned
28/03/2009 20:26:56 File: c:\windows\system32\cryptsvc.dll ok scanned
28/03/2009 20:26:56 Running module: svchost.exe\certcli.dll ok scanned
28/03/2009 20:26:57 File: c:\windows\system32\certcli.dll ok scanned
28/03/2009 20:26:57 Running module: svchost.exe\ATL.DLL ok scanned
28/03/2009 20:26:57 File: c:\windows\system32\ATL.DLL ok scanned
28/03/2009 20:26:57 Running module: svchost.exe\CRYPT32.dll ok scanned
28/03/2009 20:26:57 File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
28/03/2009 20:26:57 Running module: svchost.exe\MSASN1.dll ok scanned
28/03/2009 20:26:57 File: C:\WINDOWS\system32\MSASN1.dll ok scanned
28/03/2009 20:26:57 Running module: svchost.exe\CRYPTUI.dll ok scanned
28/03/2009 20:26:58 File: C:\WINDOWS\system32\CRYPTUI.dll ok scanned
28/03/2009 20:26:58 Running module: svchost.exe\NETAPI32.dll ok scanned
28/03/2009 20:26:58 File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
28/03/2009 20:26:58 Running module: svchost.exe\WININET.dll ok scanned
28/03/2009 20:26:59 File: C:\WINDOWS\system32\WININET.dll packed file PE_Patch
28/03/2009 20:27:01 File: C:\WINDOWS\system32\WININET.dll//PE_Patch ok scanned
28/03/2009 20:27:01 File: C:\WINDOWS\system32\WININET.dll ok scanned
28/03/2009 20:27:01 Running module: svchost.exe\Normaliz.dll ok scanned
28/03/2009 20:27:02 File: C:\WINDOWS\system32\Normaliz.dll ok scanned
28/03/2009 20:27:02 Running module: svchost.exe\iertutil.dll ok scanned
28/03/2009 20:27:02 File: C:\WINDOWS\system32\iertutil.dll ok scanned
28/03/2009 20:27:02 Running module: svchost.exe\WINTRUST.dll ok scanned
28/03/2009 20:27:02 File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
28/03/2009 20:27:02 Running module: svchost.exe\IMAGEHLP.dll ok scanned
28/03/2009 20:27:02 File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
28/03/2009 20:27:02 Running module: svchost.exe\ESENT.dll ok scanned
28/03/2009 20:27:02 File: c:\windows\system32\ESENT.dll ok scanned
28/03/2009 20:27:02 Running module: svchost.exe\wmisvc.dll ok scanned
28/03/2009 20:27:02 File: c:\windows\system32\wbem\wmisvc.dll ok scanned
28/03/2009 20:27:02 Running module: svchost.exe\VSSAPI.DLL ok scanned
28/03/2009 20:27:03 File: C:\WINDOWS\system32\VSSAPI.DLL ok scanned
28/03/2009 20:27:03 Running module: svchost.exe\srsvc.dll ok scanned
28/03/2009 20:27:03 File: c:\windows\system32\srsvc.dll ok scanned
28/03/2009 20:27:03 Running module: svchost.exe\POWRPROF.dll ok scanned
28/03/2009 20:27:03 File: c:\windows\system32\POWRPROF.dll ok scanned
28/03/2009 20:27:03 Running module: svchost.exe\pchsvc.dll ok scanned
28/03/2009 20:27:03 File: c:\windows\pchealth\helpctr\binaries\pchsvc.dll ok scanned
28/03/2009 20:27:03 Running module: svchost.exe\WINSTA.dll ok scanned
28/03/2009 20:27:03 File: C:\WINDOWS\system32\WINSTA.dll ok scanned
28/03/2009 20:27:03 Running module: svchost.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:27:03 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:27:03 Running module: svchost.exe\COMRes.dll ok scanned
28/03/2009 20:27:03 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:27:03 Running module: svchost.exe\dmserver.dll ok scanned
28/03/2009 20:27:03 File: c:\windows\system32\dmserver.dll ok scanned
28/03/2009 20:27:03 Running module: svchost.exe\SETUPAPI.dll ok scanned
28/03/2009 20:27:04 File: c:\windows\system32\SETUPAPI.dll ok scanned
28/03/2009 20:27:04 Running module: svchost.exe\wbemcore.dll ok scanned
28/03/2009 20:27:04 File: C:\WINDOWS\System32\Wbem\wbemcore.dll ok scanned
28/03/2009 20:27:04 Running module: svchost.exe\MSVCP60.dll ok scanned
28/03/2009 20:27:04 File: C:\WINDOWS\system32\MSVCP60.dll ok scanned
28/03/2009 20:27:04 Running module: svchost.exe\esscli.dll ok scanned
28/03/2009 20:27:05 File: C:\WINDOWS\System32\Wbem\esscli.dll ok scanned
28/03/2009 20:27:05 Running module: svchost.exe\wbemcomn.dll ok scanned
28/03/2009 20:27:05 File: C:\WINDOWS\System32\Wbem\wbemcomn.dll ok scanned
28/03/2009 20:27:05 Running module: svchost.exe\FastProx.dll ok scanned
28/03/2009 20:27:06 File: C:\WINDOWS\System32\Wbem\FastProx.dll ok scanned
28/03/2009 20:27:06 Running module: svchost.exe\NTDSAPI.dll ok scanned
28/03/2009 20:27:06 File: C:\WINDOWS\system32\NTDSAPI.dll ok scanned
28/03/2009 20:27:06 Running module: svchost.exe\DNSAPI.dll ok scanned
28/03/2009 20:27:06 File: C:\WINDOWS\system32\DNSAPI.dll ok scanned
28/03/2009 20:27:06 Running module: svchost.exe\WS2_32.dll ok scanned
28/03/2009 20:27:06 File: C:\WINDOWS\system32\WS2_32.dll ok scanned
28/03/2009 20:27:06 Running module: svchost.exe\WS2HELP.dll ok scanned
28/03/2009 20:27:06 File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
28/03/2009 20:27:06 Running module: svchost.exe\wmiutils.dll ok scanned
28/03/2009 20:27:07 File: C:\WINDOWS\system32\wbem\wmiutils.dll ok scanned
28/03/2009 20:27:07 Running module: svchost.exe\repdrvfs.dll ok scanned
28/03/2009 20:27:07 File: C:\WINDOWS\system32\wbem\repdrvfs.dll ok scanned
28/03/2009 20:27:07 Running module: svchost.exe\wmiprvsd.dll ok scanned
28/03/2009 20:27:07 File: C:\WINDOWS\system32\wbem\wmiprvsd.dll ok scanned
28/03/2009 20:27:07 Running module: svchost.exe\NCObjAPI.DLL ok scanned
28/03/2009 20:27:08 File: C:\WINDOWS\system32\NCObjAPI.DLL ok scanned
28/03/2009 20:27:08 Running module: svchost.exe\wbemess.dll ok scanned
28/03/2009 20:27:08 File: C:\WINDOWS\system32\wbem\wbemess.dll ok scanned
28/03/2009 20:27:08 Running module: svchost.exe\rsaenh.dll ok scanned
28/03/2009 20:27:08 File: C:\WINDOWS\system32\rsaenh.dll ok scanned
28/03/2009 20:27:08 Running module: svchost.exe\ncprov.dll ok scanned
28/03/2009 20:27:08 File: C:\WINDOWS\system32\wbem\ncprov.dll ok scanned
28/03/2009 20:27:08 Running module: WgaTray.exe\WgaTray.exe ok scanned
28/03/2009 20:27:12 File: C:\WINDOWS\system32\WgaTray.exe ok scanned
28/03/2009 20:27:12 Running module: WgaTray.exe\ntdll.dll ok scanned
28/03/2009 20:27:12 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:27:12 Running module: WgaTray.exe\kernel32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\ADVAPI32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\RPCRT4.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\Secur32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\GDI32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\USER32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\SHELL32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\msvcrt.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\SHLWAPI.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\ole32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\OLEAUT32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\CRYPT32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\MSASN1.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\MSASN1.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\VERSION.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\COMCTL32.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll ok scanned
28/03/2009 20:27:13 Running module: WgaTray.exe\WININET.dll ok scanned
28/03/2009 20:27:13 File: C:\WINDOWS\system32\WININET.dll packed file PE_Patch
28/03/2009 20:27:13 File: C:\WINDOWS\system32\WININET.dll//PE_Patch ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\WININET.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\Normaliz.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\Normaliz.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\iertutil.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\iertutil.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\SETUPAPI.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\IMM32.DLL ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\NTMARTA.DLL ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\SAMLIB.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\WLDAP32.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\COMRes.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\msxml3.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\msxml3.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\ws2_32.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\ws2_32.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\WS2HELP.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\rsaenh.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\rsaenh.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\xpsp2res.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\userenv.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\userenv.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\netapi32.dll ok scanned
28/03/2009 20:27:14 File: C:\WINDOWS\system32\netapi32.dll ok scanned
28/03/2009 20:27:14 Running module: WgaTray.exe\cryptnet.dll ok scanned
28/03/2009 20:27:15 File: C:\WINDOWS\system32\cryptnet.dll ok scanned
28/03/2009 20:27:15 Running module: WgaTray.exe\PSAPI.DLL ok scanned
28/03/2009 20:27:15 File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
28/03/2009 20:27:15 Running module: WgaTray.exe\SensApi.dll ok scanned
28/03/2009 20:27:15 File: C:\WINDOWS\system32\SensApi.dll ok scanned
28/03/2009 20:27:15 Running module: WgaTray.exe\WINHTTP.dll ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\WINHTTP.dll ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\SXS.DLL ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\SXS.DLL ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\wbemprox.dll ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\wbem\wbemprox.dll ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\wbemcomn.dll ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\wbem\wbemcomn.dll ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\wbemsvc.dll ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\wbem\wbemsvc.dll ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\fastprox.dll ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\wbem\fastprox.dll ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\MSVCP60.dll ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\MSVCP60.dll ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\NTDSAPI.dll ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\NTDSAPI.dll ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\DNSAPI.dll ok scanned
28/03/2009 20:27:16 File: C:\WINDOWS\system32\DNSAPI.dll ok scanned
28/03/2009 20:27:16 Running module: WgaTray.exe\msxml6.dll ok scanned
28/03/2009 20:27:17 File: C:\WINDOWS\system32\msxml6.dll ok scanned
28/03/2009 20:27:17 Running module: WgaTray.exe\msctfime.ime ok scanned
28/03/2009 20:27:17 File: C:\WINDOWS\system32\msctfime.ime ok scanned
28/03/2009 20:27:17 Running module: WgaTray.exe\UxTheme.dll ok scanned
28/03/2009 20:27:17 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:27:17 Running module: WgaTray.exe\MSIMG32.DLL ok scanned
28/03/2009 20:27:17 File: C:\WINDOWS\system32\MSIMG32.DLL ok scanned
28/03/2009 20:27:17 Running module: WgaTray.exe\MSCTF.dll ok scanned
28/03/2009 20:27:17 File: C:\WINDOWS\system32\MSCTF.dll ok scanned
28/03/2009 20:27:17 Running module: explorer.exe\Explorer.EXE ok scanned
28/03/2009 20:27:22 File: C:\WINDOWS\Explorer.EXE ok scanned
28/03/2009 20:27:22 Running module: explorer.exe\ntdll.dll ok scanned
28/03/2009 20:27:22 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:27:22 Running module: explorer.exe\kernel32.dll ok scanned
28/03/2009 20:27:22 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:27:22 Running module: explorer.exe\ADVAPI32.dll ok scanned
28/03/2009 20:27:22 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:27:22 Running module: explorer.exe\RPCRT4.dll ok scanned
28/03/2009 20:27:22 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:27:22 Running module: explorer.exe\Secur32.dll ok scanned
28/03/2009 20:27:22 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:27:22 Running module: explorer.exe\BROWSEUI.dll ok scanned
28/03/2009 20:27:23 File: C:\WINDOWS\system32\BROWSEUI.dll ok scanned
28/03/2009 20:27:23 Running module: explorer.exe\GDI32.dll ok scanned
28/03/2009 20:27:23 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:27:23 Running module: explorer.exe\USER32.dll ok scanned
28/03/2009 20:27:23 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:27:23 Running module: explorer.exe\msvcrt.dll ok scanned
28/03/2009 20:27:23 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:27:23 Running module: explorer.exe\ole32.dll ok scanned
28/03/2009 20:27:23 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:27:23 Running module: explorer.exe\SHLWAPI.dll ok scanned
28/03/2009 20:27:23 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:27:23 Running module: explorer.exe\OLEAUT32.dll ok scanned
28/03/2009 20:27:23 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:27:23 Running module: explorer.exe\SHDOCVW.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\SHDOCVW.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\CRYPT32.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\MSASN1.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\MSASN1.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\CRYPTUI.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\CRYPTUI.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\NETAPI32.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\VERSION.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\WININET.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\WININET.dll packed file PE_Patch
28/03/2009 20:27:25 File: C:\WINDOWS\system32\WININET.dll//PE_Patch ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\WININET.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\Normaliz.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\Normaliz.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\iertutil.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\iertutil.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\WINTRUST.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\IMAGEHLP.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\WLDAP32.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\SHELL32.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\UxTheme.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\ShimEng.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\AcGenral.DLL ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\WINMM.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\MSACM32.dll ok scanned
28/03/2009 20:27:25 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:27:25 Running module: explorer.exe\USERENV.dll ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\IMM32.DLL ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\comctl32.dll ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\comctl32.dll ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\system32\comctl32.dll ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\msctfime.ime ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\system32\msctfime.ime ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\appHelp.dll ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\system32\appHelp.dll ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\COMRes.dll ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\cscui.dll ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\System32\cscui.dll ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\CSCDLL.dll ok scanned
28/03/2009 20:27:26 File: C:\WINDOWS\System32\CSCDLL.dll ok scanned
28/03/2009 20:27:26 Running module: explorer.exe\themeui.dll ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\themeui.dll ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\MSIMG32.dll ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\MSIMG32.dll ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\xpsp2res.dll ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\msutb.dll ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\msutb.dll ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\MSCTF.dll ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\MSCTF.dll ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\LINKINFO.dll ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\LINKINFO.dll ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\ntshrui.dll ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\ntshrui.dll ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\ATL.DLL ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\ATL.DLL ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\SAMLIB.dll ok scanned
28/03/2009 20:27:27 File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
28/03/2009 20:27:27 Running module: explorer.exe\SETUPAPI.dll ok scanned
28/03/2009 20:27:28 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:27:28 Running module: explorer.exe\msi.dll ok scanned
28/03/2009 20:27:28 File: C:\WINDOWS\system32\msi.dll ok scanned
28/03/2009 20:27:28 Running module: explorer.exe\WINSTA.dll ok scanned
28/03/2009 20:27:28 File: C:\WINDOWS\system32\WINSTA.dll ok scanned
28/03/2009 20:27:28 Running module: explorer.exe\ieframe.dll ok scanned
28/03/2009 20:27:28 File: C:\WINDOWS\system32\ieframe.dll ok scanned
28/03/2009 20:27:28 Running module: explorer.exe\PSAPI.DLL ok scanned
28/03/2009 20:27:28 File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
28/03/2009 20:27:28 Running module: explorer.exe\NETSHELL.dll ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\NETSHELL.dll ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\credui.dll ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\credui.dll ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\dot3api.dll ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\dot3api.dll ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\rtutils.dll ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\rtutils.dll ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\dot3dlg.dll ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\dot3dlg.dll ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\OneX.DLL ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\OneX.DLL ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\WTSAPI32.dll ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\WTSAPI32.dll ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\eappcfg.dll ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\eappcfg.dll ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\MSVCP60.dll ok scanned
28/03/2009 20:27:30 File: C:\WINDOWS\system32\MSVCP60.dll ok scanned
28/03/2009 20:27:30 Running module: explorer.exe\eappprxy.dll ok scanned
28/03/2009 20:27:31 File: C:\WINDOWS\system32\eappprxy.dll ok scanned
28/03/2009 20:27:31 Running module: explorer.exe\iphlpapi.dll ok scanned
28/03/2009 20:27:31 File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
28/03/2009 20:27:31 Running module: explorer.exe\WS2_32.dll ok scanned
28/03/2009 20:27:31 File: C:\WINDOWS\system32\WS2_32.dll ok scanned
28/03/2009 20:27:31 Running module: explorer.exe\WS2HELP.dll ok scanned
28/03/2009 20:27:31 File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
28/03/2009 20:27:31 Running module: explorer.exe\urlmon.dll ok scanned
28/03/2009 20:27:31 File: C:\WINDOWS\system32\urlmon.dll ok scanned
28/03/2009 20:27:31 Running module: explorer.exe\MLANG.dll ok scanned
28/03/2009 20:27:32 File: C:\WINDOWS\system32\MLANG.dll ok scanned
28/03/2009 20:27:32 Running module: explorer.exe\PDFShell.dll ok scanned
28/03/2009 20:27:33 File: C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\PDFShell.dll ok scanned
28/03/2009 20:27:33 Running module: explorer.exe\MSVCR80.dll ok scanned
28/03/2009 20:27:34 File: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCR80.dll ok scanned
28/03/2009 20:27:34 Running module: explorer.exe\PDFShell.ESP ok scanned
28/03/2009 20:27:35 File: C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\PDFShell.ESP ok scanned
28/03/2009 20:27:35 Running module: explorer.exe\gbieh.dll ok scanned
28/03/2009 20:27:35 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll packed file ASPack
28/03/2009 20:27:35 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll//ASPack ok scanned
28/03/2009 20:27:35 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll ok scanned
28/03/2009 20:27:35 Running module: explorer.exe\MPR.dll ok scanned
28/03/2009 20:27:35 File: C:\WINDOWS\system32\MPR.dll ok scanned
28/03/2009 20:27:35 Running module: explorer.exe\drprov.dll ok scanned
28/03/2009 20:27:35 File: C:\WINDOWS\System32\drprov.dll ok scanned
28/03/2009 20:27:35 Running module: explorer.exe\davclnt.dll ok scanned
28/03/2009 20:27:35 File: C:\WINDOWS\System32\davclnt.dll ok scanned
28/03/2009 20:27:35 Running module: explorer.exe\rsaenh.dll ok scanned
28/03/2009 20:27:36 File: C:\WINDOWS\system32\rsaenh.dll ok scanned
28/03/2009 20:27:36 Running module: explorer.exe\cryptnet.dll ok scanned
28/03/2009 20:27:36 File: C:\WINDOWS\system32\cryptnet.dll ok scanned
28/03/2009 20:27:36 Running module: explorer.exe\SensApi.dll ok scanned
28/03/2009 20:27:36 File: C:\WINDOWS\system32\SensApi.dll ok scanned
28/03/2009 20:27:36 Running module: explorer.exe\WINHTTP.dll ok scanned
28/03/2009 20:27:36 File: C:\WINDOWS\system32\WINHTTP.dll ok scanned
28/03/2009 20:27:36 Running module: explorer.exe\browselc.dll ok scanned
28/03/2009 20:27:36 File: C:\WINDOWS\system32\browselc.dll archive EmbeddedHTML
28/03/2009 20:27:36 File: C:\WINDOWS\system32\browselc.dll//data0001.html ok scanned
28/03/2009 20:27:36 File: C:\WINDOWS\system32\browselc.dll//data0002.html ok scanned
28/03/2009 20:27:36 File: C:\WINDOWS\system32\browselc.dll//data0003.html ok scanned
28/03/2009 20:27:36 File: C:\WINDOWS\system32\browselc.dll ok scanned
28/03/2009 20:27:36 Running module: explorer.exe\shlext.dll ok scanned
28/03/2009 20:27:36 File: C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\shlext.dll ok scanned
28/03/2009 20:27:36 Running module: explorer.exe\MFC71U.DLL ok scanned
28/03/2009 20:27:37 File: C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL ok scanned
28/03/2009 20:27:37 Running module: explorer.exe\MSVCR71.dll ok scanned
28/03/2009 20:27:37 File: C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll ok scanned
28/03/2009 20:27:37 Running module: explorer.exe\ashShell.dll ok scanned
28/03/2009 20:27:37 File: C:\Arquivos de programas\Alwil Software\Avast4\ashShell.dll ok scanned
28/03/2009 20:27:37 Running module: explorer.exe\rarext.dll ok scanned
28/03/2009 20:27:37 File: C:\Arquivos de programas\WinRAR\rarext.dll ok scanned
28/03/2009 20:27:37 Running module: explorer.exe\mydocs.dll ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\mydocs.dll ok scanned
28/03/2009 20:27:38 Running module: ctfmon.exe\ctfmon.exe ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\ctfmon.exe ok scanned
28/03/2009 20:27:38 Running module: ctfmon.exe\ntdll.dll ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:27:38 Running module: ctfmon.exe\kernel32.dll ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:27:38 Running module: ctfmon.exe\msvcrt.dll ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:27:38 Running module: ctfmon.exe\ADVAPI32.dll ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:27:38 Running module: ctfmon.exe\RPCRT4.dll ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:27:38 Running module: ctfmon.exe\Secur32.dll ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:27:38 Running module: ctfmon.exe\USER32.dll ok scanned
28/03/2009 20:27:38 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\GDI32.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\MSCTF.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\MSCTF.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\MSUTB.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\MSUTB.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\ShimEng.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\AcGenral.DLL ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\WINMM.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\ole32.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\OLEAUT32.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\MSACM32.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\VERSION.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\SHELL32.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\SHLWAPI.dll ok scanned
28/03/2009 20:27:39 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:27:39 Running module: ctfmon.exe\USERENV.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:27:40 Running module: ctfmon.exe\UxTheme.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:27:40 Running module: ctfmon.exe\IMM32.DLL ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:27:40 Running module: ctfmon.exe\comctl32.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:27:40 Running module: ctfmon.exe\msctfime.ime ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\msctfime.ime ok scanned
28/03/2009 20:27:40 Running module: minst.exe\minst.exe ok scanned
28/03/2009 20:27:40 File: C:\Documents and Settings\Administrador\Desktop\Virus Removal Tool\is-5QTAA\minst.exe ok scanned
28/03/2009 20:27:40 Running module: minst.exe\ntdll.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\kernel32.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\SHELL32.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\ADVAPI32.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\RPCRT4.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\Secur32.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\GDI32.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\USER32.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\msvcrt.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\SHLWAPI.dll ok scanned
28/03/2009 20:27:40 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:27:40 Running module: minst.exe\MSVCP80.dll ok scanned
28/03/2009 20:27:41 File: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCP80.dll ok scanned
28/03/2009 20:27:41 Running module: minst.exe\MSVCR80.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\MSVCR80.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\IMM32.DLL ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:27:42 Running module: minst.exe\comctl32.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\comctl32.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\comctl32.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\ole32.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\MSCTF.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\MSCTF.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\netapi32.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\netapi32.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\appHelp.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\appHelp.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:27:42 Running module: minst.exe\COMRes.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\OLEAUT32.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\VERSION.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\iertutil.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\iertutil.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\LINKINFO.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\LINKINFO.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\ntshrui.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\ntshrui.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\ATL.DLL ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\ATL.DLL ok scanned
28/03/2009 20:27:42 Running module: minst.exe\USERENV.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\SETUPAPI.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:27:42 Running module: minst.exe\urlmon.dll ok scanned
28/03/2009 20:27:42 File: C:\WINDOWS\system32\urlmon.dll ok scanned
28/03/2009 20:27:42 Running module: rundll32.exe\rundll32.exe ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\rundll32.exe ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\ntdll.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\kernel32.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\msvcrt.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\GDI32.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\USER32.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\IMAGEHLP.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\ShimEng.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\AcGenral.DLL ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\ADVAPI32.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:27:43 Running module: rundll32.exe\RPCRT4.dll ok scanned
28/03/2009 20:27:43 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\Secur32.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\WINMM.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\ole32.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\OLEAUT32.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\MSACM32.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\VERSION.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\SHELL32.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\SHLWAPI.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\USERENV.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\UxTheme.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\IMM32.DLL ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\comctl32.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\comctl32.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\comctl32.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\setupapi.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\setupapi.dll ok scanned
28/03/2009 20:27:44 Running module: rundll32.exe\MSCTF.dll ok scanned
28/03/2009 20:27:44 File: C:\WINDOWS\system32\MSCTF.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\msctfime.ime ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\msctfime.ime ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\Cabinet.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\Cabinet.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\rsaenh.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\rsaenh.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\WINTRUST.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\CRYPT32.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\MSASN1.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\MSASN1.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\xpsp2res.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\netapi32.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\netapi32.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\cryptnet.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\cryptnet.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\PSAPI.DLL ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\SensApi.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\SensApi.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\WINHTTP.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\WINHTTP.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\WLDAP32.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\ws2_32.dll ok scanned
28/03/2009 20:27:45 File: C:\WINDOWS\system32\ws2_32.dll ok scanned
28/03/2009 20:27:45 Running module: rundll32.exe\WS2HELP.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\mswsock.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\mswsock.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\hnetcfg.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\hnetcfg.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\wshtcpip.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\System32\wshtcpip.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\RASAPI32.DLL ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\RASAPI32.DLL ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\rasman.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\rasman.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\TAPI32.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\TAPI32.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\rtutils.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\rtutils.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\DNSAPI.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\DNSAPI.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\iphlpapi.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\winrnr.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\System32\winrnr.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\wshbth.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\wshbth.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\rasadhlp.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\rasadhlp.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\DHCPCSVC.DLL ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\DHCPCSVC.DLL ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\appHelp.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\appHelp.dll ok scanned
28/03/2009 20:27:46 Running module: rundll32.exe\sfc_os.dll ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\sfc_os.dll ok scanned
28/03/2009 20:27:46 Running module: runonce.exe\runonce.exe ok scanned
28/03/2009 20:27:46 File: C:\WINDOWS\system32\runonce.exe ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\ntdll.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\kernel32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\msvcrt.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\ADVAPI32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\RPCRT4.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\Secur32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\GDI32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\USER32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\SHLWAPI.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\COMCTL32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\COMCTL32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\SHELL32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\ShimEng.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\AcGenral.DLL ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\WINMM.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\ole32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\OLEAUT32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\MSACM32.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:27:47 Running module: runonce.exe\VERSION.dll ok scanned
28/03/2009 20:27:47 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\USERENV.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\UxTheme.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\IMM32.DLL ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\comctl32.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\MSCTF.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\MSCTF.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\netapi32.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\netapi32.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\SETUPAPI.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\appHelp.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\appHelp.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\COMRes.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\LINKINFO.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\LINKINFO.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\ntshrui.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\ntshrui.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\ATL.DLL ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\ATL.DLL ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\urlmon.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\urlmon.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\iertutil.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\iertutil.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\ieframe.dll ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\ieframe.dll ok scanned
28/03/2009 20:27:48 Running module: runonce.exe\PSAPI.DLL ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
28/03/2009 20:27:48 Running module: rundll32.exe\RunDll32.exe ok scanned
28/03/2009 20:27:48 File: C:\WINDOWS\system32\RunDll32.exe ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\ntdll.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\kernel32.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\msvcrt.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\GDI32.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\USER32.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\IMAGEHLP.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\ShimEng.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\ShimEng.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\AcGenral.DLL ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\ADVAPI32.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\RPCRT4.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\Secur32.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\WINMM.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\ole32.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:27:49 Running module: rundll32.exe\OLEAUT32.dll ok scanned
28/03/2009 20:27:49 File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\MSACM32.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\MSACM32.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\VERSION.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\SHELL32.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\SHLWAPI.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\USERENV.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\UxTheme.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\IMM32.DLL ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\comctl32.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\comctl32.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\comctl32.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\MSCTF.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\MSCTF.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\COMRes.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\LINKINFO.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\LINKINFO.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\ntshrui.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\ntshrui.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\ATL.DLL ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\ATL.DLL ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\NETAPI32.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\msctfime.ime ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\msctfime.ime ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\SETUPAPI.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:27:50 Running module: rundll32.exe\psapi.dll ok scanned
28/03/2009 20:27:50 File: C:\WINDOWS\system32\psapi.dll ok scanned
28/03/2009 20:27:51 Running module: rundll32.exe\appHelp.dll ok scanned
28/03/2009 20:27:51 File: C:\WINDOWS\system32\appHelp.dll ok scanned
28/03/2009 20:27:51 Running module: rundll32.exe\ieframe.dll ok scanned
28/03/2009 20:27:51 File: C:\WINDOWS\system32\ieframe.dll ok scanned
28/03/2009 20:27:51 Running module: rundll32.exe\iertutil.dll ok scanned
28/03/2009 20:27:51 File: C:\WINDOWS\system32\iertutil.dll ok scanned
28/03/2009 20:27:51 File: c:\windows\system32\mmdrv.dll ok scanned
28/03/2009 20:27:51 File: c:\windows\system\timer.drv ok scanned
28/03/2009 20:27:52 File: c:\windows\system32\mshta.exe ok scanned
28/03/2009 20:27:52 File: c:\windows\system32\notepad.exe ok scanned
28/03/2009 20:27:52 File: c:\windows\regedit.exe ok scanned
28/03/2009 20:27:52 File: c:\windows\system32\accwiz.exe ok scanned
28/03/2009 20:27:53 File: c:\arquivos de programas\windows media player\wmplayer.exe ok scanned
28/03/2009 20:27:53 File: c:\arquivos de programas\alwil software\avast4\ashsimpl.exe ok scanned
28/03/2009 20:27:53 File: c:\windows\system32\rundll32.exe ok scanned
28/03/2009 20:27:53 File: c:\windows\system32\cryptext.dll ok scanned
28/03/2009 20:27:53 File: C:\WINDOWS\system32\rundll32.exe ok scanned
28/03/2009 20:27:53 File: C:\WINDOWS\system32\cryptext.dll ok scanned
28/03/2009 20:27:54 File: c:\arquivos de programas\outlook express\wab.exe ok scanned
28/03/2009 20:27:54 File: c:\windows\hh.exe ok scanned
28/03/2009 20:27:54 File: c:\windows\system32\clipbrd.exe ok scanned
28/03/2009 20:28:02 File: c:\arquiv~1\micros~1\office11\excel.exe ok scanned
28/03/2009 20:28:02 File: c:\windows\system32\netshell.dll ok scanned
28/03/2009 20:28:02 File: c:\windows\system32\shimgvw.dll ok scanned
28/03/2009 20:28:02 File: c:\arquivos de programas\microsoft office\office11\excel.exe ok scanned
28/03/2009 20:28:02 File: c:\windows\explorer.exe ok scanned
28/03/2009 20:28:03 File: c:\windows\system32\fontview.exe ok scanned
28/03/2009 20:28:10 File: c:\arquivos de programas\google\google earth\googleearth.exe ok scanned
28/03/2009 20:28:10 File: c:\windows\system32\msconf.dll ok scanned
28/03/2009 20:28:11 File: c:\windows\winhlp32.exe ok scanned
28/03/2009 20:28:11 File: c:\windows\system32\winhlp32.exe ok scanned
28/03/2009 20:28:11 File: c:\arquivos de programas\windows nt\hypertrm.exe ok scanned
28/03/2009 20:28:12 File: c:\arquivos de programas\internet explorer\iexplore.exe ok scanned
28/03/2009 20:28:12 File: C:\WINDOWS\system32\msconf.dll ok scanned
28/03/2009 20:28:12 File: c:\windows\system32\wmpdxm.dll ok scanned
28/03/2009 20:28:12 File: c:\arquivos de programas\java\jre6\bin\javaw.exe ok scanned
28/03/2009 20:28:13 File: c:\arquivos de programas\java\jre6\bin\javaws.exe ok scanned
28/03/2009 20:28:13 File: c:\windows\system32\wscript.exe ok scanned
28/03/2009 20:28:15 File: c:\arquivos de programas\lingoes\translator2\lingoes.exe ok scanned
28/03/2009 20:28:21 File: c:\arquivos de programas\k-lite codec pack\media player classic\mplayerc.exe ok scanned
28/03/2009 20:28:21 File: c:\arquivos de programas\microsoft office\office11\mstore.exe ok scanned
28/03/2009 20:28:26 File: c:\arquivos de programas\megacubo\megacubo.exe ok scanned
28/03/2009 20:28:28 File: c:\windows\system32\ntbackup.exe ok scanned
28/03/2009 20:28:29 File: c:\windows\system32\mmc.exe ok scanned
28/03/2009 20:28:29 File: c:\windows\system32\shell32.dll ok scanned
28/03/2009 20:28:30 File: c:\windows\system32\desk.cpl ok scanned
28/03/2009 20:28:30 File: c:\windows\system32\rasphone.exe ok scanned
28/03/2009 20:28:30 File: c:\windows\system32\perfmon.exe ok scanned
28/03/2009 20:28:36 File: c:\arquivos de programas\microsoft office\office11\powerpnt.exe ok scanned
28/03/2009 20:28:36 File: c:\windows\system32\msrating.dll ok scanned
28/03/2009 20:28:36 File: C:\WINDOWS\system32\msrating.dll ok scanned
28/03/2009 20:28:36 File: C:\WINDOWS\regedit.exe ok scanned
28/03/2009 20:28:36 File: c:\arquivos de programas\windows nt\acessórios\wordpad.exe ok scanned
28/03/2009 20:28:36 File: c:\windows\notepad.exe ok scanned
28/03/2009 20:28:37 File: c:\windows\system32\wpnpinst.exe ok scanned
28/03/2009 20:28:45 File: c:\arquivos de programas\microsoft office\office11\winword.exe ok scanned
28/03/2009 20:28:46 File: c:\arquivos de programas\arquivos comuns\microsoft shared\office11\msoxmled.exe ok scanned
28/03/2009 20:28:46 File: c:\windows\system32\drwtsn32.exe ok scanned
28/03/2009 20:28:46 File: C:\WINDOWS\explorer.exe ok scanned
28/03/2009 20:28:46 File: c:\windows\system32\userinit.exe ok scanned
28/03/2009 20:28:46 File: c:\arquiv~1\gbplugin\gbieh.dll packed file ASPack
28/03/2009 20:28:46 File: c:\arquiv~1\gbplugin\gbieh.dll//ASPack ok scanned
28/03/2009 20:28:46 File: c:\arquiv~1\gbplugin\gbieh.dll ok scanned
28/03/2009 20:28:46 File: c:\windows\system32\crypt32.dll ok scanned
28/03/2009 20:28:47 File: c:\windows\system32\cryptnet.dll ok scanned
28/03/2009 20:28:47 File: c:\windows\system32\cscdll.dll ok scanned
28/03/2009 20:28:47 File: c:\windows\system32\dimsntfy.dll ok scanned
28/03/2009 20:28:47 File: c:\windows\system32\wlnotify.dll ok scanned
28/03/2009 20:28:47 File: C:\WINDOWS\system32\wlnotify.dll ok scanned
28/03/2009 20:28:47 File: c:\windows\system32\sclgntfy.dll ok scanned
28/03/2009 20:28:47 File: c:\windows\system32\wgalogon.dll ok scanned
28/03/2009 20:28:47 File: c:\arquivos de programas\gbplugin\gbieh.dll packed file ASPack
28/03/2009 20:28:47 File: c:\arquivos de programas\gbplugin\gbieh.dll//ASPack ok scanned
28/03/2009 20:28:47 File: c:\arquivos de programas\gbplugin\gbieh.dll ok scanned
28/03/2009 20:28:47 File: c:\arquiv~1\alwils~1\avast4\ashdisp.exe ok scanned
28/03/2009 20:28:47 File: c:\windows\system32\ctfmon.exe ok scanned
28/03/2009 20:28:48 File: c:\windows\system32\cmd.exe ok scanned
28/03/2009 20:28:48 File: c:\windows\system32\syssetup.dll ok scanned
28/03/2009 20:28:48 File: c:\windows\system32\tscupgrd.exe ok scanned
28/03/2009 20:28:49 File: c:\arquivos de programas\nitropc\nitropc.exe packed file Armadillo
28/03/2009 20:28:52 File: c:\arquivos de programas\nitropc\nitropc.exe//Armadillo ok scanned
28/03/2009 20:28:53 File: c:\arquivos de programas\nitropc\nitropc.exe ok scanned
28/03/2009 20:28:53 File: c:\documents and settings\administrador\configurações locais\dados de aplicativos\octoshape\octoshape streaming services\octoshapeclient.exe ok scanned
28/03/2009 20:28:53 File: c:\arquivos de programas\google\googletoolbarnotifier\googletoolbarnotifier.exe ok scanned
28/03/2009 20:28:53 File: C:\WINDOWS\system32\cmd.exe ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\appmgmts.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\audiosrv.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\qmgr.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\browser.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\bthserv.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\cryptsvc.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\rpcss.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\dhcpcsvc.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\dmserver.dll ok scanned
28/03/2009 20:28:54 File: c:\windows\system32\dnsrslvr.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\dot3svc.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\eapsvc.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\ersvc.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\es.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\shsvcs.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\pchealth\helpctr\binaries\pchsvc.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\hidserv.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\kmsvc.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\w3ssl.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\srvsvc.dll ok scanned
28/03/2009 20:28:55 File: c:\windows\system32\lmhsvc.dll ok scanned
28/03/2009 20:28:56 File: c:\windows\system32\msgsvc.dll ok scanned
28/03/2009 20:28:56 File: c:\windows\system32\qagentrt.dll ok scanned
28/03/2009 20:28:56 File: c:\windows\system32\netman.dll ok scanned
28/03/2009 20:28:56 File: c:\windows\system32\mswsock.dll ok scanned
28/03/2009 20:28:56 File: c:\windows\system32\ntmssvc.dll ok scanned
28/03/2009 20:28:56 File: c:\windows\system32\rasauto.dll ok scanned
28/03/2009 20:28:56 File: c:\windows\system32\rasmans.dll ok scanned
28/03/2009 20:28:57 File: c:\windows\system32\mprdim.dll ok scanned
28/03/2009 20:28:57 File: c:\windows\system32\regsvc.dll ok scanned
28/03/2009 20:28:57 File: c:\windows\system32\schedsvc.dll ok scanned
28/03/2009 20:28:57 File: c:\windows\system32\seclogon.dll ok scanned
28/03/2009 20:28:57 File: c:\windows\system32\sens.dll ok scanned
28/03/2009 20:28:57 File: c:\windows\system32\ipnathlp.dll ok scanned
28/03/2009 20:28:57 File: c:\windows\system32\srsvc.dll ok scanned
28/03/2009 20:28:57 File: c:\windows\system32\ssdpsrv.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\wiaservc.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\tapisrv.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\termsrv.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\trkwks.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\upnphost.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\w32time.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\webclnt.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\wbem\wmisvc.dll ok scanned
28/03/2009 20:28:58 File: c:\windows\system32\mspmsnsv.dll ok scanned
28/03/2009 20:28:59 File: c:\windows\system32\advapi32.dll ok scanned
28/03/2009 20:28:59 File: c:\windows\system32\wscsvc.dll ok scanned
28/03/2009 20:28:59 File: c:\windows\system32\wuauserv.dll ok scanned
28/03/2009 20:28:59 File: c:\windows\system32\wudfsvc.dll ok scanned
28/03/2009 20:28:59 File: c:\windows\system32\wzcsvc.dll ok scanned
28/03/2009 20:28:59 File: c:\windows\system32\xmlprov.dll ok scanned
28/03/2009 20:29:00 File: c:\windows\system32\drivers\acpi.sys packed file PE_Patch
28/03/2009 20:29:00 File: c:\windows\system32\drivers\acpi.sys//PE_Patch ok scanned
28/03/2009 20:29:00 File: c:\windows\system32\drivers\acpi.sys ok scanned
28/03/2009 20:29:00 File: c:\windows\system32\drivers\acpiec.sys ok scanned
28/03/2009 20:29:00 File: c:\windows\system32\drivers\aec.sys packed file PE_Patch
28/03/2009 20:29:00 File: c:\windows\system32\drivers\aec.sys//PE_Patch ok scanned
28/03/2009 20:29:00 File: c:\windows\system32\drivers\aec.sys ok scanned
28/03/2009 20:29:01 File: c:\windows\system32\drivers\afd.sys ok scanned
28/03/2009 20:29:01 File: c:\windows\system32\alg.exe ok scanned
28/03/2009 20:29:01 File: c:\windows\system32\drivers\aliide.sys ok scanned
28/03/2009 20:29:01 File: c:\windows\system32\drivers\amdk8.sys packed file PE_Patch
28/03/2009 20:29:01 File: c:\windows\system32\drivers\amdk8.sys//PE_Patch ok scanned
28/03/2009 20:29:01 File: c:\windows\system32\drivers\amdk8.sys ok scanned
28/03/2009 20:29:01 File: c:\arquivos de programas\avira\antivir personaledition classic\sched.exe ok scanned
28/03/2009 20:29:01 File: c:\windows\system32\svchost.exe ok scanned
28/03/2009 20:29:01 File: c:\windows\system32\drivers\arp1394.sys packed file PE_Patch
28/03/2009 20:29:01 File: c:\windows\system32\drivers\arp1394.sys//PE_Patch ok scanned
28/03/2009 20:29:01 File: c:\windows\system32\drivers\arp1394.sys ok scanned
28/03/2009 20:29:02 File: c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe packed file PE_Patch
28/03/2009 20:29:02 File: c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe//PE_Patch ok scanned
28/03/2009 20:29:02 File: c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\aswfsblk.sys packed file PE_Patch
28/03/2009 20:29:02 File: c:\windows\system32\drivers\aswfsblk.sys//PE_Patch ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\aswfsblk.sys ok scanned
28/03/2009 20:29:02 File: c:\arquivos de programas\alwil software\avast4\aswupdsv.exe ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\asyncmac.sys packed file PE_Patch
28/03/2009 20:29:02 File: c:\windows\system32\drivers\asyncmac.sys//PE_Patch ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\asyncmac.sys ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\atapi.sys packed file PE_Patch
28/03/2009 20:29:02 File: c:\windows\system32\drivers\atapi.sys//PE_Patch ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\atapi.sys ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\atmarpc.sys packed file PE_Patch
28/03/2009 20:29:02 File: c:\windows\system32\drivers\atmarpc.sys//PE_Patch ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\atmarpc.sys ok scanned
28/03/2009 20:29:02 File: c:\windows\system32\drivers\audstub.sys ok scanned
28/03/2009 20:29:03 File: c:\arquivos de programas\alwil software\avast4\ashserv.exe ok scanned
28/03/2009 20:29:03 File: c:\arquivos de programas\alwil software\avast4\ashmaisv.exe ok scanned
28/03/2009 20:29:03 File: c:\arquivos de programas\alwil software\avast4\ashwebsv.exe ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\avipbb.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\blueletaudio.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\btnetdrv.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\btcusb.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthenum.sys packed file PE_Patch
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthenum.sys//PE_Patch ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthenum.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\vbtenum.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthidmgr.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthpan.sys packed file PE_Patch
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthpan.sys//PE_Patch ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthpan.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthport.sys packed file PE_Patch
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthport.sys//PE_Patch ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthport.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthusb.sys packed file PE_Patch
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthusb.sys//PE_Patch ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\bthusb.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\btnetfilter.sys ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\ccdecode.sys packed file PE_Patch
28/03/2009 20:29:04 File: c:\windows\system32\drivers\ccdecode.sys//PE_Patch ok scanned
28/03/2009 20:29:04 File: c:\windows\system32\drivers\ccdecode.sys ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\drivers\cdrom.sys packed file PE_Patch
28/03/2009 20:29:05 File: c:\windows\system32\drivers\cdrom.sys//PE_Patch ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\drivers\cdrom.sys ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\cisvc.exe ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\clipsrv.exe ok scanned
28/03/2009 20:29:05 File: c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\drivers\cmbatt.sys packed file PE_Patch
28/03/2009 20:29:05 File: c:\windows\system32\drivers\cmbatt.sys//PE_Patch ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\drivers\cmbatt.sys ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\drivers\compbatt.sys packed file PE_Patch
28/03/2009 20:29:05 File: c:\windows\system32\drivers\compbatt.sys//PE_Patch ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\drivers\compbatt.sys ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\dllhost.exe ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\drivers\disk.sys packed file PE_Patch
28/03/2009 20:29:05 File: c:\windows\system32\drivers\disk.sys//PE_Patch ok scanned
28/03/2009 20:29:05 File: c:\windows\system32\drivers\disk.sys ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\dmadmin.exe ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmboot.sys packed file PE_Patch
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmboot.sys//PE_Patch ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmboot.sys ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmio.sys packed file PE_Patch
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmio.sys//PE_Patch ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmio.sys ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmload.sys ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmusic.sys packed file PE_Patch
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmusic.sys//PE_Patch ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\drivers\dmusic.sys ok scanned
28/03/2009 20:29:06 File: c:\windows\system32\drivers\drmkaud.sys packed file PE_Patch
28/03/2009 20:29:07 File: c:\windows\system32\drivers\drmkaud.sys//PE_Patch ok scanned
28/03/2009 20:29:07 File: c:\windows\system32\drivers\drmkaud.sys ok scanned
28/03/2009 20:29:07 File: c:\windows\system32\services.exe ok scanned
28/03/2009 20:29:07 File: c:\windows\system32\drivers\fltmgr.sys packed file PE_Patch
28/03/2009 20:29:07 File: c:\windows\system32\drivers\fltmgr.sys//PE_Patch ok scanned
28/03/2009 20:29:07 File: c:\windows\system32\drivers\fltmgr.sys ok scanned
28/03/2009 20:29:07 File: c:\windows\system32\drivers\fssfltr_tdi.sys ok scanned
28/03/2009 20:29:07 File: c:\arquivos de programas\windows live\family safety\fsssvc.exe ok scanned
28/03/2009 20:29:07 File: c:\windows\system32\drivers\ftdisk.sys ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\msgpc.sys packed file PE_Patch
28/03/2009 20:29:08 File: c:\windows\system32\drivers\msgpc.sys//PE_Patch ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\msgpc.sys ok scanned
28/03/2009 20:29:08 File: c:\arquivos de programas\google\common\google updater\googleupdaterservice.exe ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hdaudio.sys packed file PE_Patch
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hdaudio.sys//PE_Patch ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hdaudio.sys ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hdaudbus.sys packed file PE_Patch
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hdaudbus.sys//PE_Patch ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hdaudbus.sys ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hidusb.sys packed file PE_Patch
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hidusb.sys//PE_Patch ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hidusb.sys ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hpzid412.sys ok scanned
28/03/2009 20:29:08 File: c:\windows\system32\drivers\hpzipr12.sys ok scanned
28/03/2009 20:29:09 File: c:\windows\system32\drivers\hpzius12.sys ok scanned
28/03/2009 20:29:09 File: c:\windows\system32\drivers\http.sys packed file PE_Patch
28/03/2009 20:29:09 File: c:\windows\system32\drivers\http.sys//PE_Patch ok scanned
28/03/2009 20:29:09 File: c:\windows\system32\drivers\http.sys ok scanned
28/03/2009 20:29:09 File: c:\windows\system32\drivers\i8042prt.sys ok scanned
28/03/2009 20:29:09 File: c:\windows\system32\drivers\imapi.sys packed file PE_Patch
28/03/2009 20:29:09 File: c:\windows\system32\drivers\imapi.sys//PE_Patch ok scanned
28/03/2009 20:29:09 File: c:\windows\system32\drivers\imapi.sys ok scanned
28/03/2009 20:29:09 File: c:\windows\system32\imapi.exe ok scanned
28/03/2009 20:29:09 File: c:\windows\system32\drivers\rtkhdaud.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ip6fw.sys packed file PE_Patch
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ip6fw.sys//PE_Patch ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ip6fw.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ipfltdrv.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ipinip.sys packed file PE_Patch
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ipinip.sys//PE_Patch ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ipinip.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ipnat.sys packed file PE_Patch
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ipnat.sys//PE_Patch ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ipnat.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\ipsec.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\irenum.sys packed file PE_Patch
28/03/2009 20:29:10 File: c:\windows\system32\drivers\irenum.sys//PE_Patch ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\irenum.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\73666431.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\81438807.sys ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\isapnp.sys packed file PE_Patch
28/03/2009 20:29:10 File: c:\windows\system32\drivers\isapnp.sys//PE_Patch ok scanned
28/03/2009 20:29:10 File: c:\windows\system32\drivers\isapnp.sys ok scanned
28/03/2009 20:29:11 File: c:\arquivos de programas\java\jre6\bin\jqs.exe ok scanned
28/03/2009 20:29:11 File: c:\arquivos de programas\java\jre6\lib\deploy\jqs\jqs.conf ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kbdclass.sys packed file PE_Patch
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kbdclass.sys//PE_Patch ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kbdclass.sys ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kbdhid.sys packed file PE_Patch
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kbdhid.sys//PE_Patch ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kbdhid.sys ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kmixer.sys packed file PE_Patch
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kmixer.sys//PE_Patch ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\kmixer.sys ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\mnmsrvc.exe ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\mouclass.sys packed file PE_Patch
28/03/2009 20:29:11 File: c:\windows\system32\drivers\mouclass.sys//PE_Patch ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\mouclass.sys ok scanned
28/03/2009 20:29:11 File: c:\windows\system32\drivers\mouhid.sys ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mrxdav.sys packed file PE_Patch
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mrxdav.sys//PE_Patch ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mrxdav.sys ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\msdtc.exe ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\msiexec.exe ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mskssrv.sys packed file PE_Patch
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mskssrv.sys//PE_Patch ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mskssrv.sys ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mspclock.sys packed file PE_Patch
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mspclock.sys//PE_Patch ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mspclock.sys ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mspqm.sys packed file PE_Patch
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mspqm.sys//PE_Patch ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mspqm.sys ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mssmbios.sys packed file PE_Patch
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mssmbios.sys//PE_Patch ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mssmbios.sys ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mstee.sys packed file PE_Patch
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mstee.sys//PE_Patch ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\mstee.sys ok scanned
28/03/2009 20:29:12 File: c:\windows\system32\drivers\rmc.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\sldrv\mtlmnt5.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\sldrv\mtlstrm.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\nabtsfec.sys packed file PE_Patch
28/03/2009 20:29:13 File: c:\windows\system32\drivers\nabtsfec.sys//PE_Patch ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\nabtsfec.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndisip.sys packed file PE_Patch
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndisip.sys//PE_Patch ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndisip.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndistapi.sys packed file PE_Patch
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndistapi.sys//PE_Patch ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndistapi.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndisuio.sys packed file PE_Patch
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndisuio.sys//PE_Patch ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndisuio.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\ndiswan.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\drivers\netbt.sys ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\netdde.exe ok scanned
28/03/2009 20:29:13 File: c:\windows\system32\lsass.exe ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\nic1394.sys packed file PE_Patch
28/03/2009 20:29:14 File: c:\windows\system32\drivers\nic1394.sys//PE_Patch ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\nic1394.sys ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\nwlnkflt.sys ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\nwlnkfwd.sys ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\ohci1394.sys packed file PE_Patch
28/03/2009 20:29:14 File: c:\windows\system32\drivers\ohci1394.sys//PE_Patch ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\ohci1394.sys ok scanned
28/03/2009 20:29:14 File: c:\arquivos de programas\arquivos comuns\microsoft shared\source engine\ose.exe ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\pci.sys packed file PE_Patch
28/03/2009 20:29:14 File: c:\windows\system32\drivers\pci.sys//PE_Patch ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\pci.sys ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\pcmcia.sys packed file PE_Patch
28/03/2009 20:29:14 File: c:\windows\system32\drivers\pcmcia.sys//PE_Patch ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\drivers\pcmcia.sys ok scanned
28/03/2009 20:29:14 File: c:\windows\system32\hpzipm12.exe ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\raspptp.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\ptilink.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\rasacd.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\rasl2tp.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\raspppoe.sys packed file PE_Patch
28/03/2009 20:29:15 File: c:\windows\system32\drivers\raspppoe.sys//PE_Patch ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\raspppoe.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\raspti.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\rdpcdd.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\rdpdr.sys packed file PE_Patch
28/03/2009 20:29:15 File: c:\windows\system32\drivers\rdpdr.sys//PE_Patch ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\rdpdr.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\sessmgr.exe ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\sldrv\recagent.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\redbook.sys packed file PE_Patch
28/03/2009 20:29:15 File: c:\windows\system32\drivers\redbook.sys//PE_Patch ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\redbook.sys ok scanned
28/03/2009 20:29:15 File: c:\windows\system32\drivers\rfcomm.sys packed file PE_Patch
28/03/2009 20:29:16 File: c:\windows\system32\drivers\rfcomm.sys//PE_Patch ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\drivers\rfcomm.sys ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\drivers\rootmdm.sys ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\rsvp.exe ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\drivers\rt73.sys ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\scardsvr.exe ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\drivers\scsiport.sys packed file PE_Patch
28/03/2009 20:29:16 File: c:\windows\system32\drivers\scsiport.sys//PE_Patch ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\drivers\scsiport.sys ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\drivers\sdbus.sys packed file PE_Patch
28/03/2009 20:29:16 File: c:\windows\system32\drivers\sdbus.sys//PE_Patch ok scanned
28/03/2009 20:29:16 File: c:\windows\system32\drivers\sdbus.sys ok scanned
28/03/2009 20:29:17 File: c:\arquivos de programas\microsoft\search enhancement pack\seaport\seaport.exe ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\secdrv.sys packed file PE_Patch
28/03/2009 20:29:17 File: c:\windows\system32\drivers\secdrv.sys//PE_Patch ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\secdrv.sys ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\serenum.sys packed file PE_Patch
28/03/2009 20:29:17 File: c:\windows\system32\drivers\serenum.sys//PE_Patch ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\serenum.sys ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\sldrv\slazldrv.sys ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\slip.sys packed file PE_Patch
28/03/2009 20:29:17 File: c:\windows\system32\drivers\slip.sys//PE_Patch ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\slip.sys ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\sldrv\slnthal.sys ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\slserv.exe ok scanned
28/03/2009 20:29:17 File: c:\windows\system32\drivers\sldrv\slwdmsup.sys ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\snpstd3.sys ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\splitter.sys packed file PE_Patch
28/03/2009 20:29:18 File: c:\windows\system32\drivers\splitter.sys//PE_Patch ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\splitter.sys ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\spoolsv.exe ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\sr.sys packed file PE_Patch
28/03/2009 20:29:18 File: c:\windows\system32\drivers\sr.sys//PE_Patch ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\sr.sys ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\ssmdrv.sys ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\streamip.sys packed file PE_Patch
28/03/2009 20:29:18 File: c:\windows\system32\drivers\streamip.sys//PE_Patch ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\streamip.sys ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\swenum.sys packed file PE_Patch
28/03/2009 20:29:18 File: c:\windows\system32\drivers\swenum.sys//PE_Patch ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\swenum.sys ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\swmidi.sys packed file PE_Patch
28/03/2009 20:29:18 File: c:\windows\system32\drivers\swmidi.sys//PE_Patch ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\swmidi.sys ok scanned
28/03/2009 20:29:18 File: c:\windows\system32\drivers\sysaudio.sys ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\smlogsvc.exe ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\drivers\tcpip.sys ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\drivers\termdd.sys packed file PE_Patch
28/03/2009 20:29:19 File: c:\windows\system32\drivers\termdd.sys//PE_Patch ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\drivers\termdd.sys ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\drivers\tifm21.sys ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\tlntsvr.exe ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\drivers\ulilan51.sys ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\drivers\update.sys packed file PE_Patch
28/03/2009 20:29:19 File: c:\windows\system32\drivers\update.sys//PE_Patch ok scanned
28/03/2009 20:29:19 File: c:\windows\system32\drivers\update.sys ok scanned28/03/2009 20:29:20 File: c:\windows\system32\ups.exe ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbccgp.sys packed file PE_Patch
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbccgp.sys//PE_Patch ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbccgp.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbehci.sys packed file PE_Patch
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbehci.sys//PE_Patch ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbehci.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbhub.sys packed file PE_Patch
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbhub.sys//PE_Patch ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbhub.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbohci.sys packed file PE_Patch
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbohci.sys//PE_Patch ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbohci.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbprint.sys packed file PE_Patch
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbprint.sys//PE_Patch ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbprint.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbscan.sys packed file PE_Patch
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbscan.sys//PE_Patch ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbscan.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbsermpt.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbstor.sys packed file PE_Patch
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbstor.sys//PE_Patch ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\usbstor.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\vcomm.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\vcommmgr.sys ok scanned
28/03/2009 20:29:20 File: c:\windows\system32\drivers\vga.sys packed file PE_Patch
28/03/2009 20:29:21 File: c:\windows\system32\drivers\vga.sys//PE_Patch ok scanned
28/03/2009 20:29:21 File: c:\windows\system32\drivers\vga.sys ok scanned
28/03/2009 20:29:21 File: c:\windows\system32\vssvc.exe ok scanned
28/03/2009 20:29:21 File: c:\windows\system32\drivers\wanarp.sys packed file PE_Patch
28/03/2009 20:29:21 File: c:\windows\system32\drivers\wanarp.sys//PE_Patch ok scanned
28/03/2009 20:29:21 File: c:\windows\system32\drivers\wanarp.sys ok scanned
28/03/2009 20:29:21 File: c:\windows\system32\drivers\wdmaud.sys ok scanned
28/03/2009 20:29:21 File: c:\windows\system32\wbem\wmiapsrv.exe ok scanned
28/03/2009 20:29:22 File: c:\arquivos de programas\windows media player\wmpnetwk.exe ok scanned
28/03/2009 20:29:22 File: c:\windows\system32\drivers\ws2ifsl.sys ok scanned
28/03/2009 20:29:22 File: c:\windows\system32\drivers\wstcodec.sys packed file PE_Patch
28/03/2009 20:29:22 File: c:\windows\system32\drivers\wstcodec.sys//PE_Patch ok scanned
28/03/2009 20:29:22 File: c:\windows\system32\drivers\wstcodec.sys ok scanned
28/03/2009 20:29:22 File: c:\windows\system32\drivers\wudfpf.sys packed file PE_Patch
28/03/2009 20:29:22 File: c:\windows\system32\drivers\wudfpf.sys//PE_Patch ok scanned
28/03/2009 20:29:22 File: c:\windows\system32\drivers\wudfpf.sys ok scanned
28/03/2009 20:29:23 File: c:\windows\system32\drivers\wudfrd.sys packed file PE_Patch
28/03/2009 20:29:23 File: c:\windows\system32\drivers\wudfrd.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: c:\windows\system32\drivers\wudfrd.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\acpi.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\acpi.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\acpi.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\acpiec.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\aec.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\aec.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\aec.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\aliide.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\amdk8.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\amdk8.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\amdk8.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\arp1394.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\arp1394.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\arp1394.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\aswfsblk.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\aswfsblk.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\aswfsblk.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\asyncmac.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\asyncmac.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\asyncmac.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\atapi.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\atapi.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\atapi.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\atmarpc.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\atmarpc.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\atmarpc.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\audstub.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\avipbb.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\blueletaudio.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\btnetdrv.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\btcusb.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\bthenum.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\bthenum.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\bthenum.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\vbtenum.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\bthidmgr.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\bthpan.sys packed file PE_Patch
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\bthpan.sys//PE_Patch ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\bthpan.sys ok scanned
28/03/2009 20:29:23 File: C:\WINDOWS\system32\drivers\bthport.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\bthport.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\bthport.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\bthusb.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\bthusb.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\bthusb.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\ccdecode.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\ccdecode.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\ccdecode.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\cdrom.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\cdrom.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\cdrom.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\cmbatt.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\cmbatt.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\cmbatt.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\compbatt.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\compbatt.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\compbatt.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\disk.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\disk.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\disk.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmboot.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmboot.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmboot.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmio.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmio.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmio.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmload.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmusic.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmusic.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\dmusic.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\dot3svc.dll ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\drmkaud.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\drmkaud.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\drmkaud.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\fltmgr.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\fltmgr.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\fltmgr.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\fssfltr_tdi.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\ftdisk.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\msgpc.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\msgpc.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\msgpc.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hdaudio.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hdaudio.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hdaudio.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hdaudbus.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hdaudbus.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hdaudbus.sys ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hidusb.sys packed file PE_Patch
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hidusb.sys//PE_Patch ok scanned
28/03/2009 20:29:24 File: C:\WINDOWS\system32\drivers\hidusb.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\hpzid412.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\hpzipr12.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\hpzius12.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\http.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\http.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\http.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\i8042prt.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\imapi.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\imapi.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\imapi.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\rtkhdaud.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ip6fw.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ip6fw.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ip6fw.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ipfltdrv.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ipinip.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ipinip.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ipinip.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ipnat.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ipnat.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ipnat.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\ipsec.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\irenum.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\irenum.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\irenum.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\isapnp.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\isapnp.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\isapnp.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kbdclass.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kbdclass.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kbdclass.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kbdhid.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kbdhid.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kbdhid.sys ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kmixer.sys packed file PE_Patch
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kmixer.sys//PE_Patch ok scanned
28/03/2009 20:29:25 File: C:\WINDOWS\system32\drivers\kmixer.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mouclass.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mouclass.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mouclass.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mouhid.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mrxdav.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mrxdav.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mrxdav.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mskssrv.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mskssrv.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mskssrv.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mspclock.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mspclock.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mspclock.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mspqm.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mspqm.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mspqm.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mssmbios.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mssmbios.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mssmbios.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mstee.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mstee.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\mstee.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\rmc.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\sldrv\mtlmnt5.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\sldrv\mtlstrm.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\nabtsfec.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\nabtsfec.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\nabtsfec.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndisip.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndisip.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndisip.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndistapi.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndistapi.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndistapi.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndisuio.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndisuio.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndisuio.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ndiswan.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\netbt.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\nic1394.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\nic1394.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\nic1394.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\nwlnkflt.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\nwlnkfwd.sys ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ohci1394.sys packed file PE_Patch
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ohci1394.sys//PE_Patch ok scanned
28/03/2009 20:29:26 File: C:\WINDOWS\system32\drivers\ohci1394.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\pci.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\pci.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\pci.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\pcmcia.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\pcmcia.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\pcmcia.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\raspptp.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\ptilink.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rasacd.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rasl2tp.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\raspppoe.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\raspppoe.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\raspppoe.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\raspti.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rdpcdd.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rdpdr.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rdpdr.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rdpdr.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\sldrv\recagent.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\redbook.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\redbook.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\redbook.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rfcomm.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rfcomm.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rfcomm.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rootmdm.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\rpcss.dll ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\rt73.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\sdbus.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\sdbus.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\sdbus.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\secdrv.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\secdrv.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\secdrv.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\serenum.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\serenum.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\serenum.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\sldrv\slazldrv.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\slip.sys packed file PE_Patch
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\slip.sys//PE_Patch ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\slip.sys ok scanned
28/03/2009 20:29:27 File: C:\WINDOWS\system32\drivers\sldrv\slnthal.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\slserv.exe ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\sldrv\slwdmsup.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\snpstd3.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\splitter.sys packed file PE_Patch
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\splitter.sys//PE_Patch ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\splitter.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\sr.sys packed file PE_Patch
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\sr.sys//PE_Patch ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\sr.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\ssmdrv.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\streamip.sys packed file PE_Patch
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\streamip.sys//PE_Patch ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\streamip.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\swenum.sys packed file PE_Patch
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\swenum.sys//PE_Patch ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\swenum.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\swmidi.sys packed file PE_Patch
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\swmidi.sys//PE_Patch ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\swmidi.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\sysaudio.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\tcpip.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\termdd.sys packed file PE_Patch
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\termdd.sys//PE_Patch ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\termdd.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\tifm21.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\ulilan51.sys ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\update.sys packed file PE_Patch
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\update.sys//PE_Patch ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\update.sys ok scanned28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\usbccgp.sys packed file PE_Patch
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\usbccgp.sys//PE_Patch ok scanned
28/03/2009 20:29:28 File: C:\WINDOWS\system32\drivers\usbccgp.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbehci.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbehci.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbehci.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbhub.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbhub.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbhub.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbohci.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbohci.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbohci.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbprint.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbprint.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbprint.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbscan.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbscan.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbscan.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbsermpt.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbstor.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbstor.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\usbstor.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\vcomm.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\vcommmgr.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wanarp.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wanarp.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wanarp.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wdmaud.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wstcodec.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wstcodec.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wstcodec.sys ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wudfpf.sys packed file PE_Patch
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wudfpf.sys//PE_Patch ok scanned
28/03/2009 20:29:29 File: C:\WINDOWS\system32\drivers\wudfpf.sys ok scanned
28/03/2009 20:29:30 File: C:\WINDOWS\system32\drivers\wudfrd.sys packed file PE_Patch
28/03/2009 20:29:30 File: C:\WINDOWS\system32\drivers\wudfrd.sys//PE_Patch ok scanned
28/03/2009 20:29:30 File: C:\WINDOWS\system32\drivers\wudfrd.sys ok scanned
28/03/2009 20:29:30 File: c:\windows\system32\autochk.exe ok scanned
28/03/2009 20:29:30 File: C:\WINDOWS\system32\autochk.exe ok scanned
28/03/2009 20:29:30 File: c:\windows\system32\ieudinit.exe ok scanned
28/03/2009 20:29:30 File: c:\windows\inf\unregmp2.exe ok scanned
28/03/2009 20:29:30 File: c:\windows\system32\shmgrate.exe ok scanned
28/03/2009 20:29:30 File: c:\windows\system32\iedkcs32.dll ok scanned
28/03/2009 20:29:31 File: c:\windows\system32\regsvr32.exe ok scanned
28/03/2009 20:29:31 File: c:\windows\system32\themeui.dll ok scanned
28/03/2009 20:29:31 File: c:\arquivos de programas\outlook express\setup50.exe//# ok scanned
28/03/2009 20:29:31 File: c:\arquivos de programas\outlook express\setup50.exe ok scanned
28/03/2009 20:29:31 File: c:\windows\system32\user.exe ok scanned
28/03/2009 20:29:31 File: c:\windows\system32\advpack.dll ok scanned
28/03/2009 20:29:31 File: c:\windows\inf\msnetmtg.inf ok scanned
28/03/2009 20:29:31 File: C:\WINDOWS\system32\advpack.dll ok scanned
28/03/2009 20:29:31 File: c:\windows\inf\msmsgs.inf ok scanned
28/03/2009 20:29:31 File: c:\windows\inf\wmp11.inf ok scanned
28/03/2009 20:29:31 File: C:\WINDOWS\system32\user.exe ok scanned
28/03/2009 20:29:31 File: C:\WINDOWS\system32\shell32.dll ok scanned
28/03/2009 20:29:31 File: c:\windows\system32\ie4uinit.exe ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\mscories.dll ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\comm.drv ok scanned
28/03/2009 20:29:32 File: c:\windows\system\vga.drv ok scanned
28/03/2009 20:29:32 File: c:\windows\system\mmsystem.dll ok scanned
28/03/2009 20:29:32 File: c:\windows\system\keyboard.drv ok scanned
28/03/2009 20:29:32 File: c:\windows\system\mouse.drv ok scanned
28/03/2009 20:29:32 File: c:\windows\system\wfwnet.drv ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\progman.exe ok scanned
Baixe o EliStarA.
Na pagina,clique no botão: Descargar EliStarA v xx.xx.
Desabilite o anti-vírus e anti-spyware.
Reinicie o computador em Modo de Segurança.
Vá ao ícone de EliStarA clique duas vezes e execute a ferramenta.
O processo pode demora aguarde o fim.
Ao final será gerado um log nomeado como infoSat.txt
A ferramenta ira deletar a sua página inicial configure ela novamente, após o fim do processo.
Reinicie em modo normal.
Em sua próxima resposta poste o infoSat.txt juntamente com um novo log do hijackthis
Aguardo o retorno
28/03/2009 20:29:32 File: c:\windows\system\sound.drv ok scanned
28/03/2009 20:29:32 File: c:\windows\system\system.drv ok scanned
28/03/2009 20:29:32 File: C:\WINDOWS\system32\timer.drv ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\midimap.dll ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\imaadp32.acm ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\msadp32.acm ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\msg711.acm ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\msgsm32.acm ok scanned
28/03/2009 20:29:32 File: c:\windows\system32\tssoft32.acm ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\iccvid.dll ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\msh263.drv ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\ir32_32.dll ok scanned
28/03/2009 20:29:33 File: C:\WINDOWS\system32\ir32_32.dll ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\ir41_32.ax ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\iyuv_32.dll ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\msrle32.dll ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\msvidc32.dll ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\msyuv.dll ok scanned
28/03/2009 20:29:33 File: C:\WINDOWS\system32\msyuv.dll ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\tsbyuv.dll ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\msacm32.drv ok scanned
28/03/2009 20:29:33 File: c:\windows\system32\msg723.acm ok scanned
28/03/2009 20:29:34 File: C:\WINDOWS\system32\msh263.drv ok scanned
28/03/2009 20:29:34 File: c:\windows\system32\msh261.drv ok scanned
28/03/2009 20:29:34 File: c:\windows\system32\msaud32.acm ok scanned
28/03/2009 20:29:34 File: c:\windows\system32\sl_anet.acm ok scanned
28/03/2009 20:29:34 File: c:\windows\system32\iac25_32.ax ok scanned
28/03/2009 20:29:34 File: c:\windows\system32\ir50_32.dll ok scanned
28/03/2009 20:29:34 File: c:\windows\system32\l3codeca.acm ok scanned
28/03/2009 20:29:35 File: c:\windows\system32\sirenacm.dll ok scanned
28/03/2009 20:29:35 File: c:\windows\system32\divx.dll ok scanned
28/03/2009 20:29:35 File: c:\windows\system32\xvidvfw.dll ok scanned
28/03/2009 20:29:35 File: c:\windows\system32\divxc32.dll ok scanned
28/03/2009 20:29:35 File: c:\windows\system32\divxc32f.dll ok scanned
28/03/2009 20:29:35 File: c:\windows\system32\lameacm.acm ok scanned
28/03/2009 20:29:36 File: c:\windows\system32\3ivxvfwcodec.dll ok scanned
28/03/2009 20:29:36 File: c:\windows\system32\divxa32.acm ok scanned
28/03/2009 20:29:36 File: c:\windows\system32\huffyuv.dll ok scanned
28/03/2009 20:29:36 File: c:\windows\system32\wmv9vcm.dll ok scanned
28/03/2009 20:29:36 File: c:\windows\system32\i263_32.drv ok scanned
28/03/2009 20:29:36 File: c:\windows\system32\imc32.acm ok scanned
28/03/2009 20:29:36 File: C:\WINDOWS\system32\ir41_32.ax ok scanned
28/03/2009 20:29:37 File: c:\windows\system32\vp6vfw.dll ok scanned
28/03/2009 20:29:37 File: C:\WINDOWS\system32\vp6vfw.dll ok scanned
28/03/2009 20:29:37 File: c:\windows\system32\vp7vfw.dll ok scanned
28/03/2009 20:29:37 File: c:\windows\system32\vp31vfw.dll ok scanned
28/03/2009 20:29:37 File: c:\windows\system32\mpg4c32.dll ok scanned
28/03/2009 20:29:37 File: C:\WINDOWS\system32\mpg4c32.dll ok scanned
28/03/2009 20:29:37 File: c:\windows\system32\ac3acm.acm ok scanned
28/03/2009 20:29:37 File: c:\windows\system32\ff_vfw.dll ok scanned
28/03/2009 20:29:37 File: c:\windows\system32\ff_acm.acm ok scanned
28/03/2009 20:29:37 File: c:\windows\system32\wdmaud.drv ok scanned
28/03/2009 20:29:38 File: C:\WINDOWS\system32\wdmaud.drv ok scanned
28/03/2009 20:29:38 File: c:\windows\system32\lcodccmp.dll ok scanned
28/03/2009 20:29:38 File: c:\windows\system32\drivers\vfwwdm32.dll ok scanned
28/03/2009 20:29:38 File: c:\windows\system32\webcheck.dll ok scanned
28/03/2009 20:29:38 File: c:\windows\system32\stobject.dll ok scanned
28/03/2009 20:29:38 File: c:\windows\system32\upnpui.dll ok scanned
28/03/2009 20:29:38 File: c:\windows\system32\wpdshserviceobj.dll ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\logon.scr ok scanned
28/03/2009 20:29:39 File: C:\WINDOWS\system32\logon.scr ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\browseui.dll ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\mmsys.cpl ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\icmui.dll ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\rshx32.dll ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\docprop.dll ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\ntshrui.dll ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\deskadp.dll ok scanned
28/03/2009 20:29:39 File: c:\windows\system32\deskmon.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\dssec.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\slayerxp.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\shscrap.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\diskcopy.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\ntlanui2.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\printui.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\dskquoui.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\syncui.dll ok scanned
28/03/2009 20:29:40 File: c:\windows\system32\hticons.dll ok scanned
28/03/2009 20:29:41 File: c:\windows\system32\fontext.dll ok scanned
28/03/2009 20:29:41 File: C:\WINDOWS\system32\rshx32.dll ok scanned
28/03/2009 20:29:41 File: C:\WINDOWS\system32\ntshrui.dll ok scanned
28/03/2009 20:29:41 File: c:\windows\system32\deskperf.dll ok scanned
28/03/2009 20:29:41 File: c:\windows\system32\wiashext.dll ok scanned
28/03/2009 20:29:41 File: C:\WINDOWS\system32\wiashext.dll ok scanned
28/03/2009 20:29:41 File: c:\windows\system32\remotepg.dll ok scanned
28/03/2009 20:29:41 File: c:\windows\system32\wshext.dll ok scanned
28/03/2009 20:29:41 File: c:\arquivos de programas\arquivos comuns\system\ole db\oledb32.dll ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\mstask.dll ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\shdocvw.dll ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\wuaucpl.cpl ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\twext.dll ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\shmedia.dll ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\ieframe.dll ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\sendmail.dll ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\occache.dll ok scanned
28/03/2009 20:29:42 File: c:\windows\system32\appwiz.cpl ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\netplwiz.dll ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\zipfldr.dll ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\extmgr.dll ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\msieftp.dll ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\docprop2.dll ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\dsquery.dll ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\dsuiext.dll ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\mydocs.dll ok scanned
28/03/2009 20:29:43 File: c:\windows\system32\cscui.dll ok scanned
28/03/2009 20:29:44 File: c:\windows\msagent\agentpsh.dll ok scanned
28/03/2009 20:29:44 File: c:\windows\system32\dfsshlex.dll ok scanned
28/03/2009 20:29:44 File: c:\windows\system32\photowiz.dll ok scanned
28/03/2009 20:29:44 File: c:\windows\system32\mmcshext.dll ok scanned
28/03/2009 20:29:44 File: c:\windows\system32\cabview.dll ok scanned
28/03/2009 20:29:44 File: c:\arquivos de programas\outlook express\wabfind.dll ok scanned
28/03/2009 20:29:44 File: c:\windows\system32\wmpshell.dll ok scanned
28/03/2009 20:29:44 File: c:\arquivos de programas\winrar\rarext.dll ok scanned
28/03/2009 20:29:44 File: c:\arquiv~1\arquiv~1\micros~1\webfol~1\msonsext.dll ok scanned
28/03/2009 20:29:45 File: c:\arquivos de programas\microsoft office\office11\msohev.dll ok scanned
28/03/2009 20:29:45 File: c:\windows\system32\mscoree.dll ok scanned
28/03/2009 20:29:45 File: c:\arquivos de programas\avira\antivir personaledition classic\shlext.dll ok scanned
28/03/2009 20:29:45 File: c:\windows\system32\audiodev.dll ok scanned
28/03/2009 20:29:45 File: c:\windows\system32\wpdshext.dll ok scanned
28/03/2009 20:29:46 File: c:\arquivos de programas\alwil software\avast4\ashshell.dll ok scanned
28/03/2009 20:29:46 File: c:\arquivos de programas\windows live\mail\mailcomm.dll ok scanned
28/03/2009 20:29:46 File: c:\arquivos de programas\windows live\photo gallery\wlxphotoacquirewizard.exe ok scanned
28/03/2009 20:29:46 File: c:\arquivos de programas\windows live\photo gallery\photoviewershim.dll ok scanned
28/03/2009 20:29:46 File: c:\arquivos de programas\windows live\photo gallery\wlxphotogallery.exe ok scanned
28/03/2009 20:29:46 File: c:\windows\system32\dfshim.dll ok scanned
28/03/2009 20:29:47 File: c:\arquivos de programas\canon\easy-webprint\toolband.dll ok scanned
28/03/2009 20:29:47 File: c:\arquivos de programas\canon\easy-webprint\resource.dll ok scanned
28/03/2009 20:29:47 File: c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\acroiehelpershim.dll ok scanned
28/03/2009 20:29:47 File: c:\arquivos de programas\microsoft\search enhancement pack\search helper\searchhelper.dll ok scanned
28/03/2009 20:29:47 File: c:\arquivos de programas\java\jre6\bin\ssv.dll ok scanned
28/03/2009 20:29:47 File: c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\windowslivelogin.dll ok scanned
28/03/2009 20:29:48 File: c:\arquivos de programas\google\google toolbar\googletoolbar.dll ok scanned
28/03/2009 20:29:48 File: c:\arquivos de programas\google\googletoolbarnotifier\5.0.926.3450\swg.dll ok scanned
28/03/2009 20:29:48 File: c:\arquivos de programas\google\google toolbar\component\fastsearch_219b3e1547538286.dll ok scanned
28/03/2009 20:29:48 File: c:\arquivos de programas\java\jre6\bin\jp2ssv.dll ok scanned
28/03/2009 20:29:49 File: c:\arquivos de programas\windows live\toolbar\wltcore.dll ok scanned
28/03/2009 20:29:49 File: c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ok scanned
28/03/2009 20:29:49 File: c:\arquivos de programas\adobe\reader 9.0\reader\acrord32.exe ok scanned
28/03/2009 20:29:50 File: c:\arquivos de programas\alwil software\avast4\ashavast.exe ok scanned
28/03/2009 20:29:53 File: c:\arquivos de programas\ahead\nero backitup\backitup.exe ok scanned
28/03/2009 20:29:53 File: c:\arquivos de programas\msn gaming zone\windows\bckgzm.exe ok scanned
28/03/2009 20:29:55 File: c:\arquivos de programas\ccleaner\ccleaner.exe ok scanned
28/03/2009 20:29:55 File: c:\arquivos de programas\msn gaming zone\windows\chkrzm.exe ok scanned
28/03/2009 20:29:55 File: c:\documents and settings\administrador\desktop\combofix.exe packed file PE_Patch.UPX
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX packed file UPX
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX archive RAR
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/archive comment ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Boot.bat ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\c.bat ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Combobatch.bat ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\DelClsid.bat ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\FIND3M.bat ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\FIXLSP.bat ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\history.bat ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Lang.bat ok scanned
28/03/2009 20:29:58 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\List-B.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\List-C.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\List-D.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\List.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\MoveIt.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ND_.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\RestoreO4.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\SafeBootRepair.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\SetEnvmt.bat ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Assoc.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Auto-RC.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\av.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\AWF.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Boot-Rk.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Catch-sub.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\CF-Script.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Create.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\CregC.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\CSet.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\FD-SV.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\FKMGen.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\GetHive.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Install-RC.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\katch.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Kill-All.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NT-OS.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Prep.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\RegScan.cmd ok scanned
28/03/2009 20:29:59 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Rkey.cmd ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\SnapShot.cmd ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\SRestore.cmd ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\SuppScan.cmd ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Update-CF.cmd ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\badclsid.c ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\clsid.c ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmd.inf ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\n.com packed file PE_Patch.UPX
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\n.com//PE_Patch.UPX packed file UPX
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\n.com//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\n.com//PE_Patch.UPX ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\n.com ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\hidec.exe ok scanned
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\swreg.exe packed file UPX
28/03/2009 20:30:00 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\swreg.exe//UPX ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\swreg.exe ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ffdefstr.dll ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Combo-Fix.sys ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\badclsid ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\BootSect ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\mynul ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\RCLink ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\appinit.bad ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\BON.cfexe packed file PE_Patch.UPX
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\BON.cfexe//PE_Patch.UPX packed file UPX
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\BON.cfexe//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\BON.cfexe//PE_Patch.UPX ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\BON.cfexe ok scanned
28/03/2009 20:30:01 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe packed file PE_Patch.UPX
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe//PE_Patch.UPX packed file UPX
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe//PE_Patch.UPX ok scanned
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe ok scanned
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ComboFix-Download.cfexe packed file UPX
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ComboFix-Download.cfexe//UPX ok scanned
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ComboFix-Download.cfexe ok scanned
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\dd.cfexe archive EmbeddedEXE
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\dd.cfexe//data0000 ok scanned
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\dd.cfexe ok scanned
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\dumphive.cfexe ok scanned
28/03/2009 20:30:02 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERUNT.cfexe packed file UPX
28/03/2009 20:30:03 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERUNT.cfexe//UPX ok scanned
28/03/2009 20:30:03 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERUNT.cfexe ok scanned
28/03/2009 20:30:03 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\extract.cfexe ok scanned
28/03/2009 20:30:04 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\fdsv.cfexe ok scanned
28/03/2009 20:30:04 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\fi.cfexe ok scanned
28/03/2009 20:30:04 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\grep.cfexe ok scanned
28/03/2009 20:30:04 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\gsar.cfexe ok scanned
28/03/2009 20:30:04 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\handle.cfexe//# ok scanned
28/03/2009 20:30:04 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\handle.cfexe ok scanned
28/03/2009 20:30:04 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\md5deep.cfexe ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\moveex.cfexe ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\mtee.cfexe ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmd.cfexe packed file PE_Patch.UPX
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmd.cfexe//PE_Patch.UPX packed file UPX
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmd.cfexe//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmd.cfexe//PE_Patch.UPX ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmd.cfexe ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmdC.cfexe packed file PE_Patch.UPX
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmdC.cfexe//PE_Patch.UPX packed file UPX
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmdC.cfexe//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmdC.cfexe//PE_Patch.UPX ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NirCmdC.cfexe ok scanned
28/03/2009 20:30:05 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\psexec.cfexe ok scanned
28/03/2009 20:30:06 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\pv.cfexe ok scanned
28/03/2009 20:30:06 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\sed.cfexe ok scanned
28/03/2009 20:30:06 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\setcsum.cfexe packed file PECompact
28/03/2009 20:30:06 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\setcsum.cfexe//PECompact ok scanned
28/03/2009 20:30:06 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\setcsum.cfexe ok scanned
28/03/2009 20:30:07 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\setpath.cfexe packed file PE_Patch.UPX
28/03/2009 20:30:07 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\setpath.cfexe//PE_Patch.UPX packed file UPX
28/03/2009 20:30:07 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\setpath.cfexe//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:30:07 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\setpath.cfexe//PE_Patch.UPX ok scanned
28/03/2009 20:30:07 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\setpath.cfexe ok scanned
28/03/2009 20:30:07 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\SF.cfexe ok scanned
28/03/2009 20:30:07 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\swsc.cfexe packed file UPX
28/03/2009 20:30:07 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\swsc.cfexe//UPX ok scanned
28/03/2009 20:30:08 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\swsc.cfexe ok scanned
28/03/2009 20:30:08 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\swxcacls.cfexe ok scanned
28/03/2009 20:30:08 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\tail.cfexe ok scanned
28/03/2009 20:30:08 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\unzip.cfexe ok scanned
28/03/2009 20:30:08 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\vFind.cfexe ok scanned
28/03/2009 20:30:08 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\WRP.cfexe packed file PE_Patch.UPX
28/03/2009 20:30:08 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\WRP.cfexe//PE_Patch.UPX packed file UPX
28/03/2009 20:30:09 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\WRP.cfexe//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:30:09 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\WRP.cfexe//PE_Patch.UPX ok scanned
28/03/2009 20:30:09 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\WRP.cfexe ok scanned
28/03/2009 20:30:09 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\zip.cfexe ok scanned
28/03/2009 20:30:09 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\023.dat ok scanned
28/03/2009 20:30:09 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\023v.dat ok scanned
28/03/2009 20:30:09 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Creg.dat ok scanned
28/03/2009 20:30:09 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\CregC.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Fin.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\LocalService.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\LocalServiceNetworkRestricted.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\LocalSystemNetworkRestricted.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ndis_combofix.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\netsvc.bad.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\netsvc.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\netsvc.vista.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\netsvc.xp.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\NetworkService.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Policies.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Purity.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\region.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\rogues.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\safeboot.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\safeboot.def.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\safeboot.def.vista.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\svc_wht.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\svchost.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\svchost.vista.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\system_ini.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\vistareg.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\w2kreg.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\xpreg.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\zDomain.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\zhsvc.dat ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERDNT.e_e packed file UPX
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERDNT.e_e//UPX ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERDNT.e_e ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERDNTDOS.LOC ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERDNTWIN.LOC ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ERUNT.LOC ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\srizbi.md5 ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\Exe.reg ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\ddsDo.sed ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\embedded.sed ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\REGDACL.sed ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\RegDo.sed ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\run2.sed ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\toolbar.sed ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\DPF.str ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\av.vbs ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\FProps.vbs ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\lnkread.vbs ok scanned
28/03/2009 20:30:10 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\OSid.vbs ok scanned
28/03/2009 20:30:11 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\restore_pt.vbs ok scanned
28/03/2009 20:30:11 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\SvcDrv.vbs ok scanned
28/03/2009 20:30:11 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX/32788R22FWJFW\image001.gif ok scanned
28/03/2009 20:30:11 File: c:\documents and settings\administrador\desktop\combofix.exe//PE_Patch.UPX ok scanned
28/03/2009 20:30:11 File: c:\documents and settings\administrador\desktop\combofix.exe ok scanned
28/03/2009 20:30:11 File: c:\documents and settings\administrador\desktop\combofix.exe:Zone.Identifier ok scanned
28/03/2009 20:30:12 File: c:\arquivos de programas\netmeeting\conf.exe ok scanned
28/03/2009 20:30:13 File: c:\arquivos de programas\windows nt\dialer.exe ok scanned
28/03/2009 20:30:14 File: c:\windows\pchealth\helpctr\binaries\helpctr.exe ok scanned
28/03/2009 20:30:14 File: c:\hijackthis.exe packed file PE_Patch.UPX
28/03/2009 20:30:15 File: c:\hijackthis.exe//PE_Patch.UPX packed file UPX
28/03/2009 20:30:15 File: c:\hijackthis.exe//PE_Patch.UPX//UPX ok scanned
28/03/2009 20:30:15 File: c:\hijackthis.exe//PE_Patch.UPX ok scanned
28/03/2009 20:30:16 File: c:\hijackthis.exe ok scanned
28/03/2009 20:30:16 File: c:\hijackthis.exe:Zone.Identifier ok scanned
28/03/2009 20:30:16 File: c:\arquivos de programas\hp\digital imaging\unload\hpqapkil.exe ok scanned
28/03/2009 20:30:16 File: c:\arquivos de programas\hp\digital imaging\unload\hpqdia.exe ok scanned
28/03/2009 20:30:17 File: c:\arquivos de programas\hp\digital imaging\unload\hpqdias.exe ok scanned
28/03/2009 20:30:17 File: c:\arquivos de programas\hp\digital imaging\bin\hpqgalry.exe ok scanned
28/03/2009 20:30:17 File: c:\arquivos de programas\hp\digital imaging\bin\hpqisc01.exe ok scanned
28/03/2009 20:30:18 File: c:\arquivos de programas\hp\digital imaging\bin\hpqise01.exe ok scanned
28/03/2009 20:30:18 File: c:\arquivos de programas\hp\digital imaging\bin\hpqpanos.exe ok scanned
28/03/2009 20:30:18 File: c:\arquivos de programas\hp\digital imaging\unload\hpqphunl.exe ok scanned
28/03/2009 20:30:19 File: c:\arquivos de programas\hp\digital imaging\unload\hpqpsmon.exe ok scanned
28/03/2009 20:30:19 File: c:\arquivos de programas\hp\digital imaging\bin\hpqpsxp.exe ok scanned
28/03/2009 20:30:20 File: c:\arquivos de programas\hp\digital imaging\bin\hpqqpawp.exe ok scanned
28/03/2009 20:30:20 File: c:\arquivos de programas\hp\digital imaging\bin\hpqthb08.exe ok scanned
28/03/2009 20:30:20 File: c:\arquivos de programas\hp\digital imaging\unload\hpqunset.exe ok scanned
28/03/2009 20:30:20 File: c:\arquivos de programas\hp\digital imaging\bin\hpqvpswp.exe ok scanned
28/03/2009 20:30:20 File: c:\arquivos de programas\hp\digital imaging\unload\hpqxfer.exe ok scanned
28/03/2009 20:30:20 File: c:\arquivos de programas\msn gaming zone\windows\hrtzzm.exe ok scanned
28/03/2009 20:30:21 File: c:\arquivos de programas\internet explorer\connection wizard\icwconn1.exe ok scanned
28/03/2009 20:30:21 File: c:\arquivos de programas\internet explorer\connection wizard\icwconn2.exe ok scanned
28/03/2009 20:30:22 File: c:\arquivos de programas\ahead\imagedrive\imagedrive.exe ok scanned
28/03/2009 20:30:22 File: c:\arquivos de programas\internet explorer\connection wizard\inetwiz.exe ok scanned
28/03/2009 20:30:22 File: c:\arquivos de programas\internet explorer\connection wizard\isignup.exe ok scanned
28/03/2009 20:30:22 File: c:\windows\system32\usmt\migwiz.exe ok scanned
28/03/2009 20:30:25 File: c:\arquivos de programas\movie maker\moviemk.exe ok scanned
28/03/2009 20:30:25 File: c:\arquivos de programas\windows media player\mplayer2.exe ok scanned
28/03/2009 20:30:26 File: c:\windows\pchealth\helpctr\binaries\msconfig.exe ok scanned
28/03/2009 20:30:26 File: c:\arquivos de programas\outlook express\msimn.exe ok scanned
28/03/2009 20:30:26 File: c:\arquivos de programas\arquivos comuns\microsoft shared\msinfo\msinfo32.exe ok scanned
28/03/2009 20:30:28 File: c:\arquivos de programas\messenger\msmsgs.exe ok scanned
28/03/2009 20:30:31 File: c:\arquivos de programas\windows live\messenger\msnmsgr.exe ok scanned
28/03/2009 20:30:34 File: c:\arquiv~1\micros~1\office11\mspub.exe ok scanned
28/03/2009 20:30:35 File: c:\arquiv~1\arquiv~1\micros~1\modi\11.0\mspview.exe ok scanned
28/03/2009 20:30:37 File: c:\arquivos de programas\ahead\coverdesigner\coverdes.exe ok scanned
28/03/2009 20:30:41 File: c:\arquivos de programas\ahead\nero\nero.exe ok scanned
28/03/2009 20:30:43 File: c:\arquivos de programas\ahead\nero startsmart\nerostartsmart.exe ok scanned
28/03/2009 20:30:44 File: c:\arquiv~1\micros~1\office11\ois.exe ok scanned
28/03/2009 20:30:44 File: c:\windows\system32\mspaint.exe ok scanned
28/03/2009 20:30:44 File: c:\arquivos de programas\windows nt\pinball\pinball.exe ok scanned
28/03/2009 20:30:45 File: c:\arquiv~1\micros~1\office11\powerpnt.exe ok scanned
28/03/2009 20:30:45 File: c:\arquivos de programas\msn gaming zone\windows\rvsezm.exe ok scanned
28/03/2009 20:30:45 File: c:\arquivos de programas\msn gaming zone\windows\shvlzm.exe ok scanned
28/03/2009 20:30:45 File: c:\arquivos de programas\outlook express\wabmig.exe ok scanned
28/03/2009 20:30:46 File: c:\arquivos de programas\winrar\winrar.exe ok scanned
28/03/2009 20:30:46 File: c:\arquiv~1\micros~1\office11\winword.exe ok scanned
28/03/2009 20:30:47 File: c:\arquivos de programas\windows live\mail\wlmail.exe ok scanned
28/03/2009 20:30:48 File: c:\arquivos de programas\ahead\wmpburn\wmpburn.exe ok scanned
28/03/2009 20:30:48 File: c:\windows\system32\ntsd.exe ok scanned
28/03/2009 20:30:48 File: c:\windows\system32\java.exe ok scanned
28/03/2009 20:30:48 File: c:\arquivos de programas\java\jre6\bin\npjpi160_10.dll ok scanned
28/03/2009 20:30:48 File: c:\arquivos de programas\java\jre6\bin\jp2iexp.dll ok scanned
28/03/2009 20:30:49 File: c:\arquivos de programas\windows live\writer\writerbrowserextension.dll ok scanned
28/03/2009 20:30:49 File: c:\arquiv~1\micros~1\office11\refiebar.dll ok scanned
28/03/2009 20:30:49 File: c:\arquiv~1\micros~1\office11\refbar.ico ok scanned
28/03/2009 20:30:49 File: c:\arquiv~1\micros~1\office11\refbarh.ico ok scanned
28/03/2009 20:30:49 File: c:\windows\network diagnostic\xpnetdiag.exe ok scanned
28/03/2009 20:30:50 File: c:\arquivos de programas\yahoo!\common\yinsthelper.dll ok scanned
28/03/2009 20:30:50 File: c:\arquivos de programas\yahoo!\common\yinsthelper200711281.dll ok scanned
28/03/2009 20:30:50 File: c:\windows\downloaded program files\fp_ax_cab_installer.exe ok scanned
28/03/2009 20:30:50 File: c:\windows\downloaded program files\conflict.1\fp_ax_cab_installer.exe ok scanned
28/03/2009 20:30:50 File: c:\arquivos de programas\java\jre1.5.0_05\bin\npjpi150_05.dll ok scanned
28/03/2009 20:30:51 File: c:\arquiv~1\gbplugin\gbpdist.dll packed file PE_Patch.PECompact
28/03/2009 20:30:51 File: c:\arquiv~1\gbplugin\gbpdist.dll//PE_Patch.PECompact packed file PecBundle
28/03/2009 20:30:51 File: c:\arquiv~1\gbplugin\gbpdist.dll//PE_Patch.PECompact//PecBundle packed file PECompact
28/03/2009 20:30:51 File: c:\arquiv~1\gbplugin\gbpdist.dll//PE_Patch.PECompact//PecBundle//PECompact ok scanned
28/03/2009 20:30:51 File: c:\arquiv~1\gbplugin\gbpdist.dll//PE_Patch.PECompact//PecBundle ok scanned
28/03/2009 20:30:51 File: c:\arquiv~1\gbplugin\gbpdist.dll//PE_Patch.PECompact ok scanned
28/03/2009 20:30:51 File: c:\arquiv~1\gbplugin\gbpdist.dll ok scanned
28/03/2009 20:30:51 File: c:\windows\system32\rsvpsp.dll ok scanned
28/03/2009 20:30:52 File: c:\windows\system32\winrnr.dll ok scanned
28/03/2009 20:30:52 File: c:\windows\system32\wshbth.dll ok scanned
28/03/2009 20:30:52 File: c:\documents and settings\administrador\configurações locais\dados de aplicativos\microsoft\messenger\antoniol399@hotmail.com\sharing folders\installer\winxp\wbg901.exe ok scanned
28/03/2009 20:30:52 File: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Assistente Wireless Intelbras WBG901.lnk ok scanned
28/03/2009 20:30:52 File: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\desktop.ini ok scanned
28/03/2009 20:30:52 File: C:\Documents and Settings\Default User\Menu Iniciar\Programas\Inicializar\desktop.ini ok scanned
28/03/2009 20:30:52 File: C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\desktop.ini ok scanned
28/03/2009 20:30:53 File: c:\documents and settings\administrador\desktop\virus removal tool1\is-1j0ug\startup.exe ok scanned
28/03/2009 20:30:53 File: c:\documents and settings\administrador\desktop\virus removal tool1\is-1j0ug\is-1j0ug.exe ok scanned
28/03/2009 20:30:53 File: C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-1J0UG.lnk ok scanned
28/03/2009 20:30:55 Logical disk sector: C ok scanned
28/03/2009 20:30:55 Physical disk sector: \\.\PHYSICALDRIVE0 ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\cc_20081126_191009.reg ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\CDEXTRA1.nre ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\Coge el tlf.amr ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\desktop.ini ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\kiyo_koge.amr ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\listen.pls ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\listen.pls:Zone.Identifier ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\Minhas Pastas de Compartilhamento.lnk ok scanned
28/03/2009 20:30:55 File: C:\Documents and Settings\Administrador\Meus documentos\neng.amr ok scanned
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\Norman_Malware_Cleaner.exe ok scanned
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\Norman_Malware_Cleaner.exe:Zone.Identifier ok scanned
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\PDVD_MediaDisc.PlayList ok scanned
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe archive NSIS
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0001 ok scanned
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0002 ok scanned
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0003 ok scanned
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0004 ok scanned
28/03/2009 20:30:57 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0005 ok scanned
28/03/2009 20:30:58 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0006 ok scanned
28/03/2009 20:31:00 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0007 ok scanned
28/03/2009 20:31:00 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0008 ok scanned
28/03/2009 20:31:00 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0009 ok scanned
28/03/2009 20:31:00 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0010 ok scanned
28/03/2009 20:31:00 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0011 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0012 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0013 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0014 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0015 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0016 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0017 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0018 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0019 ok scanned
28/03/2009 20:31:01 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0020 ok scanned
28/03/2009 20:31:02 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0021 ok scanned
28/03/2009 20:31:02 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0022 ok scanned
28/03/2009 20:31:02 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0023 ok scanned
28/03/2009 20:31:02 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0024 ok scanned
28/03/2009 20:31:02 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0025 ok scanned
28/03/2009 20:31:02 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0026 ok scanned
28/03/2009 20:31:02 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0027 ok scanned
28/03/2009 20:31:02 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0028 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0029 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0030 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0031 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0032 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0033 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0034 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0035 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0036 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0037 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0038 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0039 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0040 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0041 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0042 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0043 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0044 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0045 ok scanned
28/03/2009 20:31:03 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0046 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0047 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0048 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0049 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0050 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0051 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0052 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0053 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0054 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0055 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0056 ok scanned
28/03/2009 20:31:04 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0057 ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0058 ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059 archive ZIP
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/app_active.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/app_close.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/app_icon.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/app_inactive.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/app_minimize.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/app_uol_title_active.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/app_uol_title_inactive.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/frame_switcher.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/frame_switcher_inactive.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/pref_active.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/pref_close.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Caption/pref_inactive.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/FileTransfer/file_transfer_cancel.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/FileTransfer/file_transfer_open.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/FileTransfer/ItemSelectionBckgrnd.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/FileTransfer/ProgressLeft.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/FileTransfer/ProgressMiddle.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/FileTransfer/ProgressRight.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Html/emoticon.html ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Html/emoticonPropPageTemplate.html ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Html/emoticonPropPageTemplateWithCustom.html ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/away.ico ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/blocked_emblem.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/busy.ico ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/custom.ico ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/default_contact_icon.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/default_user_icon.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/icq_16x16.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/icq_away.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/icq_busy.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/icq_idle.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/icq_invisible.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/icq_offline.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/icq_online.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/icq_unknown.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/idle.ico ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/invisible.ico ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/jabber_16x16.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/jabber_away.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/jabber_busy.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/jabber_idle.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/jabber_invisible.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/jabber_offline.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/jabber_online.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/jabber_unknown.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/msn_16x16.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/msn_away.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/msn_busy.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/msn_idle.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/msn_invisible.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/msn_offline.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/msn_online.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/msn_unknown.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/not_authorized_emblem.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/offline.ico ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/online.ico ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/todaoferta_16x16.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/todaoferta_away.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/todaoferta_busy.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/todaoferta_idle.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/todaoferta_invisible.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/todaoferta_offline.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/todaoferta_online.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/todaoferta_unknown.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/uol_16x16.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/uol_away.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/uol_busy.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/uol_idle.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/uol_invisible.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/uol_offline.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/uol_online.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/uol_unknown.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/yahoo_16x16.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/yahoo_away.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/yahoo_busy.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/yahoo_idle.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/yahoo_invisible.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/yahoo_offline.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/yahoo_online.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Icon/yahoo_unknown.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/accounts_panel.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/app_window.ico ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/button_clean_find_contact.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/button_open_file.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/close_tab.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/contact_group_background.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/contact_list_group.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/default_emoticon.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/default_emoticon.gif ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/find_contact_background.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/group_collapsed.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/group_expanded.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/horizontal_splitter_background.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/horizontal_splitter_center.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/plugin_group_collapsed.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/plugin_group_expanded.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/plugin_tab_fill_active.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/plugin_tab_fill_inactive.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/plugin_tab_left_active.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/plugin_tab_left_inactive.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/plugin_tab_right_active.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/plugin_tab_right_inactive.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/icq_away_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/icq_busy_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/icq_idle_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/icq_invisible_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/icq_offline_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/icq_online_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/icq_unknown_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/jabber_away_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/jabber_busy_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/jabber_idle_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/jabber_invisible_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/jabber_offline_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/jabber_online_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/jabber_unknown_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/msn_away_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/msn_busy_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/msn_idle_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/msn_invisible_tb.bmp ok scanned
28/03/2009 20:31:05 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/msn_offline_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/msn_online_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/msn_unknown_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/todaoferta_away_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/todaoferta_busy_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/todaoferta_idle_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/todaoferta_invisible_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/todaoferta_offline_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/todaoferta_online_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/todaoferta_unknown_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/uol_away_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/uol_busy_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/uol_idle_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/uol_invisible_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/uol_offline_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/uol_online_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/uol_unknown_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/yahoo_away_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/yahoo_busy_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/yahoo_idle_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/yahoo_invisible_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/yahoo_offline_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/yahoo_online_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/ProtocolButtons/yahoo_unknown_tb.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/splitter_background.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/status_combobox.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/title_panel_background.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/user_status_panel_background.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/vertical_splitter_background.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Main/vertical_splitter_center.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/button_bold.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/button_emoticon.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/button_font.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/button_italic.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/button_nudge.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/button_text_bkg_color.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/button_text_color.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/button_underlined.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/close_tab.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/fill_active.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/fill_blink.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/fill_inactive.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/left_active.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/left_blink.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/left_inactive.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/right_active.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/right_blink.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/right_inactive.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/tab_background.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/Template.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Demo.htm ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Footer.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Header.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Incoming/buddy_icon.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Incoming/Content.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Incoming/FileTransferRequest.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Incoming/NextContent.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/main.css ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Outgoing/buddy_icon.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Outgoing/Content.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Outgoing/NextContent.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Status.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/MessageWindow/Templates/UOLMessenger/Contents/Resources/Template.html ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Notify/default.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Notify/new_message.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Notify/notify_popup_background.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Notify/notify_popup_title_background.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Notify/offline.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Notify/online.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/close_window_icon.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/disconnect_icon.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/icon_error.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/icon_information.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/icon_question.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/icon_warning.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/tray_sample_2k.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/tray_sample_vista.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Other/tray_sample_xp.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/layout_alias.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/layout_avatar.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/layout_status.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/plugin_check_off.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/plugin_check_on.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/plugin_config_button.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/plugin_install_button.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/plugin_update_button.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_account.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_contact.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_control_background.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_emoticon.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_general.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_message.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_network.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_plugins.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_sound.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Preferences/tab_status.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/add_contact.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/add_group.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/block_contact.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/cancel_file_transfer.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/delete_all_history.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/delete_file_transfer.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/delete_history.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/next.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/nudge_contact.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/open_file_transfer_folder.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/open_prefs.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/permissions.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/previous.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/send_file.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/send_msg.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/show_history.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/show_info.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/start_chat.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/unblock_contact.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/uol.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Toolbar/uolk.bmp ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Wizard/default_avatar.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Wizard/WizardFinish.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Wizard/WizardInit.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Wizard/WizardPreferences.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Wizard/WizardProfile.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin/Wizard/WizardSplash.png ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059/Skin.xml ok scanned
28/03/2009 20:31:06 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0059 ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0060 ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061 archive ZIP
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/angel.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/beer.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/bomb.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/crying.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/devil.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/embarrassed.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/glasses-cool.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/good.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/in-love.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/kiss.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/laugh.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/neutral.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/rose.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/sad.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/shock.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/shout.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/shut-mouth.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/sick.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/sleepy.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/smile-big.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/smile.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/thinking.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/tongue.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/ICQ/wink.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/angel.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/crying.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/embarrassed.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/foot-in-mouth.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/glasses-cool.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/kiss.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/moneymouth.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/sad.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/shock.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/shout.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/shut-mouth.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/smile-big.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/smile.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/thinking.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/tongue.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Jabber/wink.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/airplane.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/angel.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/angry.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/bad.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/beer.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/bowl.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/boy.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/brb.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/cake.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/camera.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/car.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/cat.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/clock.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/coffee.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/coins.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/computer.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/confused.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/console.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/crying.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/devil.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/dog.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/dont-know.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/drink.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/embarrassed.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/eyeroll.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/film.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/fingers-crossed.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/girl.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/glasses-cool.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/glasses-nerdy.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/goat.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/good.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/handcuffs.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/highfive.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/hug-left.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/hug-right.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/island.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/kiss.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/lamp.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/love-over.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/love.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/mail.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/mobile.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/moon.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/msn.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/musical-note.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/neutral.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/party.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/phone.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/pizza.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/plate.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/present.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/quiet.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/rain.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/rainbow.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/rose-dead.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/rose.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/sad.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/sarcastic.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/secret.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/sheep.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/shock.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/sick.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/sigarette.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/smile-big.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/smile.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/snail.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/soccerball.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/star.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/sun.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/teeth.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/thinking.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/thunder.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/tongue.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/turtle.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/umbrella.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/vampire.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/wink.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/MSN/yawn.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/alien.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/angel.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/angry.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/arrogant.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/beat-up.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/bye.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/call-me.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/chicken.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/clap.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/clover.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/clown.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/coffee.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/coins.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/confused.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/cow.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/cowboy.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/crying.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/dance.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/desire.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/devil.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/doh.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/dont-know.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/drool.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/embarrassed.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/eyeroll.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/flag.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/giggle.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/glasses-cool.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/glasses-nerdy.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/go-away.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/hug-left.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/hypnotized.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/in-love.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/kiss.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/lamp.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/lashes.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/laugh.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/love-over.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/lying.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/mad-tongue.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/mean.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/monkey.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/musical-note.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/nailbiting.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/neutral.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/party.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/peace.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/pig.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/pray.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/pumpkin.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/question.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/quiet.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/rose.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/rotfl.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/sad.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/sarcastic.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/shame.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/shock.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/sick.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/silly.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/skeleton.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/sleepy.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/smile-big.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/smile.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/star.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/sweat.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/thinking.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/tongue.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/waiting.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/weep.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/wink.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/worship.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/yawn.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons/Yahoo/yin-yang.gif ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061/Emoticons.xml ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0061 ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0062 archive ZIP
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0062/Sounds/message.wav ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0062/Sounds/nudge.wav ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0062/Sounds/online.wav ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0062/Sounds.xml ok scanned
28/03/2009 20:31:07 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0062 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0063 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0064 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0065 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0066 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0067 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0068 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0069 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0070 ok scanned
28/03/2009 20:31:08 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0071 ok scanned
28/03/2009 20:31:09 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0072 ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0073 ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0074 ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0075 ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0076 ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe//data0077 ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\uolvoip.exe:Zone.Identifier ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\Meus vídeos\Desktop.ini ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\Minhas fontes de dados\+Conectar à nova fonte de dados.odc ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\Minhas fontes de dados\+Nova conexão do SQL Server.odc ok scanned
28/03/2009 20:31:10 File: C:\Documents and Settings\Administrador\Meus documentos\Minhas fontes de dados\DATACONN.HTC ok scanned
28/03/2009 20:31:11 File: C:\Documents and Settings\Administrador\Meus documentos\Minhas fontes de dados\DESKTOP.INI ok scanned
28/03/2009 20:31:11 File: C:\Documents and Settings\Administrador\Meus documentos\Minhas fontes de dados\FOLDER.ICO ok scanned
28/03/2009 20:31:11 File: C:\Documents and Settings\Administrador\Meus documentos\Minhas imagens\Amostras de imagens.lnk ok scanned
28/03/2009 20:31:11 File: C:\Documents and Settings\Administrador\Meus documentos\Minhas imagens\Desktop.ini ok scanned
28/03/2009 20:31:14 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 10:44:14] archive msoe object system
28/03/2009 20:31:14 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 10:44:14]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 10:44:14]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 10:44:14] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 11:32:31] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 11:32:31]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 11:32:31]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 11:32:31] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 12:02:41] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 12:02:41]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 12:02:41]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 12:02:41] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:personal][Time:2007/07/01 08:14:36] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:personal][Time:2007/07/01 08:14:36]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:personal][Time:2007/07/01 08:14:36]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:personal][Time:2007/07/01 08:14:36] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:personal][Time:2007/07/01 08:15:58] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:personal][Time:2007/07/01 08:15:58]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:personal][Time:2007/07/01 08:15:58]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Caixa de saída\[From:"Antonio" <poupetbr@oi.com.br>][subject:personal][Time:2007/07/01 08:15:58] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens enviados\[From:"antonio sanchez" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 20:03:01] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens enviados\[From:"antonio sanchez" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 20:03:01]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens enviados\[From:"antonio sanchez" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 20:03:01]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens enviados\[From:"antonio sanchez" <poupetbr@oi.com.br>][subject:p][Time:2007/06/30 20:03:01] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"Equipe do Microsoft Outlook Express" <msoe@microsoft.com>][subject:Bem-vindo ao Outlook Express 6][Time:2007/05/06 20:09:31] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"Equipe do Microsoft Outlook Express" <msoe@microsoft.com>][subject:Bem-vindo ao Outlook Express 6][Time:2007/05/06 20:09:31]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"Equipe do Microsoft Outlook Express" <msoe@microsoft.com>][subject:Bem-vindo ao Outlook Express 6][Time:2007/05/06 20:09:31] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:prueba][Time:2007/05/31 10:12:53] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:prueba][Time:2007/05/31 10:12:53]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:prueba][Time:2007/05/31 10:12:53]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:prueba][Time:2007/05/31 10:12:53] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PERSONAL][Time:2007/06/01 03:21:16] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PERSONAL][Time:2007/06/01 03:21:16]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PERSONAL][Time:2007/06/01 03:21:16]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PERSONAL][Time:2007/06/01 03:21:16] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PEROSNAL ][Time:2007/06/01 03:35:12] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PEROSNAL ][Time:2007/06/01 03:35:12]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PEROSNAL ][Time:2007/06/01 03:35:12]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PEROSNAL ][Time:2007/06/01 03:35:12] ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PERSONAL][Time:2007/06/01 03:37:33] archive msoe object system
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PERSONAL][Time:2007/06/01 03:37:33]/text/plain ok scanned
28/03/2009 20:31:15 Email message body: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PERSONAL][Time:2007/06/01 03:37:33]/text/html ok scanned
28/03/2009 20:31:15 Email message: Identidade principal\Pastas locais\Itens excluídos\[From:"antonio sanchez garcia" <antonio@oi.com.br>][subject:PERSONAL][Time:2007/06/01 03:37:33] ok scanned
28/03/2009 20:31:15 Running module: smss.exe\smss.exe ok scanned
28/03/2009 20:31:15 File: C:\WINDOWS\System32\smss.exe ok scanned
28/03/2009 20:31:15 Running module: smss.exe\ntdll.dll ok scanned
28/03/2009 20:31:15 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:31:15 Running module: csrss.exe\csrss.exe ok scanned
28/03/2009 20:31:15 File: C:\WINDOWS\system32\csrss.exe ok scanned
28/03/2009 20:31:15 Running module: csrss.exe\ntdll.dll ok scanned
28/03/2009 20:31:15 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:31:15 Running module: csrss.exe\CSRSRV.dll ok scanned
28/03/2009 20:31:15 File: C:\WINDOWS\system32\CSRSRV.dll ok scanned
28/03/2009 20:31:15 Running module: csrss.exe\basesrv.dll ok scanned
28/03/2009 20:31:15 File: C:\WINDOWS\system32\basesrv.dll ok scanned
28/03/2009 20:31:15 Running module: csrss.exe\winsrv.dll ok scanned
28/03/2009 20:31:16 File: C:\WINDOWS\system32\winsrv.dll ok scanned
28/03/2009 20:31:16 Running module: csrss.exe\GDI32.dll ok scanned
28/03/2009 20:31:16 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:31:16 Running module: csrss.exe\KERNEL32.dll ok scanned
28/03/2009 20:31:17 File: C:\WINDOWS\system32\KERNEL32.dll ok scanned
28/03/2009 20:31:17 Running module: csrss.exe\USER32.dll ok scanned
28/03/2009 20:31:17 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:31:17 Running module: csrss.exe\sxs.dll ok scanned
28/03/2009 20:31:17 File: C:\WINDOWS\system32\sxs.dll ok scanned
28/03/2009 20:31:17 Running module: csrss.exe\ADVAPI32.dll ok scanned
28/03/2009 20:31:17 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:31:17 Running module: csrss.exe\RPCRT4.dll ok scanned
28/03/2009 20:31:17 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:31:17 Running module: csrss.exe\Secur32.dll ok scanned
28/03/2009 20:31:17 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:31:17 Running module: csrss.exe\Apphelp.dll ok scanned
28/03/2009 20:31:17 File: C:\WINDOWS\system32\Apphelp.dll ok scanned
28/03/2009 20:31:17 Running module: csrss.exe\VERSION.dll ok scanned
28/03/2009 20:31:18 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:31:18 Running module: winlogon.exe\winlogon.exe ok scanned
28/03/2009 20:31:19 File: C:\WINDOWS\system32\winlogon.exe ok scanned
28/03/2009 20:31:19 Running module: winlogon.exe\ntdll.dll ok scanned
28/03/2009 20:31:19 File: C:\WINDOWS\system32\ntdll.dll ok scanned
28/03/2009 20:31:19 Running module: winlogon.exe\kernel32.dll ok scanned
28/03/2009 20:31:19 File: C:\WINDOWS\system32\kernel32.dll ok scanned
28/03/2009 20:31:19 Running module: winlogon.exe\ADVAPI32.dll ok scanned
28/03/2009 20:31:19 File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
28/03/2009 20:31:19 Running module: winlogon.exe\RPCRT4.dll ok scanned
28/03/2009 20:31:19 File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
28/03/2009 20:31:19 Running module: winlogon.exe\Secur32.dll ok scanned
28/03/2009 20:31:19 File: C:\WINDOWS\system32\Secur32.dll ok scanned
28/03/2009 20:31:19 Running module: winlogon.exe\AUTHZ.dll ok scanned
28/03/2009 20:31:19 File: C:\WINDOWS\system32\AUTHZ.dll ok scanned
28/03/2009 20:31:19 Running module: winlogon.exe\msvcrt.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\msvcrt.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\CRYPT32.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\MSASN1.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\MSASN1.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\USER32.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\USER32.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\GDI32.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\GDI32.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\NDdeApi.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\NDdeApi.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\PROFMAP.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\PROFMAP.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\NETAPI32.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\USERENV.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\USERENV.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\PSAPI.DLL ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\REGAPI.dll ok scanned
28/03/2009 20:31:20 File: C:\WINDOWS\system32\REGAPI.dll ok scanned
28/03/2009 20:31:20 Running module: winlogon.exe\SETUPAPI.dll ok scanned
28/03/2009 20:31:21 File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
28/03/2009 20:31:21 Running module: winlogon.exe\VERSION.dll ok scanned
28/03/2009 20:31:21 File: C:\WINDOWS\system32\VERSION.dll ok scanned
28/03/2009 20:31:21 Running module: winlogon.exe\WINSTA.dll ok scanned
28/03/2009 20:31:21 File: C:\WINDOWS\system32\WINSTA.dll ok scanned
28/03/2009 20:31:21 Running module: winlogon.exe\WINTRUST.dll ok scanned
28/03/2009 20:31:21 File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
28/03/2009 20:31:21 Running module: winlogon.exe\IMAGEHLP.dll ok scanned
28/03/2009 20:31:21 File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
28/03/2009 20:31:21 Running module: winlogon.exe\WS2_32.dll ok scanned
28/03/2009 20:31:21 File: C:\WINDOWS\system32\WS2_32.dll ok scanned
28/03/2009 20:31:21 Running module: winlogon.exe\WS2HELP.dll ok scanned
28/03/2009 20:31:21 File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
28/03/2009 20:31:21 Running module: winlogon.exe\IMM32.DLL ok scanned
28/03/2009 20:31:22 File: C:\WINDOWS\system32\IMM32.DLL ok scanned
28/03/2009 20:31:22 Running module: winlogon.exe\MSGINA.dll ok scanned
28/03/2009 20:31:22 File: C:\WINDOWS\system32\MSGINA.dll ok scanned
28/03/2009 20:31:22 Running module: winlogon.exe\COMCTL32.dll ok scanned
28/03/2009 20:31:22 File: C:\WINDOWS\system32\COMCTL32.dll ok scanned
28/03/2009 20:31:22 Running module: winlogon.exe\ODBC32.dll ok scanned
28/03/2009 20:31:22 File: C:\WINDOWS\system32\ODBC32.dll ok scanned
28/03/2009 20:31:22 Running module: winlogon.exe\comdlg32.dll ok scanned
28/03/2009 20:31:22 File: C:\WINDOWS\system32\comdlg32.dll ok scanned
28/03/2009 20:31:22 Running module: winlogon.exe\SHELL32.dll ok scanned
28/03/2009 20:31:22 File: C:\WINDOWS\system32\SHELL32.dll ok scanned
28/03/2009 20:31:22 Running module: winlogon.exe\SHLWAPI.dll ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\comctl32.dll ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\odbcint.dll ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\system32\odbcint.dll ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\SHSVCS.dll ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\system32\SHSVCS.dll ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\sfc.dll ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\system32\sfc.dll ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\sfc_os.dll ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\system32\sfc_os.dll ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\ole32.dll ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\system32\ole32.dll ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\Apphelp.dll ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\system32\Apphelp.dll ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\msctfime.ime ok scanned
28/03/2009 20:31:23 File: C:\WINDOWS\system32\msctfime.ime ok scanned
28/03/2009 20:31:23 Running module: winlogon.exe\WINMM.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\WINMM.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\gbieh.dll ok scanned
28/03/2009 20:31:24 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll packed file ASPack
28/03/2009 20:31:24 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll//ASPack ok scanned
28/03/2009 20:31:24 File: C:\ARQUIV~1\GBPLUGIN\gbieh.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\oleaut32.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\oleaut32.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\rsaenh.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\rsaenh.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\cscdll.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\cscdll.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\dimsntfy.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\System32\dimsntfy.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\WlNotify.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\WlNotify.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\MPR.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\MPR.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\WinSCard.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\WinSCard.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\WTSAPI32.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\WTSAPI32.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\WINSPOOL.DRV ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\WINSPOOL.DRV ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\WgaLogon.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\WgaLogon.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\NTMARTA.DLL ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\SAMLIB.dll ok scanned
28/03/2009 20:31:24 File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
28/03/2009 20:31:24 Running module: winlogon.exe\WLDAP32.dll ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\CLBCATQ.DLL ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\COMRes.dll ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\COMRes.dll ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\msxml3.dll ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\msxml3.dll ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\UxTheme.dll ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\UxTheme.dll ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\MSIMG32.DLL ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\MSIMG32.DLL ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\cscui.dll ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\cscui.dll ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\LINKINFO.dll ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\LINKINFO.dll ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\ntshrui.dll ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\ntshrui.dll ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\ATL.DLL ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\ATL.DLL ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\ieframe.dll ok scanned
28/03/2009 20:31:25 File: C:\WINDOWS\system32\ieframe.dll ok scanned
28/03/2009 20:31:25 Running module: winlogon.exe\iertutil.dll ok scanned
28/03/2009 20:31:26 File: C:\WINDOWS\system32\iertutil.dll ok scanned
28/03/2009 20:31:26 Running module: winlogon.exe\xpsp2res.dll ok scanned
28/03/2009 20:31:27 File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
28/03/2009 20:31:27 Running module: services.exe\services.exe ok scanned
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
All objects 2789 0 0 0 0 7 192 0 0
System memory 1252 0 0 0 0 1 5 0 0
Startup objects 996 0 0 0 0 2 187 0 0
Disk boot sectors 2 0 0 0 0 0 0 0 0
Meus documentos 539 0 0 0 0 4 0 0 0
Mail databases 0 0 0 0 0 0 0 0 0
Meu computador 0 0 0 0 0 0 0 0 0
Disco local (C:) 0 0 0 0 0 0 0 0 0
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size
------ ------ ----
Estou aguardando o log do EliStarA.
Tópico Arquivado
Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.
Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.
Ainda tem mais mais é muito grande então vou colocar aqui em baixo o hijackthis..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:28, on 27/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Messenger\antoniol399@hotmail.com\Sharing Folders\Installer\WINXP\WBG901.exe
C:\Arquivos de programas\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://farejador.ig.com.br
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://farejador.ig.com.br/ie/
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Global Startup: Assistente Wireless Intelbras WBG901.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O16 - DPF: {EABF23B1-16D4-4FCB-8872-0AA0D510C651} - http://www.terra.com.br/ads/campanhas/vxp/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{156086F0-6C6A-4D0A-8E6B-A8013B76EB5B}: NameServer = 192.168.0.1
O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify: __GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 9462 bytes