[Arquivado] explorer.exe fechando sozinho a cada dez segundos

Noga · Dezembro 25, 2008

Olá..

Estou com algum problema, e não sei identificá-lo.

Meu explorer. exe fica fechando sozinho, a cada aproximadamente 10 segundos. Depois de um tempo, ele fecha e não volta mais.

Aí vai o log do HijackThis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:06, on 2008-12-25

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\SearchIn1Step\searchin1.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Logitech\iTouch\iTouch.exe

C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\system32\imapi.exe

C:\Arquivos de programas\SearchIn1Step\searchin1.exe

C:\WINDOWS\system32\taskmgr.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\ARQUIV~1\DAP\SBSearch.dll

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Arquivos de programas\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\avgtoolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Arquivos de programas\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Karin\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [NetMeter] C:\Arquivos de programas\HooTech\NetMeter\HooNetMeter.exe

O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Arquivos de programas\DAP\DAP.EXE" /STARTUP

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Acrobat Assistant.lnk = C:\Arquivos de programas\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O8 - Extra context menu item: &Clean Traces - C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Arquivos de programas\DAP\dapextie.htm

O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.18\AMVConverter\grab.html

O8 - Extra context menu item: Download &all with DAP - C:\Arquivos de programas\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\ARQUIV~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\Arquivos,de,programas\RelevantKnowledge\rlai.dll,C:\Arquivos,de,programas\RelevantKnowledge\rlai.dll,C:\Arquivos,de,programas\RelevantKnowledge\rlai.dll,C:\Arquivos,de,programas\RelevantKnowledge\rlai.dll,C:\Arquivos,de,programas\RelevantKnowledge\rlai.dll,avgrsstx.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Arquivos de programas\Power Translator\LogoMedia TranslateDotNet Server.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SearchIn1Step Service - Unknown owner - C:\Arquivos de programas\SearchIn1Step\searchin1.exe

Aguardo alguma boa alma!

jgarcia · Dezembro 26, 2008

Opa Noga,

Baixe o ComboFix em:

ComboFix

1) Desabilite o seu anti-vírus temporariamente;

2) Dê um duplo-clique no combofix.exe e aguarde (o processo total demora cerca de 10 minutos);

3) A janela de “NEGAÇÃO DE GARANTIA DO SOFTWARE” abrir-se-á. Leia atentamente o texto contido nesta janela e clique sobre “SIM” para continuar.

PS.: Caso não concorde com os termos clique sobre “NÃO” para sair do software, cabendo lembrar que o processo de desinfecção não será possível sem a continuidade do ComboFix.

4) Outra janela irá abrir, caso a sua máquina não possua o CONSOLE DE RECUPERAÇÃO DO WINDOWS. É recomendável executar a instalação do console ante de dar continuidade ao processo, pois tal ação proporcionará a garantia de que o sistema poderá ser recuperado em caso de problemas durante a varredura.

Clique sobre “SIM” e aguarde, pois o processo de instalação do console dar-se-á automaticamente através do próprio ComboFix. Ele poderá demorar alguns minutos (dependerá da velocidade de sua conexão), portanto seja paciente.

Quando a janela “INSTALANDO O CONSOLE DE RECUPERAÇÃO” aparecer clique em “OK”, depois clique sobre “SIM” para aceitar a licença EULA.

Ao término da instalação do console de recuperação abrir-se-á uma janela avisando que “O CONSOLE DE RECUPERAÇÃO FOI INSTALADA COM SUCESSO”.

Clique sobre “SIM” para continuar a varredura.

5) O ComboFix iniciará o AUTOSCAN (aguarde).

ATENÇÃO: Não clique na janela do ComboFix, nem termine o processo abruptamente enquanto a ferramenta estiver sendo executada, pois isto implicará na desconfiguração de seu desktop (ele ficará todo branco).

Ao término do processo a máquina será reiniciada para a emissão do relatório.

6) Ao reiniciar a máquina o ComboFix irá executar o FIND3M para a criação do relatório final da varredura. O log ficará alocado em C:\ComboFix.txt.

7) Reabilite o seu anti-vírus;

8) Preciso que você cole o conteúdo do ComboFix.txt em sua próxima resposta.

OBS.1: Caso apareça uma mensagem avisando que ESTE NÃO É UM APLICATIVO WIN 32 VÁLIDO baixe o ComboFix novamente, mas salve-o em seu Desktop como KomboFix. Em último caso, tente utilizar o ComboFix em MODO SEGURO.

OBS.2: Caso haja um clique sobre a janela do ComboFix em execução, ela irá MAXIMIZAR, sobrepondo-se sobre as demais. Para minimizá-la novamente basta utilizar a combinação ALT + TAB.

Abraços.

Noga · Dezembro 28, 2008

Olá Jgarcia!

Fiz isso e resolveu meu problema. Está funcionando direitinho.

Obrigada!

jgarcia · Dezembro 28, 2008

Olá Jgarcia!

Fiz isso e resolveu meu problema. Está funcionando direitinho.

Obrigada!

Sugiro que você poste o log gerado, a fim de que eu possa analisar se a infecção foi removida integralmente. ;)

Noga · Dezembro 31, 2008

Olá

Perdi o log antigo, então fiz novamente.

Realmente o problema foi resolvido, o explorer.exe não está mais fechando, mas agora surgiu outro.

Não consigo abrir nenhum arquivo do word ou do excel. Para arquivos do word, a mensagem é a seguinte: "O arquivo nome.doc não está disponível." E para arquivos do excel, a mensagem é a seguinte: "O arquivo não pode ser aberto porque o antivírus encontrou um problema no arquivo. Este erro poderá ocorrer porque um programa antivírus não está permitindo que o arquivo seja aberto. Essa situação pode ser causada por um dos seguintes motivos:

O programa antivírus precisa ser atualizado devido a um problema de compatibilidade com este programa. (...) "

Já reinstalei o Office, reinstalei o antivírus, mas o problema continua.

O novo log do ComboFix é o seguinte:

ComboFix 08-12-29.02 - Karin 2008-12-30 22:49:26.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.1022.521 [GMT -2:00]

Executando de: c:\documents and settings\Karin\Meus documentos\Downloads\ComboFix.exe

* Criado um novo ponto de restauro

.

(((((((((((((((( Arquivos/Ficheiros criados de 2008-11-28 to 2008-12-31 ))))))))))))))))))))))))))))

.

2008-12-28 17:55 . 2008-12-28 20:24 <DIR> d--h----- C:\$AVG8.VAULT$

2008-12-28 17:11 . 2008-12-28 17:11 <DIR> d-------- c:\arquivos de programas\Windows Media Lite

2008-12-28 17:11 . 2008-12-28 17:11 <DIR> d-------- c:\arquivos de programas\P2P_Torrent

2008-12-28 17:10 . 2008-12-28 18:04 <DIR> d-------- c:\arquivos de programas\Ares Galaxy Turbo Booster

2008-12-28 17:04 . 2008-12-28 17:16 <DIR> d--h----- c:\windows\$hf_mig$

2008-12-28 16:57 . 2008-12-28 16:58 <DIR> d-------- c:\arquivos de programas\LiveTV_

2008-12-28 16:57 . 2008-12-28 16:57 <DIR> d-------- c:\arquivos de programas\Conduit

2008-12-28 16:50 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll

2008-12-28 16:44 . 2008-12-28 16:44 <DIR> d-------- c:\arquivos de programas\MSBuild

2008-12-28 16:44 . 2004-08-04 01:45 221,184 --a------ c:\windows\system32\wmpns.dll

2008-12-28 16:43 . 2008-12-28 16:43 <DIR> d-------- c:\arquivos de programas\Microsoft.NET

2008-12-28 16:38 . 2008-12-28 16:38 <DIR> d-------- c:\arquivos de programas\Microsoft Visual Studio 8

2008-12-28 16:38 . 2008-12-28 16:38 <DIR> d-------- c:\arquivos de programas\Live_TV

2008-12-28 16:31 . 2008-12-28 16:31 <DIR> dr-h----- C:\MSOCache

2008-12-28 16:10 . 2008-12-28 16:13 <DIR> d-------- c:\windows\system32\drivers\Avg

2008-12-28 16:10 . 2008-12-28 16:10 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\avg8

2008-12-28 16:10 . 2008-12-28 16:10 98,440 --a------ c:\windows\system32\drivers\avgldx86.sys

2008-12-28 16:10 . 2008-12-28 16:10 90,632 --a------ c:\windows\system32\drivers\avgtdix.sys

2008-12-28 16:10 . 2008-12-28 16:10 10,520 --a------ c:\windows\system32\avgrsstx.dll

2008-12-26 10:55 . 2008-12-26 11:16 <DIR> d-------- c:\windows\system32\NtmsData

2008-12-26 00:15 . 2008-12-26 00:15 <DIR> d-------- c:\arquivos de programas\Windows Defender

2008-12-25 23:06 . 2008-12-25 23:07 <DIR> d-------- c:\arquivos de programas\Ares

2008-12-25 21:31 . 2008-12-25 21:51 <DIR> d-------- c:\windows\system32\CatRoot_bak

2008-12-25 21:06 . 2008-12-25 21:06 <DIR> d-------- c:\arquivos de programas\Trend Micro

2008-12-25 17:11 . 2005-07-15 06:48 40,960 -r------- c:\windows\system32\ChCfg.exe

2008-12-25 17:10 . 2006-06-20 19:40 18,796,544 -r------- c:\windows\system32\alsndmgr.cpl

2008-12-25 17:10 . 2006-06-20 19:35 10,527,744 -r------- c:\windows\system32\RTLCPL.exe

2008-12-25 17:10 . 2006-06-27 07:42 3,972,672 -r------- c:\windows\system32\drivers\alcxwdm.sys

2008-12-25 17:10 . 2006-06-20 19:42 577,536 -r------- c:\windows\soundman.exe

2008-12-25 17:10 . 2006-06-07 22:00 143,360 -r------- c:\windows\system32\RtlCPAPI.dll

2008-12-25 17:10 . 2002-02-05 03:54 141,016 -r------- c:\windows\system32\alsndmgr.wav

2008-12-25 17:09 . 2008-12-25 17:09 <DIR> d-------- c:\arquivos de programas\Realtek AC97

2008-12-25 17:09 . 2006-03-20 01:48 315,392 -r------- c:\windows\alcupd.exe

2008-12-25 17:09 . 2005-11-18 01:20 217,088 -ra------ c:\windows\Alcrmv.exe

2008-12-25 16:58 . 2008-12-25 17:02 <DIR> d-------- c:\windows\NV23442748.TMP

2008-12-25 16:56 . 2008-12-25 16:56 54,156 --ah----- c:\windows\QTFont.qfn

2008-12-25 16:56 . 2008-12-25 16:56 1,409 --a------ c:\windows\QTFont.for

2008-12-25 02:22 . 2008-12-25 02:22 665 --a------ c:\windows\wininit.ini

2008-12-25 01:53 . 2008-12-25 01:53 <DIR> d-------- c:\documents and settings\Karin\Dados de aplicativos\LEGO Company

2008-12-25 01:53 . 2008-12-25 01:53 101 --a------ c:\windows\system32\nocfhjfaujf

2008-12-25 01:53 . 2008-12-25 01:53 100 --a------ c:\windows\plmadfhdashd

2008-12-25 01:34 . 2008-12-25 01:36 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\TrackMania

2008-12-25 01:30 . 2008-12-25 01:52 <DIR> d-------- c:\arquivos de programas\TmNationsForever

2008-12-25 01:02 . 2008-12-25 02:22 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2008-12-25 01:02 . 2008-12-25 01:02 <DIR> d-------- c:\arquivos de programas\Spybot - Search & Destroy

2008-12-25 00:59 . 2008-12-25 02:07 <DIR> d-------- c:\arquivos de programas\LEGO Company

2008-12-25 00:56 . 2008-12-25 00:56 <DIR> d-------- c:\temp\rk

2008-12-25 00:56 . 2008-12-25 01:18 <DIR> d-------- C:\temp

2008-12-25 00:53 . 2008-12-25 00:53 <DIR> d-------- c:\documents and settings\Karin\Dados de aplicativos\SpeedBit

2008-12-25 00:52 . 2008-12-28 17:00 <DIR> d-------- c:\arquivos de programas\AskSBar

2008-12-25 00:48 . 2008-12-25 00:48 <DIR> d-------- c:\arquivos de programas\LogyxPack

2008-12-25 00:45 . 2008-12-25 02:19 <DIR> d-------- c:\arquivos de programas\Extreme Tux Racer

2008-12-25 00:43 . 2008-12-25 00:43 30,601 --a------ c:\documents and settings\Karin\x.exe

2008-12-25 00:38 . 2008-12-25 01:52 <DIR> d-------- c:\arquivos de programas\Enigma

2008-12-25 00:36 . 2008-12-25 00:53 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\SpeedBit

2008-12-25 00:36 . 2008-12-26 01:09 <DIR> d-------- c:\arquivos de programas\DAP

2008-12-25 00:36 . 2008-12-25 00:36 479,298 --a------ c:\windows\system32\wbocx.ocx

2008-12-25 00:36 . 2008-12-25 00:36 172,032 --a------ c:\windows\system32\AniGIF.ocx

2008-12-25 00:36 . 2008-12-25 00:36 50,688 --a------ c:\windows\system32\wbhelp2.dll

2008-12-25 00:32 . 2008-12-25 02:20 <DIR> d-------- c:\arquivos de programas\AbcPuzzles

2008-12-25 00:23 . 2008-12-25 00:23 <DIR> d-------- c:\arquivos de programas\Lavasoft

2008-12-24 14:42 . 2008-12-28 17:15 1,393 --a------ c:\windows\imsins.BAK

2008-12-24 01:27 . 2008-12-24 01:27 45,056 --a------ c:\windows\system32\opnmMeBt.dll

2008-12-24 00:48 . 2008-12-24 00:48 <DIR> d-------- c:\documents and settings\Karin\Dados de aplicativos\HTNetMeter

2008-12-24 00:48 . 2008-12-24 00:48 <DIR> d-------- c:\arquivos de programas\HooTech

2008-12-24 00:05 . 2007-08-24 19:45 101,120 -ra------ c:\windows\system32\drivers\ewusbmdm.sys

2008-12-24 00:05 . 2007-08-24 19:45 24,448 -ra------ c:\windows\system32\drivers\ewdcsc.sys

2008-12-24 00:04 . 2008-12-25 01:52 <DIR> d-------- c:\arquivos de programas\TIM Web Banda Larga

2008-12-23 00:52 . 2008-12-23 00:52 <DIR> d-------- c:\windows\MVScreenSaver

2008-12-23 00:52 . 2008-12-23 00:51 686,111 --a------ c:\windows\unins000.exe

2008-12-23 00:52 . 2008-12-23 00:52 1,037 --a------ c:\windows\unins000.dat

2008-12-23 00:52 . 2008-01-19 17:18 62 --a------ c:\windows\MVSCREENSAVER.INI

2008-12-23 00:15 . 2008-12-23 00:15 410,984 --a------ c:\windows\system32\deploytk.dll

2008-12-22 23:36 . 2008-03-21 10:16 104,960 --a------ c:\windows\system32\drivers\ZTEusbser6k.sys

2008-12-22 23:36 . 2008-03-21 10:16 104,960 --a------ c:\windows\system32\drivers\ZTEusbnmea.sys

2008-12-22 23:36 . 2008-03-21 10:16 104,960 --a------ c:\windows\system32\drivers\ZTEusbmdm6k.sys

2008-12-21 18:13 . 2008-12-21 18:13 <DIR> d-------- c:\arquivos de programas\Microsoft

2008-12-21 18:12 . 2008-12-21 18:12 <DIR> d-------- c:\arquivos de programas\Windows Live SkyDrive

2008-12-16 22:48 . 2008-12-16 22:48 <DIR> d-------- C:\OdontoPlus

2008-12-04 12:16 . 2008-12-04 13:18 <DIR> d-------- c:\arquivos de programas\Zero Assumption Digital Image Recovery

2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ c:\windows\system32\sirenacm.dll

2008-11-30 00:07 . 2008-11-30 23:34 <DIR> d-------- c:\documents and settings\Karin\amsn

2008-11-23 15:51 . 2007-08-11 23:07 <DIR> d--h----- c:\documents and settings\Convidado\Modelos

2008-11-23 15:51 . 2008-11-23 15:52 <DIR> dr------- c:\documents and settings\Convidado\Meus documentos

2008-11-23 15:51 . 2007-08-11 20:02 <DIR> dr------- c:\documents and settings\Convidado\Menu Iniciar

2008-11-23 15:51 . 2008-11-23 15:52 <DIR> dr------- c:\documents and settings\Convidado\Favoritos

2008-11-23 15:51 . 2008-11-23 15:52 <DIR> dr-h----- c:\documents and settings\Convidado\Dados de aplicativos

2008-11-23 15:51 . 2008-12-30 22:51 <DIR> d--h----- c:\documents and settings\Convidado\Configurações locais

2008-11-23 15:51 . 2007-08-11 20:02 <DIR> d--h----- c:\documents and settings\Convidado\Ambiente de rede

2008-11-23 15:51 . 2007-08-11 20:02 <DIR> d--h----- c:\documents and settings\Convidado\Ambiente de impressão

2008-11-23 15:51 . 2008-12-28 16:11 <DIR> d-------- c:\documents and settings\Convidado

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-31 00:48 --------- d---a-w c:\documents and settings\All Users\Dados de aplicativos\TEMP

2008-12-28 19:16 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2008-12-28 16:47 --------- d-----w c:\arquivos de programas\MediaMonkey

2008-12-28 16:39 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\WildTangent

2008-12-26 02:15 --------- d-----w c:\documents and settings\Karin\Dados de aplicativos\AdobeUM

2008-12-26 01:02 --------- d-----w c:\arquivos de programas\eMule

2008-12-25 19:09 --------- d--h--w c:\arquivos de programas\InstallShield Installation Information

2008-12-25 04:04 --------- d-----w c:\arquivos de programas\Readiris10

2008-12-25 04:01 --------- d-----w c:\arquivos de programas\Secret Maryo Chronicles

2008-12-25 04:00 --------- d-----w c:\arquivos de programas\Smart Projects

2008-12-25 03:00 --------- d-----w c:\arquivos de programas\GameTop.com

2008-12-24 11:48 --------- d-----w c:\arquivos de programas\Messenger Plus! Live

2008-12-23 02:15 --------- d-----w c:\arquivos de programas\Java

2008-12-21 22:28 --------- d-----w c:\arquivos de programas\Windows Live

2008-12-18 00:44 --------- d-----w c:\arquivos de programas\SearchIn1Step

2008-12-04 15:18 --------- d-----w c:\arquivos de programas\SmarThru 4

2008-10-23 13:00 283,648 ----a-w c:\windows\system32\gdi32.dll

2008-10-16 16:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 16:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 16:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 16:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 16:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 16:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 16:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 16:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-10-16 16:06 268,648 ----a-w c:\windows\system32\mucltui.dll

2008-10-16 16:06 208,744 ----a-w c:\windows\system32\muweb.dll

2008-10-16 10:39 661,504 ----a-w c:\windows\system32\wininet.dll

2008-10-13 03:25 219,648 ----a-w c:\windows\system32\uxtheme.dll

2008-10-03 10:16 247,326 ----a-w c:\windows\system32\strmdll.dll

2008-09-30 18:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll

2008-09-15 15:40 1,846,144 ----a-w c:\windows\system32\win32k.sys

2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll

2008-09-03 02:24 67,696 ----a-w c:\arquivos de programas\mozilla firefox\components\jar50.dll

2008-09-03 02:24 54,376 ----a-w c:\arquivos de programas\mozilla firefox\components\jsd3250.dll

2008-09-03 02:24 34,952 ----a-w c:\arquivos de programas\mozilla firefox\components\myspell.dll

2008-09-03 02:24 46,720 ----a-w c:\arquivos de programas\mozilla firefox\components\spellchk.dll

2008-09-03 02:24 172,144 ----a-w c:\arquivos de programas\mozilla firefox\components\xpinstal.dll

.

((((((((((((((((((((((((((((( snapshot@2008-12-25_21.26.34.62 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-12-28 18:45:01 110,592 ----a-w c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll

+ 2008-12-28 18:44:57 65,536 ----a-w c:\windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL

+ 2008-12-28 18:45:02 4,608 ----a-w c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll

+ 2008-12-28 18:44:56 1,215,328 ----a-w c:\windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll

+ 2008-12-28 18:44:57 82,784 ----a-w c:\windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll

+ 2008-12-28 18:44:40 31,560 ----a-w c:\windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL

+ 2008-12-28 18:45:00 8,007,680 ----a-w c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll

+ 2008-12-28 18:44:40 16,712 ----a-w c:\windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll

+ 2008-12-28 18:43:10 80,696 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll

+ 2008-12-28 18:43:46 1,612,592 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll

+ 2008-12-28 18:43:46 1,276,720 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll

+ 2008-12-28 18:43:47 150,320 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll

+ 2008-12-28 18:44:42 404,296 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll

+ 2008-12-28 18:43:52 88,896 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll

+ 2008-12-28 18:43:50 146,232 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll

+ 2008-12-28 18:44:21 17,208 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll

+ 2008-12-28 18:43:48 920,376 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll

+ 2008-12-28 18:43:49 35,648 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll

+ 2008-12-28 19:04:07 250,928 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll

+ 2008-12-28 18:43:49 232,248 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll

+ 2008-12-28 18:43:48 20,280 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll

+ 2008-12-28 18:45:23 783,744 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll

+ 2008-12-28 18:44:58 13,312 ----a-w c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll

+ 2008-12-28 18:43:47 371,496 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll

+ 2008-12-28 18:43:50 64,288 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll

+ 2008-12-28 18:44:58 229,376 ----a-w c:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL

+ 2008-12-28 18:45:01 4,096 ----a-w c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll

+ 2008-12-28 18:43:48 416,544 ----a-w c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL

+ 2008-12-28 18:43:10 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll

+ 2008-12-28 18:43:11 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll

+ 2008-12-28 18:44:00 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll

+ 2008-12-28 18:44:43 12,616 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll

+ 2008-12-28 18:44:42 12,616 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll

+ 2008-12-28 18:44:24 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll

+ 2008-12-28 18:44:22 12,632 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll

+ 2008-12-28 18:44:24 12,112 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll

+ 2008-12-28 18:44:36 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll

+ 2008-12-28 18:44:19 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll

+ 2008-12-28 18:44:38 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll

+ 2008-12-28 18:44:19 12,080 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll

+ 2008-12-28 18:44:19 11,544 ----a-w c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll

+ 2008-12-28 18:44:58 16,384 ----a-w c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll

+ 2008-12-28 18:45:31 120,408 ----a-w c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll

+ 2008-12-28 18:45:05 367,400 ----a-w c:\windows\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll

+ 2008-12-28 18:45:31 611,392 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll

+ 2008-12-28 18:44:41 43,840 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\12.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll

+ 2008-12-28 18:44:42 39,728 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll

+ 2008-12-28 18:44:41 60,200 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll

+ 2008-12-28 18:38:32 4,608 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.resources.dll

+ 2008-12-28 18:44:53 211,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.dll

+ 2008-12-28 18:38:31 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.resources.dll

+ 2008-12-28 18:44:54 105,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll

+ 2008-12-28 18:44:46 330,520 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.dll

+ 2008-12-28 18:38:31 4,096 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.resources.dll

+ 2008-12-28 18:44:54 39,712 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll

+ 2008-12-28 18:44:55 39,704 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll

+ 2008-12-28 18:44:48 72,472 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll

+ 2008-12-28 18:44:55 47,832 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

+ 2008-12-28 18:44:55 39,624 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll

- 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys

+ 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys

- 2007-02-28 16:02:20 2,140,160 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2008-08-14 13:45:20 2,140,160 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe

- 2007-02-28 16:02:34 2,061,824 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2008-08-14 13:45:24 2,061,952 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe

- 2007-02-28 16:02:18 2,019,840 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2008-08-14 13:45:20 2,019,840 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe

- 2007-02-28 16:02:28 2,184,576 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2008-08-14 13:45:25 2,184,576 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2006-10-26 21:49:48 1,011,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109010061400000000000F01FEC\12.0.4518\MSDAIPP.DLL

+ 2006-10-26 21:49:46 970,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109010061400000000000F01FEC\12.0.4518\MSONSEXT.DLL

+ 2006-10-27 18:00:10 576,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACACEDAO.DLL

+ 2006-10-27 00:18:12 162,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACCWIZ.DLL

+ 2006-10-27 18:00:12 1,751,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECORE.DLL

+ 2006-10-27 18:00:10 576,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEDAO.DLL

+ 2006-10-27 18:00:06 47,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEERR.DLL

+ 2006-10-27 18:00:08 191,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEES.DLL

+ 2006-10-26 23:13:34 338,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEEXCH.DLL

+ 2006-10-26 23:13:44 629,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEEXCL.DLL

+ 2006-10-26 23:13:28 207,736 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACELTS.DLL

+ 2006-10-26 23:13:32 279,352 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODBC.DLL

+ 2006-10-26 23:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODDBS.DLL

+ 2006-10-26 23:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODEXL.DLL

+ 2006-10-26 23:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODPDX.DLL

+ 2006-10-26 23:13:12 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODTXT.DLL

+ 2006-10-27 18:00:06 387,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL

+ 2006-10-26 23:13:38 392,048 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEPDE.DLL

+ 2006-10-26 23:13:30 260,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACER2X.DLL

+ 2006-10-26 23:13:32 289,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACER3X.DLL

+ 2006-10-26 23:13:20 56,120 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACERCLR.DLL

+ 2006-10-26 23:13:38 551,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEREP.DLL

+ 2006-10-26 23:13:30 224,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACETXT.DLL

+ 2006-10-27 18:40:34 208,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEWSS.DLL

+ 2006-10-26 23:13:34 371,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEXBE.DLL

+ 2006-10-27 18:41:04 399,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CDLMSO.DLL

+ 2006-10-26 22:59:24 205,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CLVIEW.EXE

+ 2006-10-26 23:12:52 189,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL

+ 2006-10-26 22:48:14 439,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DWDCW20.DLL

+ 2006-10-26 17:10:08 1,190,688 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FM20.DLL

+ 2006-10-26 17:04:58 75,576 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FORM.DLL

+ 2006-10-26 22:21:24 1,682,232 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL

+ 2006-10-27 18:09:36 983,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FPWEC.DLL

+ 2006-10-26 23:02:12 2,526,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GRAPH.EXE

+ 2006-10-26 23:12:52 173,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IEAWSDC.DLL

+ 2006-10-27 18:10:10 5,281,592 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPEDITOR.DLL

+ 2006-10-26 22:58:24 793,392 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MDIGRAPH.DLL

+ 2006-10-26 22:58:18 274,776 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MDIINK.DLL

+ 2006-10-26 22:55:10 828,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MEDCAT.DLL

+ 2006-10-27 18:01:34 10,371,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSACCESS.EXE

+ 2006-10-27 00:18:06 66,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSAEXP30.DLL

+ 2006-10-26 16:58:14 117,552 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSCONV97.DLL

+ 2006-10-27 17:59:06 161,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOCF.DLL

+ 2006-10-26 22:48:12 14,664 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOCFU.DLL

+ 2006-10-26 23:12:58 428,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSODCW.DLL

+ 2006-10-27 00:13:36 26,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOEURO.DLL

+ 2006-10-26 23:00:08 6,635,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSORES.DLL

+ 2006-10-26 16:56:36 436,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSORUN.DLL

+ 2006-10-26 22:58:26 1,057,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSPCORE.DLL

+ 2006-10-26 22:58:22 772,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSPFILT.DLL

+ 2006-10-26 22:50:04 672,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSQRY32.EXE

+ 2006-10-26 16:56:40 505,136 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSSOAP30.DLL

+ 2006-10-26 22:55:12 832,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORDB.EXE

+ 2006-10-26 22:55:06 538,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORES.DLL

+ 2006-10-26 23:12:30 65,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\NAME.DLL

+ 2006-10-27 18:14:34 14,151,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OART.DLL

+ 2006-10-26 23:06:54 232,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ODEPLOY.EXE

+ 2006-10-26 23:14:06 7,033,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OFFOWC.DLL

+ 2006-10-27 18:18:36 1,658,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OGL.DLL

+ 2006-10-26 23:00:08 274,744 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OIS.EXE

+ 2006-10-26 23:00:12 998,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISAPP.DLL

+ 2006-10-26 23:00:10 285,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISGRAPH.DLL

+ 2006-10-26 16:58:40 540,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ORGCHART.EXE

+ 2006-10-26 23:07:04 6,536,992 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OSETUP.DLL

+ 2006-07-26 21:53:56 459,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL

+ 2006-10-27 00:30:44 482,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PORTCONN.DLL

+ 2006-10-27 18:04:06 465,200 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\POWERPNT.EXE

+ 2006-10-27 18:04:06 7,980,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPCORE.DLL

+ 2006-10-26 22:52:10 2,012,480 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPTVIEW.EXE

+ 2006-10-26 17:05:00 77,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PSOM.DLL

+ 2006-10-27 00:13:38 38,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REFEDIT.DLL

+ 2006-10-26 17:04:44 19,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REVERSE.DLL

+ 2006-10-26 23:13:00 503,624 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SELFCERT.EXE

+ 2006-10-26 23:06:58 439,600 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETUP.EXE

+ 2006-10-27 00:18:16 502,608 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SOA.DLL

+ 2006-10-27 17:57:08 2,330,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\STSLIST.DLL

+ 2006-10-26 17:04:48 29,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\THOCRAPI.DLL

+ 2006-10-26 17:05:04 126,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL

+ 2006-10-26 17:05:02 86,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL

+ 2006-10-26 17:04:56 58,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWLAY32.DLL

+ 2006-10-26 17:04:48 27,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWORIENT.DLL

+ 2006-10-26 17:04:54 51,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWRECE.DLL

+ 2006-10-26 17:04:44 19,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWRECS.DLL

+ 2006-10-26 17:04:58 76,624 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL

+ 2006-09-30 03:42:56 2,583,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VBE6.DLL

+ 2006-10-27 01:58:38 3,732,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VVIEWER.DLL

+ 2006-10-26 17:05:08 1,181,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL

+ 2006-10-26 17:05:08 530,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XPAGE3C.DLL

+ 2007-09-14 23:45:58 16,901,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\MSO.DLL

+ 2007-08-29 02:19:24 1,654,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\OGL.DLL

+ 2007-08-29 01:06:16 467,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\POWERPNT.EXE

+ 2007-08-29 01:06:44 7,990,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\PPCORE.DLL

+ 2008-12-28 18:45:54 251,272 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\PPTPIA.DLL

+ 2008-12-26 04:42:01 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe

- 2008-07-28 00:05:21 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

+ 2008-12-28 19:16:27 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

- 2008-07-28 00:05:22 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2008-12-28 19:16:28 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

- 2008-07-28 00:05:21 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2008-12-28 19:16:28 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

- 2008-07-28 00:05:21 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

+ 2008-12-28 19:16:28 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2008-07-28 00:05:22 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

+ 2008-12-28 19:16:28 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

- 2008-07-28 00:05:22 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

+ 2008-12-28 19:16:29 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

- 2008-07-28 00:05:22 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

+ 2008-12-28 19:16:29 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

- 2008-07-28 00:05:22 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

+ 2008-12-28 19:16:28 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

- 2008-07-28 00:05:22 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

+ 2008-12-28 19:16:28 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

- 2008-07-28 00:05:22 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

+ 2008-12-28 19:16:28 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

- 2008-07-28 00:05:22 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

+ 2008-12-28 19:16:29 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

- 2008-07-28 00:05:21 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

+ 2008-12-28 19:16:28 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

- 2007-08-12 01:44:21 217,864 ----a-r c:\windows\Installer\{90120000-006E-0416-0000-0000000FF1CE}\misc.exe

+ 2008-12-26 04:45:32 217,864 ----a-r c:\windows\Installer\{90120000-006E-0416-0000-0000000FF1CE}\misc.exe

- 2006-11-03 02:24:36 7,168 ----a-w c:\windows\system32\asferror.dll

+ 2006-11-03 01:24:36 7,168 ----a-w c:\windows\system32\asferror.dll

- 2006-10-19 00:47:08 284,672 ----a-w c:\windows\system32\audiodev.dll

+ 2006-10-18 23:47:08 276,992 ----a-w c:\windows\system32\audiodev.dll

- 2008-04-21 07:02:31 1,024,000 ----a-w c:\windows\system32\browseui.dll

Aguardo e desde já agradeço.

Noga · Dezembro 31, 2008

Esqueci outro problema.

O iexplorer tb está com problemas. Esporadicamente, aparece uma mensagem que ele não pode ser aberto, e precisa ser fechado.

:S

Oh my god!

jgarcia · Dezembro 31, 2008

Opa Noga,

1. Baixe o BankerFix 3.0.

2. Desative o seu anti-vírus temporariamente.

3. Dê um duplo-clique sobre o bankerfix.exe. A janela do Banker Fix 3.0 abrir-se-á com a seguinte pergunta Instalar o BankerFix 3.0 / Install BankerFix 3.0 ? >> clique em SIM.

4. Uma janela informando que o BankerFix 3.0 será baixado via internet abrir-se-á >> clique sobre OK e aguarde. Na próxima janela clique em OK mais uma vez, a fim de que o BankerFix 3.0 seja iniciado.

5. Pressione qualquer tecla para dar continuidade ao processo e aguarde até que a varredura se complete. Tenha paciência, pois ela pode demorar alguns minutos.

6. Terminado o scan, leia a mensagem na tela e aperte Enter.

7. Habilite o seu anti-vírus.

8. Retorne com o relatorio.txt do BankerFix (ele estará em C:\LinhaDefensiva\).

9. Depois de postar a sua resposta você poderá deletar a pasta LinhaDefensiva contida no C.

Abraços.

PS.: Caso apareça a seguinte mensagem: Site denunciado como foco de ataques!, não se preocupe e clique sobre Ignorar este alerta.

Noga · Dezembro 31, 2008

BankerFix 3.0 VALKYRIE - Removedor de Bankers

Linha Defensiva | http://www.linhadefensiva.org

http://www.linhadefensiva.org/bankerfix/

-------------------------------------------------------

Data: 2008-12-30 - 23:19

-------------------------------------------------------

Lista de Definição: 2008-12-14-1 | CORE: 2008-12-14-1

=======================================================

----- Fim -------------------------

:D

Noga · Janeiro 6, 2009

O problema ainda continua. Só consigo abrir arquivos word e excel se estiver sem o AVG instalado.

Alguma idéia?

jgarcia · Janeiro 9, 2009

Opa Noga,

Poste um novo log do ComboFix.

PS.: Desculpe a demora, pois cheguei de viagem hoje.

Noga · Janeiro 22, 2009

Oiee... ok.. tb estive fora..

entao.. resolvi o problema tirando o AVG do meu pc... agora estou com o Avast..mas o problema do explorer voltou. As vezes da uma mensagem que o windows explores precisa ser fechado, e uma vez fechado, ele nao volta mais.

Nao mais mais o q fazer. Vai aí o log do combofix..

ComboFix 09-01-21.02 - Karin 2009-01-22 1:11:01.3 - NTFSx86

Executando de: c:\documents and settings\Karin\Desktop\ComboFix.exe

.

(((((((((((((((( Arquivos/Ficheiros criados de 2008-12-22 to 2009-01-22 ))))))))))))))))))))))))))))

.

2009-01-22 01:09 . 2009-01-22 01:10 <DIR> d-------- C:\32788R22FWJFW

2009-01-21 22:27 . 2009-01-21 22:27 <DIR> d-------- c:\arquivos de programas\AVIConverter

2009-01-21 01:19 . 2009-01-21 01:19 <DIR> d--h----- c:\windows\$hf_mig$

2009-01-19 23:54 . 2009-01-20 01:43 <DIR> d-------- C:\OdontoPlus

2009-01-09 09:56 . 2009-01-09 09:56 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\SlySoft

2009-01-07 23:38 . 2009-01-07 23:38 <DIR> d-------- c:\arquivos de programas\SlySoft

2009-01-07 00:24 . 2003-06-25 19:38 14,848 --a------ c:\arquivos de programas\aida32.exe

2009-01-05 22:47 . 2009-01-05 22:47 <DIR> d-------- c:\arquivos de programas\Alwil Software

2009-01-04 12:12 . 2009-01-04 12:12 <DIR> d-------- c:\arquivos de programas\K-Lite Codec Pack

2009-01-04 12:12 . 2008-09-19 19:57 3,596,288 --a------ c:\windows\system32\qt-dx331.dll

2009-01-04 12:12 . 2008-09-24 16:41 839,680 --a------ c:\windows\system32\lameACM.acm

2009-01-04 12:12 . 2008-12-07 16:08 795,648 --a------ c:\windows\system32\xvidcore.dll

2009-01-04 12:12 . 2008-10-28 20:35 684,032 --a------ c:\windows\system32\divx.dll

2009-01-04 12:12 . 2004-01-25 14:18 217,088 --a------ c:\windows\system32\yv12vfw.dll

2009-01-04 12:12 . 2008-12-07 16:08 130,048 --a------ c:\windows\system32\xvidvfw.dll

2009-01-04 12:12 . 2007-09-20 22:52 118,784 --a------ c:\windows\system32\ac3acm.acm

2009-01-04 12:12 . 2008-09-25 06:03 81,920 --a------ c:\windows\system32\dpl100.dll

2009-01-04 12:12 . 2008-12-08 09:53 57,344 --a------ c:\windows\system32\ff_vfw.dll

2009-01-04 12:12 . 2007-07-10 14:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest

2009-01-04 12:12 . 2008-10-03 10:30 414 --a------ c:\windows\system32\lame_acm.xml

2009-01-04 12:12 . 2008-07-30 17:09 38 --a------ c:\windows\avisplitter.ini

2009-01-04 11:06 . 2009-01-21 21:58 41 --a------ c:\windows\system32\Filzip.ini

2009-01-04 11:01 . 2009-01-04 11:02 1,303,128 ---hs---- c:\windows\system32\eyupifuv.ini

2009-01-01 20:36 . 2009-01-01 20:36 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\xing shared

2009-01-01 20:35 . 2009-01-01 20:36 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Real

2009-01-01 14:19 . 2009-01-20 01:23 41 --a------ c:\windows\Filzip.ini

2009-01-01 14:18 . 2009-01-01 14:58 <DIR> d-------- c:\arquivos de programas\Filzip

2009-01-01 14:08 . 1999-03-23 09:12 299,520 --a------ c:\windows\uninst.exe

2008-12-31 23:20 . 2008-12-31 23:20 33,832 --a------ c:\windows\system32\xlxtwcrn.exe

2008-12-31 23:20 . 2008-12-31 23:20 33,832 --a------ c:\windows\system32\lwhdjvsp.exe

2008-12-31 23:12 . 2008-12-31 23:12 33,832 --a------ c:\windows\system32\znagoswz.exe

2008-12-31 23:06 . 2008-12-31 23:06 1,303,128 ---hs---- c:\windows\system32\imabatup.ini

2008-12-31 11:59 . 2008-12-31 11:59 24,872 --a------ c:\windows\system32\drivers\ElbyCDIO.sys

2008-12-30 23:19 . 2009-01-20 01:13 <DIR> d-------- C:\LinhaDefensiva

2008-12-30 21:53 . 2008-12-30 21:53 103,360 --a------ c:\windows\system32\drivers\AnyDVD.sys

2008-12-28 17:55 . 2009-01-02 10:13 <DIR> d--h----- C:\$AVG8.VAULT$