[Resolvido!] Provável malware no PC - relato de problemas

DigRam · Maio 12, 2009

Bom Dia! Carlos SP

<@> Copie estas informações,sob o CODE,para o Bloco de Notas.

<@> Salve-as como: Winupdt.vbs,no Disco local ©.

'Undo Windows Update Restriction - xp_winupd_netpolicy.vbs'© Doug Knox - modified 10/18/2003'Downloaded from www.dougknox.comOn Error Resume NextSet WshShell = WScript.CreateObject("WScript.Shell")p1 = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate\DisableWindowsUpdateAccess"p2 = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWindowsUpdate"WshShell.RegWrite p1, 0, "REG_DWORD"WshShell.RegWrite p2, 0, "REG_DWORD"Set WshShell = Nothingx = MsgBox("Finished",4096,"Windows Update Restriction")

<@> Configure-o no BN,para que seja tipificado como: "Todos os arquivos"

<@> Teremos,portanto,o ícone do VBScript.

<@> Execute esse arquivo,em Modo Seguro,e confirme,sua inserção ao registro.

<@> Reinicie o computador,e verifique o restabelecimento do serviço de atualização do Windows.

Abraços!

Carlos SP · Maio 13, 2009

Boa noite, DigRam!

Executei o procedimento, mas não tenho certeza se fiz corretamente. Salvei o arquivo, e ele aparece como VBScript. Mas, a única janela que surge quando abro o arquivo no Modo Seguro diz "Finished". Como confirmar se houve a inserção no registro?

De qualquer forma, as Atualizações Automáticas continuam desativadas e "inacessíveis".

---

Abraço.

DigRam · Maio 14, 2009

Bom Dia! Carlos SP

- Em Ferramentas administrativas>serviços, Atualizações Automáticas não está marcado como iniciado, e a inicialização está desativada. Quando eu tentei aplicar a inicialização automática, na janela Propriedades, o acesso foi negado (mesmo com privilégios administrativos).

<!> Confirme com o L2M,seus atributos administrativos ou certificações Windows.

<!> Posteriormente,tente iniciar o serviço de Atualizações Automáticas.

<><><><><><><><><><>

<@> Baixe: < Look2ME-Destroyer >

<@> Salve-o no desktop!

<@> Feche todos os programas e dê um duplo-clique em Loo2Me-Destroyer.exe.

<@> Marque: < Run this program as a task >

<@> Surgirá uma breve notificação,que o programa irá fechar! --> Ok!

<@> Quando a ferramenta retornar,clique em "Scan for L2M".

<@> Surgirá uma reação,normal,de desaparecimento da área de trabalho.

<@> Quando a varredura terminar,clique em "Remove L2M".

<@> Aparecerá a mensagem: "Done Scanning" --> Clique em Ok!

<@> Ao terminar,surgirá outra mensagem: Done removing infected files!Look2Me-Destroyer wll now shutdown your computer

<@> Clique em Ok! --> O computador irá desligar!

<@> Ligue,novamente,o computador e poste o relatório: C:\Look2Me-Destroyer.txt + HijackThis,atualizado.

<@> Ps: A ferramenta,que remove o L2M,restabelecerá seus atributos administrativos. <--

Restoring Windows certificates.Replaced hosts file with default windows hosts fileRestoring SeDebugPrivilege for Administradores - Succeeded

<@> Temos,como exemplo,o relatório de suas atividades restauradoras.

Abraços!

Carlos SP · Maio 15, 2009

Boa noite, DigRam!

Ainda não consegui retomar o acesso às Atualizações Automáticas...

Relatório Look2Me-Destroyer:

Look2Me-Destroyer V1.0.12

Scanning for infected files.....

Scan started at 14/5/2009 21:35:02

Attempting to delete infected files...

Making registry repairs.

Restoring Windows certificates.

Replaced hosts file with default windows hosts file

Restoring SeDebugPrivilege for Administradores - Succeeded

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Relatório HijackThis atualizado:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:52:47, on 14/5/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\a-squared Free\a2service.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\TUProgSt.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Comodo\Firewall\CPF.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\TEXTware\BOOKcase40\BC40CASE.exe

C:\Hijack\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify...=br&.src=ym

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll

O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Arquivos de programas\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Arquivos de programas\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll

O4 - HKLM\..\Run: [sispower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [isusscheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [isuspm startup] C:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [hp software update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Arquivos de programas\Comodo\Firewall\CPF.exe" /background

O4 - HKCU\..\Run: [msmsgs] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: BOOKcase 4.0.lnk = C:\Arquivos de programas\TEXTware\BOOKcase40\BC40CASE.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1131549136390

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=29223

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O20 - Winlogon Notify: GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Arquivos de programas\a-squared Free\a2service.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--

End of file - 6537 bytes

>>>>>>>>>>>>>>>>

Abraços.

DigRam · Maio 15, 2009

Boa Noite! Carlos SP

<!> Siga estas recomendações,da Microsoft,na habilitação do serviço de Atualizações Automáticas.

<><><><><><><><><><>

Operating System?????

For Win XP - <-- Link!

Click Start, select run, type: regsvr32 wuaueng.dll

if that doesn't do the trick:-

Verify that BITS is correctly configured and started:

1. Click Start, click Run, type services.msc, and then click OK.

2. Double-click Background Intelligent Transfer Service.

3. In the Startup type box, click Manual, and then click Apply.

4. Click the Log On tab, and then verify that the service is enabled in every hardware

profile that is listed. If the service is disabled in one or more hardware profiles, click

the hardware profile, click Enable, and then click Apply.

5. Click the General tab, and then click Start.

If that's all okay, then perhaps:-

1. Click Start.

2. Choose Run.

3. In the Run box, type (pressing okay after the command) : Regsvr32 QMGR.DLL

--

TaurArian [MVP] 2005-2009 - Update Services

http://taurarian.mvps.org

<!> Desculpe-me,pois não tive tempo para efetuar a devida tradução.

Abraços!

Carlos SP · Maio 16, 2009

Bom dia, DigRam!

Segui os passos recomendados, mas continuo com acesso bloqueado (ao tentar aplicar as modificações propostas em "Background intelligent...").

Além disso, o PC está travando ao carregar o desktop; surge uma tela de Windows Installer, sem que eu tenha solicitado isso...

Abraços!

DigRam · Maio 18, 2009

Bom dia, DigRam!

Segui os passos recomendados, mas continuo com acesso bloqueado (ao tentar aplicar as modificações propostas em "Background intelligent...").

Além disso, o PC está travando ao carregar o desktop; surge uma tela de Windows Installer, sem que eu tenha solicitado isso...

Abraços!

<><><><><><><><><><>

Opa! Carlos SP

<!> Pelo que já foi feito,esse problema deveria ter sido solucionado.

<><><><><><><><><><>

<@> Baixe: < > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

<@> Duplo clique em OTListIt2.exe --> Marque a opção "Scan All Users".

<@> Clique em: < > --> Aguarde!

<@> Dois logs serão gerados no Bloco de Notas:

<@> Poste:

<!> OTListIt.txt <--

<!> Extra.txt <-- Estará minimizado!

Abraços!

Carlos SP · Maio 18, 2009

Boa noite, DigRam!

Dividi os posts do OTListIt em duas partes...

PRIMEIRA PARTE

OTListIt logfile created on: 18/5/2009 01:20:07 - Run 1

OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Documents and Settings\Carlos\Desktop

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

479,48 Mb Total Physical Memory | 121,21 Mb Available Physical Memory | 25,28% Memory free

1,10 Gb Paging File | 0,78 Gb Available in Paging File | 71,20% Paging File free

Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 74,52 Gb Total Space | 58,34 Gb Free Space | 78,29% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: HP-AF5E76A48CD1

Current User Name: Carlos

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Output = Standard

File Age = 30 Days

Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2009/03/25 11:36:28 | 00,052,560 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\GbpSv.exe

PRC - [2009/05/04 12:07:43 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

PRC - [2007/06/13 10:21:56 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2009/04/29 13:36:52 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

PRC - [2009/04/29 13:37:07 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

PRC - [2009/03/02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

PRC - [2009/05/04 17:55:14 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Java\jre6\bin\jusched.exe

PRC - [2009/05/05 01:07:32 | 01,115,728 | ---- | M] (COMODO) -- C:\Arquivos de programas\Comodo\Firewall\CPF.exe

PRC - [2009/04/29 13:37:13 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Messenger\msmsgs.exe

PRC - [2009/04/29 13:37:17 | 00,421,888 | ---- | M] (Company) -- C:\Arquivos de programas\TEXTware\BOOKcase40\BC40CASE.exe

PRC - [2009/04/29 13:37:05 | 00,282,624 | ---- | M] () -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

PRC - [2009/02/25 20:18:14 | 00,425,080 | ---- | M] (Emsi Software GmbH) -- C:\Arquivos de programas\a-squared Free\a2service.exe

PRC - [2009/03/02 12:10:30 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

PRC - [2009/05/05 01:07:32 | 00,361,040 | ---- | M] (COMODO) -- C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

PRC - [2009/05/04 17:55:13 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Java\jre6\bin\jqs.exe

PRC - [2009/04/29 13:36:58 | 00,038,912 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

PRC - [2003/06/19 11:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

PRC - [2009/05/08 17:21:11 | 00,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe

PRC - [2004/08/04 06:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe

PRC - [2009/04/29 14:07:32 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

PRC - [2004/08/04 06:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

PRC - [2009/05/18 01:19:15 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carlos\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/02/25 20:18:14 | 00,425,080 | ---- | M] (Emsi Software GmbH) -- C:\Arquivos de programas\a-squared Free\a2service.exe -- (a2free [Auto | Running])

SRV - [2009/05/04 12:07:43 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])

SRV - [2009/03/02 12:10:30 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])

SRV - [2009/05/05 01:07:32 | 00,361,040 | ---- | M] (COMODO) -- C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe -- (CmdAgent [Auto | Running])

SRV - [2009/03/25 11:36:28 | 00,052,560 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\GbpSv.exe -- (GbpSv [unknown | Running])

SRV - [2004/08/04 06:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2009/05/04 17:55:13 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

SRV - [2009/04/29 13:36:58 | 00,038,912 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])

SRV - [2003/06/19 11:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])

SRV - [2003/07/28 08:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

SRV - [2009/05/08 17:21:08 | 00,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])

SRV - [2009/05/08 17:21:11 | 00,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc [Auto | Running])

SRV - [2009/04/27 14:21:36 | 00,028,928 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll -- (UxTuneUp [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2005/07/12 08:37:34 | 02,324,480 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])

DRV - [2009/02/13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys -- (avgio [system | Running])

DRV - [2009/05/04 12:07:43 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])

DRV - [2009/05/04 12:07:43 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\avipbb.sys -- (avipbb [system | Running])

DRV - [2009/05/05 01:07:33 | 00,075,520 | ---- | M] (Comodo Research Lab., Inc.) -- C:\WINDOWS\System32\DRIVERS\cmdmon.sys -- (CmdMon [system | Running])

DRV - [2005/02/01 23:22:00 | 00,088,080 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [boot | Running])

DRV - [2004/12/22 22:56:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])

DRV - [2009/03/25 11:36:18 | 00,026,320 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\system32\drivers\GbpKm.sys -- (GbpKm [boot | Running])

DRV - [2004/09/29 01:35:30 | 00,219,136 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Stopped])

DRV - [2004/09/29 01:33:50 | 01,036,928 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Stopped])

DRV - [2009/05/05 01:07:33 | 00,051,328 | ---- | M] (COMODO) -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect [boot | Running])

DRV - [2004/03/16 22:04:14 | 00,013,059 | R--- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

DRV - [2001/08/17 17:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])

DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2005/04/24 23:03:00 | 00,020,640 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

DRV - [2007/11/13 07:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])

DRV - [2006/01/09 10:59:12 | 00,242,688 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisgrp.sys -- (SiS315 [On_Demand | Running])

DRV - [2006/01/09 11:18:34 | 00,012,160 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\srvkp.sys -- (SiSkp [system | Running])

DRV - [2004/08/03 16:31:36 | 00,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\system32\DRIVERS\sisnic.sys -- (SISNIC [On_Demand | Running])

DRV - [2006/01/31 18:17:34 | 00,930,599 | R--- | M] (Motorola Inc.) -- C:\WINDOWS\system32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])

DRV - [2004/12/02 07:04:20 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [system | Running])

DRV - [2009/02/13 11:50:02 | 00,028,376 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\ssmdrv.sys -- (ssmdrv [system | Running])

DRV - [2004/12/02 07:04:10 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [system | Running])

DRV - [2005/02/25 01:33:00 | 00,025,725 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])

DRV - [2005/02/25 01:33:00 | 00,034,845 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])

DRV - [2005/02/25 01:33:00 | 00,004,125 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])

DRV - [2005/02/25 01:33:00 | 00,002,273 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])

DRV - [2005/02/25 01:33:00 | 00,086,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])

DRV - [2005/02/25 01:33:00 | 00,014,877 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])

DRV - [2005/02/25 01:33:00 | 00,006,365 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])

DRV - [2005/02/25 01:33:00 | 00,098,716 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])

DRV - [2005/02/25 01:33:00 | 00,100,605 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])

DRV - [2004/09/29 01:34:24 | 00,702,592 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes

IE - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify...=br&.src=ym

IE - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\S-1-5-21-3748263854-567553014-1295907222-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\firefox\extensions\\jqs@sun.com: C:\ARQUIVOS DE PROGRAMAS\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/05/04 17:55:14 | 00,000,000 | ---D | M]

O1 HOSTS File: (716 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)

O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll (Banco do Brasil)

O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Arquivos de programas\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Arquivos de programas\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Arquivos de programas\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Arquivos de programas\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found

O3 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\..\Toolbar\ShellBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Arquivos de programas\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()

O3 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found

O3 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\..\Toolbar\ShellBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found

O3 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Arquivos de programas\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()

O3 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Reg Error: Key error. File not found

O4 - HKLM..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min (Avira GmbH)

O4 - HKLM..\Run: [COMODO Firewall Pro] "C:\Arquivos de programas\Comodo\Firewall\CPF.exe" /background (COMODO)

O4 - HKLM..\Run: [hp software update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)

O4 - HKLM..\Run: [isuspm startup] C:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)

O4 - HKLM..\Run: [isusscheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)

O4 - HKLM..\Run: [sispower] Rundll32.exe SiSPower.dll,ModeAgent (Silicon Integrated Systems Corporation)

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

O4 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007..\Run: [msmsgs] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\BOOKcase 4.0.lnk = C:\Arquivos de programas\TEXTware\BOOKcase40\BC40CASE.exe (Company)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 157

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)

O9 - Extra Button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1131549136390 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.com/webapps/download/AutoDL?BundleId=29223 (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://www14.bancobrasil.com.br/plugin/GbpDist.cab (GbpDistObj Class)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Filter: - text/xml - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ GbPluginBb: DllName - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll (Banco do Brasil)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll (Banco do Brasil)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/09/28 08:44:34 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009/04/30 01:39:13 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\WINDOWS\System32\*.tmp files]

[2009/05/18 01:19:14 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Carlos\Desktop\OTListIt2.exe

[2009/05/16 12:13:13 | 08,951,392 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Referências Centro de Radiofarmácia 2009.zip

[2009/05/14 09:52:38 | 50,284,5440 | -HS- | C] () -- C:\hiberfil.sys

[2009/05/13 17:06:53 | 00,999,348 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\GABARITO_FINAL_FURP.zip

[2009/05/13 15:13:05 | 01,291,365 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Resultado_Preliminar_Prova_Objetiva_FURP.zip

[2009/05/13 09:09:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Carlos\Desktop\Contagens ELISPOT - ANRS

[2009/05/13 09:08:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Carlos\Desktop\Arquivos do laboratório - 2007 a 2009

[2009/05/12 10:33:51 | 00,000,593 | ---- | C] () -- C:\Winupdt.vbs

[2009/05/11 18:05:07 | 00,026,320 | ---- | C] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\gbpkm.sys

[2009/05/11 18:04:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

[2009/05/11 18:04:29 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\GbPlugin

[2009/05/09 23:20:57 | 39,233,600 | ---- | C] ( ) -- C:\Arquivos de programas\setup_7.0.0.290_10.05.2009_04-53.exe

[2009/05/08 17:21:11 | 00,604,416 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe

[2009/05/08 17:21:09 | 00,028,928 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll

[2009/05/08 17:21:09 | 00,000,504 | ---- | C] () -- C:\WINDOWS\tasks\1-Click Maintenance.job

[2009/05/08 17:21:07 | 00,361,216 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe

[2009/05/08 17:21:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Carlos\Dados de aplicativos\TuneUp Software

[2009/05/08 17:20:46 | 00,001,673 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk

[2009/05/08 17:20:46 | 00,001,601 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2009.lnk

[2009/05/08 17:20:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\TuneUp Software

[2009/05/08 17:20:25 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\TuneUp Utilities 2009

[2009/05/08 17:20:07 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\{55A29068-F2CE-456C-9148-C869879E2357}

[2009/05/08 16:23:53 | 17,777,408 | ---- | C] (TuneUp Software) -- C:\Arquivos de programas\TU2009TrialEN-US.exe

[2009/05/07 12:49:32 | 00,394,752 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Poster Emilia AIDS vaccine2008.ppt

[2009/05/07 00:58:12 | 00,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll

[2009/05/07 00:58:09 | 00,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll

[2009/05/07 00:58:06 | 00,017,408 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll

[2009/05/07 00:58:02 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe

[2009/05/07 00:57:59 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe

[2009/05/07 00:57:54 | 00,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe

[2009/05/07 00:57:50 | 00,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys

[2009/05/07 00:57:45 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys

[2009/05/07 00:57:43 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll

[2009/05/07 00:57:29 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys

[2009/05/07 00:57:28 | 00,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys

[2009/05/07 00:57:24 | 00,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys

[2009/05/07 00:57:17 | 00,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys

[2009/05/07 00:57:12 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll

[2009/05/07 00:57:09 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll

[2009/05/07 00:57:02 | 00,032,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys

[2009/05/07 00:56:58 | 00,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys

[2009/05/07 00:56:49 | 00,013,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys

[2009/05/07 00:56:45 | 00,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys

[2009/05/07 00:56:41 | 00,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys

[2009/05/07 00:56:38 | 00,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys

[2009/05/07 00:56:34 | 00,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys

[2009/05/07 00:56:30 | 00,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys

[2009/05/07 00:56:26 | 00,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys

[2009/05/07 00:56:23 | 00,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys

[2009/05/07 00:56:22 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax

[2009/05/07 00:56:18 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaagp.sys

[2009/05/07 00:56:18 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys

[2009/05/07 00:56:16 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll

[2009/05/07 00:56:11 | 00,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys

[2009/05/07 00:56:08 | 00,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys

[2009/05/07 00:55:57 | 00,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys

[2009/05/07 00:55:54 | 00,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys

[2009/05/07 00:55:47 | 00,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys

[2009/05/07 00:55:44 | 00,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys

[2009/05/07 00:55:41 | 00,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys

[2009/05/07 00:55:38 | 00,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys

[2009/05/07 00:55:37 | 00,078,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys

[2009/05/07 00:55:36 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys

[2009/05/07 00:55:35 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys

[2009/05/07 00:55:35 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys

[2009/05/07 00:55:33 | 00,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys

[2009/05/07 00:55:32 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys

[2009/05/07 00:55:31 | 00,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys

[2009/05/07 00:55:25 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll

[2009/05/07 00:55:22 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll

[2009/05/07 00:55:19 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll

[2009/05/07 00:55:16 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll

[2009/05/07 00:55:13 | 00,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll

[2009/05/07 00:55:10 | 00,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys

[2009/05/07 00:55:07 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll

[2009/05/07 00:55:03 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll

[2009/05/07 00:55:00 | 00,212,480 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\um54scan.dll

[2009/05/07 00:54:57 | 00,216,576 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\um34scan.dll

[2009/05/07 00:54:45 | 00,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys

[2009/05/07 00:54:42 | 00,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll

[2009/05/07 00:54:39 | 00,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys

[2009/05/07 00:54:35 | 00,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll

[2009/05/07 00:54:32 | 00,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys

[2009/05/07 00:54:29 | 00,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll

[2009/05/07 00:54:14 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys

[2009/05/07 00:54:01 | 00,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys

[2009/05/07 00:53:56 | 00,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys

[2009/05/07 00:53:51 | 00,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll

[2009/05/07 00:53:50 | 00,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys

[2009/05/07 00:53:47 | 00,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys

[2009/05/07 00:53:44 | 00,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys

[2009/05/07 00:53:36 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys

[2009/05/07 00:53:33 | 00,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys

[2009/05/07 00:53:30 | 00,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll

[2009/05/07 00:53:13 | 00,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll

[2009/05/07 00:53:10 | 00,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys

[2009/05/07 00:53:08 | 00,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys

[2009/05/07 00:53:05 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll

[2009/05/07 00:53:02 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll

[2009/05/07 00:52:59 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll

[2009/05/07 00:52:56 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll

[2009/05/07 00:52:55 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys

[2009/05/07 00:52:52 | 00,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll

[2009/05/07 00:52:49 | 00,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll

[2009/05/07 00:52:46 | 00,286,432 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys

[2009/05/07 00:52:43 | 00,017,024 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys

[2009/05/07 00:52:38 | 00,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys

[2009/05/07 00:52:35 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll

[2009/05/07 00:52:30 | 00,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll

[2009/05/07 00:52:26 | 00,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys

[2009/05/07 00:52:23 | 00,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll

[2009/05/07 00:52:20 | 00,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys

[2009/05/07 00:52:04 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys

[2009/05/07 00:52:04 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys

[2009/05/07 00:52:00 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys

[2009/05/07 00:51:52 | 00,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys

[2009/05/07 00:51:49 | 00,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll

[2009/05/07 00:51:46 | 00,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys

[2009/05/07 00:51:43 | 00,036,425 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys

[2009/05/07 00:51:40 | 00,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys

[2009/05/07 00:51:37 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys

[2009/05/07 00:51:37 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys

[2009/05/07 00:51:36 | 00,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys

[2009/05/07 00:51:36 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbali.sys

[2009/05/07 00:51:33 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll

[2009/05/07 00:51:30 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll

[2009/05/07 00:51:27 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll

[2009/05/07 00:51:24 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll

[2009/05/07 00:51:18 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys

[2009/05/07 00:51:16 | 00,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys

[2009/05/07 00:51:13 | 00,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys

[2009/05/07 00:51:10 | 00,094,890 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys

[2009/05/07 00:50:41 | 00,161,632 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys

[2009/05/07 00:50:38 | 00,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys

[2009/05/07 00:50:35 | 00,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys

[2009/05/07 00:50:32 | 00,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll

[2009/05/07 00:50:25 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys

[2009/05/07 00:50:23 | 00,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys

[2009/05/07 00:50:19 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys

[2009/05/07 00:50:16 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys

[2009/05/07 00:50:13 | 00,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys

[2009/05/07 00:50:10 | 00,017,408 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys

[2009/05/07 00:50:07 | 00,016,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys

[2009/05/07 00:50:03 | 00,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys

[2009/05/07 00:50:01 | 00,024,064 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys

[2009/05/07 00:50:00 | 00,043,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys

[2009/05/07 00:49:48 | 00,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys

[2009/05/07 00:49:45 | 00,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll

[2009/05/07 00:49:42 | 00,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys

[2009/05/07 00:49:39 | 00,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll

[2009/05/07 00:49:37 | 00,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll

[2009/05/07 00:49:34 | 00,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll

[2009/05/07 00:49:31 | 00,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys

[2009/05/07 00:49:28 | 00,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll

[2009/05/07 00:49:26 | 00,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys

[2009/05/07 00:49:23 | 00,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys

[2009/05/07 00:49:19 | 00,083,456 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll

[2009/05/07 00:49:16 | 00,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll

[2009/05/07 00:49:13 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll

[2009/05/07 00:49:10 | 00,025,088 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll

[2009/05/07 00:49:07 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys

[2009/05/07 00:49:04 | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys

[2009/05/07 00:48:57 | 00,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll

[2009/05/07 00:48:51 | 00,079,360 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys

[2009/05/07 00:48:50 | 00,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismpx.sys

[2009/05/07 00:48:47 | 00,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys

[2009/05/07 00:48:46 | 00,059,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys

[2009/05/07 00:48:43 | 00,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll

[2009/05/07 00:48:30 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys

[2009/05/07 00:48:26 | 00,715,242 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys

[2009/05/07 00:48:24 | 00,899,658 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys

[2009/05/07 00:48:21 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll

[2009/05/07 00:48:18 | 00,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys

[2009/05/07 00:48:10 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys

[2009/05/07 00:48:04 | 00,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys

[2009/05/07 00:48:01 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys

[2009/05/07 00:47:57 | 00,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys

[2009/05/07 00:47:55 | 00,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys

[2009/05/07 00:47:52 | 00,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys

[2009/05/07 00:47:51 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll

[2009/05/07 00:47:48 | 00,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax

[2009/05/07 00:47:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll

[2009/05/07 00:47:45 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll

[2009/05/07 00:47:44 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll

[2009/05/07 00:47:42 | 00,016,512 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys

[2009/05/07 00:47:39 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys

[2009/05/07 00:47:37 | 00,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys

[2009/05/07 00:47:34 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys

[2009/05/07 00:47:31 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys

[2009/05/07 00:41:36 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll

[2009/05/07 00:41:33 | 00,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys

[2009/05/07 00:41:30 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys

[2009/05/07 00:41:28 | 00,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys

[2009/05/07 00:41:25 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys

[2009/05/07 00:41:22 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll

[2009/05/07 00:41:20 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax

[2009/05/07 00:41:19 | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll

[2009/05/07 00:41:19 | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys

[2009/05/07 00:41:18 | 00,211,712 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll

[2009/05/07 00:41:18 | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys

[2009/05/07 00:41:15 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys

[2009/05/07 00:41:12 | 00,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys

[2009/05/07 00:41:10 | 00,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys

[2009/05/07 00:41:08 | 00,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe

[2009/05/07 00:41:05 | 00,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys

[2009/05/07 00:41:02 | 00,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys

[2009/05/07 00:41:00 | 00,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys

[2009/05/07 00:40:57 | 00,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys

[2009/05/07 00:40:56 | 00,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys

[2009/05/07 00:40:54 | 00,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys

[2009/05/07 00:40:49 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll

[2009/05/07 00:40:46 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll

[2009/05/07 00:40:44 | 00,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys

[2009/05/07 00:40:41 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe

[2009/05/07 00:40:38 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll

[2009/05/07 00:40:36 | 00,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys

[2009/05/07 00:40:33 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll

[2009/05/07 00:40:31 | 00,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys

[2009/05/07 00:40:28 | 00,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys

[2009/05/07 00:40:25 | 00,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys

[2009/05/07 00:40:23 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys

[2009/05/07 00:40:20 | 00,054,698 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys

[2009/05/07 00:40:17 | 00,044,009 | ---- | C] () -- C:\WINDOWS\System32\dllcache\otceth5.sys

[2009/05/07 00:40:15 | 00,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys

[2009/05/07 00:40:12 | 00,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys

[2009/05/07 00:40:09 | 00,061,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys

[2009/05/07 00:39:53 | 00,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys

[2009/05/07 00:39:49 | 00,009,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys

[2009/05/07 00:39:47 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys

[2009/05/07 00:39:42 | 00,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys

[2009/05/07 00:39:39 | 00,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys

Carlos SP · Maio 18, 2009

OTListIt, SEGUNDA PARTE:

[2009/05/07 00:39:36 | 00,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys

[2009/05/07 00:39:34 | 00,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys

[2009/05/07 00:39:29 | 00,065,918 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys

[2009/05/07 00:39:26 | 00,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys

[2009/05/07 00:39:23 | 00,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll

[2009/05/07 00:39:21 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys

[2009/05/07 00:39:20 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys

[2009/05/07 00:39:18 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys

[2009/05/07 00:39:16 | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll

[2009/05/07 00:39:13 | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys

[2009/05/07 00:39:11 | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys

[2009/05/07 00:39:08 | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll

[2009/05/07 00:39:06 | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys

[2009/05/07 00:39:03 | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll

[2009/05/07 00:39:01 | 00,129,024 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys

[2009/05/07 00:38:58 | 00,052,767 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys

[2009/05/07 00:38:56 | 00,076,544 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys

[2009/05/07 00:38:53 | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll

[2009/05/07 00:38:51 | 00,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys

[2009/05/07 00:38:48 | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll

[2009/05/07 00:38:46 | 00,022,016 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys

[2009/05/07 00:38:45 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mutohpen.sys

[2009/05/07 00:38:42 | 00,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys

[2009/05/07 00:38:34 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys

[2009/05/07 00:38:33 | 00,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys

[2009/05/07 00:38:27 | 00,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys

[2009/05/07 00:38:20 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys

[2009/05/07 00:38:19 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys

[2009/05/07 00:38:11 | 00,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys

[2009/05/07 00:38:08 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys

[2009/05/07 00:38:07 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax

[2009/05/07 00:38:07 | 00,051,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys

[2009/05/07 00:38:01 | 00,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys

[2009/05/07 00:37:57 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys

[2009/05/07 00:37:50 | 00,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys

[2009/05/07 00:37:37 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll

[2009/05/07 00:37:34 | 00,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys

[2009/05/07 00:37:32 | 00,165,290 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys

[2009/05/07 00:37:28 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys

[2009/05/07 00:37:21 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll

[2009/05/07 00:37:19 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll

[2009/05/07 00:37:13 | 00,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys

[2009/05/07 00:37:11 | 00,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys

[2009/05/07 00:37:10 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys

[2009/05/07 00:37:09 | 00,422,016 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys

[2009/05/07 00:37:07 | 00,577,226 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys

[2009/05/07 00:37:06 | 00,607,196 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys

[2009/05/07 00:37:04 | 00,728,298 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys

[2009/05/07 00:37:01 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys

[2009/05/07 00:36:57 | 00,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys

[2009/05/07 00:36:54 | 00,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys

[2009/05/07 00:36:51 | 00,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys

[2009/05/07 00:36:49 | 00,016,128 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys

[2009/05/07 00:36:45 | 00,026,634 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys

[2009/05/07 00:36:42 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax

[2009/05/07 00:36:42 | 00,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys

[2009/05/07 00:36:41 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax

[2009/05/07 00:36:41 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax

[2009/05/07 00:36:38 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll

[2009/05/07 00:36:34 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll

[2009/05/07 00:36:31 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll

[2009/05/07 00:36:23 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll

[2009/05/07 00:36:21 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll

[2009/05/07 00:36:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll

[2009/05/07 00:36:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll

[2009/05/07 00:36:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll

[2009/05/07 00:36:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll

[2009/05/07 00:35:59 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys

[2009/05/07 00:35:58 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll

[2009/05/07 00:35:56 | 00,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys

[2009/05/07 00:35:55 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe

[2009/05/07 00:35:54 | 00,087,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys

[2009/05/07 00:35:53 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax

[2009/05/07 00:35:48 | 00,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys

[2009/05/07 00:35:46 | 00,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll

[2009/05/07 00:35:44 | 00,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys

[2009/05/07 00:35:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys

[2009/05/07 00:35:40 | 00,013,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys

[2009/05/07 00:35:38 | 00,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys

[2009/05/07 00:35:23 | 00,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll

[2009/05/07 00:35:20 | 00,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys

[2009/05/07 00:35:18 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll

[2009/05/07 00:35:16 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll

[2009/05/07 00:35:14 | 00,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys

[2009/05/07 00:35:11 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll

[2009/05/07 00:35:09 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll

[2009/05/07 00:35:07 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll

[2009/05/07 00:35:05 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys

[2009/05/07 00:35:03 | 00,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys

[2009/05/07 00:34:47 | 00,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys

[2009/05/07 00:34:44 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys

[2009/05/07 00:34:33 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll

[2009/05/07 00:33:57 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll

[2009/05/07 00:33:55 | 00,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys

[2009/05/07 00:33:53 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll

[2009/05/07 00:33:50 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll

[2009/05/07 00:33:48 | 00,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys

[2009/05/07 00:33:46 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll

[2009/05/07 00:33:44 | 00,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll

[2009/05/07 00:33:42 | 00,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll

[2009/05/07 00:33:40 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll

[2009/05/07 00:33:38 | 00,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll

[2009/05/07 00:33:36 | 00,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll

[2009/05/07 00:33:34 | 00,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll

[2009/05/07 00:33:32 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll

[2009/05/07 00:33:30 | 00,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll

[2009/05/07 00:33:28 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll

[2009/05/07 00:33:26 | 00,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll

[2009/05/07 00:33:24 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll

[2009/05/07 00:33:21 | 00,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys

[2009/05/07 00:33:20 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll

[2009/05/07 00:33:19 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys

[2009/05/07 00:33:18 | 00,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys

[2009/05/07 00:33:17 | 00,025,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbth.sys

[2009/05/07 00:33:15 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys

[2009/05/07 00:33:09 | 00,028,544 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys

[2009/05/07 00:33:07 | 00,082,432 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys

[2009/05/07 00:33:05 | 00,017,664 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys

[2009/05/07 00:33:04 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys

[2009/05/07 00:33:03 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys

[2009/05/07 00:33:02 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gagp30kx.sys

[2009/05/07 00:32:53 | 00,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys

[2009/05/07 00:32:45 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll

[2009/05/07 00:32:43 | 00,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys

[2009/05/07 00:32:42 | 00,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys

[2009/05/07 00:32:38 | 00,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys

[2009/05/07 00:32:35 | 00,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys

[2009/05/07 00:32:33 | 00,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys

[2009/05/07 00:32:30 | 00,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys

[2009/05/07 00:32:28 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll

[2009/05/07 00:32:17 | 00,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys

[2009/05/07 00:32:13 | 00,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys

[2009/05/07 00:32:11 | 00,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys

[2009/05/07 00:32:09 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys

[2009/05/07 00:32:03 | 00,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll

[2009/05/07 00:32:02 | 00,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll

[2009/05/07 00:32:00 | 00,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll

[2009/05/07 00:31:58 | 00,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll

[2009/05/07 00:31:47 | 00,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys

[2009/05/07 00:31:35 | 00,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys

[2009/05/07 00:31:32 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys

[2009/05/07 00:31:31 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys

[2009/05/07 00:31:24 | 00,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys

[2009/05/07 00:30:55 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax

[2009/05/07 00:30:54 | 00,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys

[2009/05/07 00:30:52 | 00,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys

[2009/05/07 00:30:49 | 00,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys

[2009/05/07 00:30:48 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys

[2009/05/07 00:30:47 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys

[2009/05/07 00:30:46 | 00,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys

[2009/05/07 00:30:46 | 00,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys

[2009/05/07 00:30:42 | 00,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys

[2009/05/07 00:30:41 | 00,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys

[2009/05/07 00:30:40 | 00,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys

[2009/05/07 00:30:39 | 00,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys

[2009/05/07 00:30:38 | 00,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll

[2009/05/07 00:30:37 | 00,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll

[2009/05/07 00:30:36 | 00,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll

[2009/05/07 00:30:35 | 00,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe

[2009/05/07 00:30:34 | 00,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll

[2009/05/07 00:30:33 | 00,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll

[2009/05/07 00:30:32 | 00,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll

[2009/05/07 00:30:30 | 00,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys

[2009/05/07 00:30:11 | 00,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys

[2009/05/07 00:30:10 | 00,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys

[2009/05/07 00:30:07 | 00,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys

[2009/05/07 00:30:06 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys

[2009/05/07 00:30:04 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll

[2009/05/07 00:30:03 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll

[2009/05/07 00:30:01 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll

[2009/05/07 00:30:00 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll

[2009/05/07 00:29:58 | 00,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys

[2009/05/07 00:29:52 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll

[2009/05/07 00:29:51 | 00,050,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys

[2009/05/07 00:29:50 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll

[2009/05/07 00:29:49 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll

[2009/05/07 00:29:48 | 00,050,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys

[2009/05/07 00:29:48 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll

[2009/05/07 00:29:47 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys

[2009/05/07 00:29:46 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys

[2009/05/07 00:29:45 | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys

[2009/05/07 00:29:45 | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys

[2009/05/07 00:29:44 | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys

[2009/05/07 00:29:43 | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys

[2009/05/07 00:29:42 | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys

[2009/05/07 00:29:41 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys

[2009/05/07 00:29:40 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys

[2009/05/07 00:29:38 | 00,251,904 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll

[2009/05/07 00:29:34 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll

[2009/05/07 00:29:32 | 00,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll

[2009/05/07 00:29:31 | 00,061,386 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys

[2009/05/07 00:29:30 | 00,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys

[2009/05/07 00:29:29 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys

[2009/05/07 00:29:26 | 00,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys

[2009/05/07 00:29:22 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll

[2009/05/07 00:29:19 | 00,020,864 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys

[2009/05/07 00:29:18 | 00,014,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys

[2009/05/07 00:29:17 | 00,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys

[2009/05/07 00:29:16 | 00,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll

[2009/05/07 00:29:16 | 00,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll

[2009/05/07 00:29:15 | 00,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys

[2009/05/07 00:29:14 | 00,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll

[2009/05/07 00:29:13 | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys

[2009/05/07 00:29:12 | 00,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys

[2009/05/07 00:29:07 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys

[2009/05/07 00:29:05 | 00,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys

[2009/05/07 00:29:04 | 00,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys

[2009/05/07 00:29:04 | 00,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys

[2009/05/07 00:29:03 | 00,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys

[2009/05/07 00:29:03 | 00,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys

[2009/05/07 00:29:01 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys

[2009/05/07 00:29:01 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys

[2009/05/07 00:29:00 | 00,715,210 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys

[2009/05/07 00:29:00 | 00,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys

[2009/05/07 00:28:59 | 00,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys

[2009/05/07 00:28:58 | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys

[2009/05/07 00:28:57 | 00,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll

[2009/05/07 00:28:56 | 00,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys

[2009/05/07 00:28:55 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll

[2009/05/07 00:28:54 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll

[2009/05/07 00:28:54 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax

[2009/05/07 00:28:53 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax

[2009/05/07 00:28:53 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll

[2009/05/07 00:28:52 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax

[2009/05/07 00:28:51 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys

[2009/05/07 00:28:51 | 00,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys

[2009/05/07 00:28:50 | 00,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys

[2009/05/07 00:28:35 | 00,014,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys

[2009/05/07 00:28:34 | 00,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys

[2009/05/07 00:28:34 | 00,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthprint.sys

[2009/05/07 00:28:34 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys

[2009/05/07 00:28:33 | 00,038,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys

[2009/05/07 00:28:33 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys

[2009/05/07 00:28:32 | 00,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys

[2009/05/07 00:28:32 | 00,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys

[2009/05/07 00:28:31 | 00,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys

[2009/05/07 00:28:31 | 00,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys

[2009/05/07 00:28:30 | 00,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll

[2009/05/07 00:28:30 | 00,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll

[2009/05/07 00:28:29 | 00,039,680 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys

[2009/05/07 00:28:28 | 00,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys

[2009/05/07 00:28:27 | 00,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll

[2009/05/07 00:28:26 | 00,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe

[2009/05/07 00:28:26 | 00,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll

[2009/05/07 00:28:25 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll

[2009/05/07 00:28:25 | 00,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll

[2009/05/07 00:28:24 | 00,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys

[2009/05/07 00:28:24 | 00,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys

[2009/05/07 00:28:23 | 00,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll

[2009/05/07 00:28:23 | 00,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys

[2009/05/07 00:28:22 | 00,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll

[2009/05/07 00:28:22 | 00,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll

[2009/05/07 00:28:20 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll

[2009/05/07 00:28:18 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax

[2009/05/07 00:28:18 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys

[2009/05/07 00:28:17 | 00,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys

[2009/05/07 00:28:15 | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys

[2009/05/07 00:28:15 | 00,014,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys

[2009/05/07 00:28:14 | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll

[2009/05/07 00:28:13 | 00,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys

[2009/05/07 00:28:13 | 00,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys

[2009/05/07 00:28:13 | 00,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys

[2009/05/07 00:28:12 | 00,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll

[2009/05/07 00:28:12 | 00,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll

[2009/05/07 00:28:11 | 00,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys

[2009/05/07 00:28:10 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys

[2009/05/07 00:28:10 | 00,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys

[2009/05/07 00:28:04 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys

[2009/05/07 00:28:03 | 00,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys

[2009/05/07 00:28:02 | 00,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys

[2009/05/07 00:28:00 | 00,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys

[2009/05/07 00:27:59 | 00,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys

[2009/05/07 00:27:59 | 00,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys

[2009/05/07 00:27:59 | 00,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys

[2009/05/07 00:27:58 | 00,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys

[2009/05/07 00:27:57 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys

[2009/05/07 00:27:50 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe

[2009/05/07 00:27:48 | 00,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys

[2009/05/07 00:27:39 | 00,077,824 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys

[2009/05/07 00:27:38 | 00,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys

[2009/05/07 00:27:38 | 00,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll

[2009/05/07 00:27:37 | 00,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys

[2009/05/07 00:27:35 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys

[2009/05/07 00:27:33 | 00,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys

[2009/05/07 00:27:32 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alim1541.sys

[2009/05/07 00:27:32 | 00,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys

[2009/05/07 00:27:30 | 00,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys

[2009/05/07 00:27:30 | 00,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys

[2009/05/07 00:27:30 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys

[2009/05/07 00:27:27 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll

[2009/05/07 00:27:26 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agpcpq.sys

[2009/05/07 00:27:25 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agp440.sys

[2009/05/07 00:27:24 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax

[2009/05/07 00:27:18 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys

[2009/05/07 00:27:17 | 00,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys

[2009/05/07 00:27:17 | 00,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys

[2009/05/07 00:27:17 | 00,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys

[2009/05/07 00:27:16 | 00,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys

[2009/05/07 00:27:16 | 00,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys

[2009/05/07 00:27:16 | 00,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys

[2009/05/07 00:27:15 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys

[2009/05/07 00:27:14 | 00,061,952 | ---- | C] (Scanner de mesa colorido) -- C:\WINDOWS\System32\dllcache\acerscad.dll

[2009/05/07 00:27:11 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys

[2009/05/07 00:27:10 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys

[2009/05/07 00:27:09 | 00,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll

[2009/05/07 00:27:09 | 00,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll

[2009/05/07 00:27:09 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll

[2009/05/07 00:27:08 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys

[2009/05/07 00:27:08 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys

[2009/05/07 00:27:07 | 00,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys

[2009/05/07 00:27:07 | 00,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll

[2009/05/07 00:27:07 | 00,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys

[2009/05/07 00:27:06 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys

[2009/05/07 00:27:06 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys

[2009/05/07 00:26:45 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll

[2009/05/06 18:43:17 | 00,030,720 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\QUESTIONÁRIO FARMACEUTICOS (respondido).doc

[2009/05/06 10:40:01 | 00,031,744 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\CV - Carlos Farias Felgueiras.doc

[2009/05/06 00:33:49 | 00,052,340 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Regulamento sobre prova física - prova PF.pdf

[2009/05/05 01:10:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Carlos\Dados de aplicativos\Comodo

[2009/05/05 01:10:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Comodo

[2009/05/05 01:08:27 | 00,001,644 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO Firewall Pro.lnk

[2009/05/05 01:08:26 | 00,000,281 | ---- | C] () -- C:\boot.ini.comodofirewall

[2009/05/05 01:07:34 | 00,075,520 | ---- | C] (Comodo Research Lab., Inc.) -- C:\WINDOWS\System32\drivers\cmdmon.sys

[2009/05/05 01:07:34 | 00,051,328 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys

[2009/05/05 01:07:33 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Comodo

[2009/05/05 00:32:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2

[2009/05/04 18:57:50 | 00,332,981 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Plano 5BX.pdf

[2009/05/04 18:39:04 | 00,222,208 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Edital bolsas PG 1 sem[1]. 2009 CNPq CAPES IPEN rev 2.doc

[2009/05/04 17:55:10 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Java

[2009/05/04 16:50:27 | 00,058,880 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Sétimo passo - remoção de vírus do computador.doc

[2009/05/04 12:43:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\NortonInstaller

[2009/05/04 12:20:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2009/05/04 11:55:00 | 00,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk

[2009/05/04 11:54:45 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2009/05/04 11:54:45 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2009/05/04 11:54:45 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2009/05/04 11:54:45 | 00,028,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2009/05/04 11:54:45 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2009/05/04 11:54:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Avira

[2009/05/04 11:54:44 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Avira

[2009/05/04 11:50:52 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2009/05/04 11:42:40 | 00,040,960 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Sexto passo - remoção de vírus do computador.doc

[2009/05/04 11:32:52 | 30,001,096 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\avira_antivir_personal_en-Baixaki.exe

[2009/05/04 10:31:38 | 00,027,648 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Sexto passo - remoção de vírus do computador.doc

[2009/05/03 23:54:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp

[2009/05/03 23:34:46 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Quinto passo - remoção de vírus do computador.doc

[2009/05/03 01:27:17 | 00,001,848 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk

[2009/05/03 01:27:17 | 00,001,777 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\BOOKcase 4.0.lnk

[2009/05/03 01:15:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Symantec

[2009/05/03 00:20:58 | 00,000,211 | ---- | C] () -- C:\Boot.bak

[2009/05/03 00:20:56 | 00,261,920 | ---- | C] () -- C:\cmldr

[2009/05/03 00:20:54 | 00,000,000 | RHSD | C] -- C:\cmdcons

[2009/05/03 00:11:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2009/05/02 23:37:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Carlos\Dados de aplicativos\Malwarebytes

[2009/05/02 23:37:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes

[2009/05/02 20:04:30 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Quarto passo - remoção de vírus do computador.doc

[2009/05/01 22:22:01 | 00,021,504 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Terceiro passo - remoção de vírus do PC.doc

[2009/05/01 22:16:44 | 00,000,000 | ---D | C] -- C:\Virut

[2009/05/01 16:12:00 | 00,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk

[2009/05/01 16:11:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Carlos\Meus documentos\a-squared Free

[2009/05/01 16:11:49 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\a-squared Free

[2009/05/01 14:06:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData

[2009/04/30 21:53:33 | 49,148,496 | ---- | C] (Emsi Software GmbH ) -- C:\Arquivos de programas\a2FreeSetup.exe

[2009/04/30 01:39:13 | 00,000,000 | RHSD | C] -- C:\autorun.inf

[2009/04/30 00:40:28 | 00,071,168 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Ferramentas para limpeza do pendrive.doc

[2009/04/30 00:32:12 | 00,043,008 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Segundo passo - remoção de vírus.doc

[2009/04/29 18:54:10 | 00,071,712 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/04/29 18:54:10 | 00,001,916 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009/04/29 15:41:04 | 00,061,799 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\DrWeb.csv

[2009/04/29 13:26:21 | 00,268,999 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Cópia do RG - Francisca Fernanda Farias Felgueiras.pdf

[2009/04/28 21:15:13 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Primeiro passo - remoção de vírus.doc

[2009/04/27 22:56:05 | 00,000,000 | ---D | C] -- C:\Hijack

[2009/04/27 22:34:51 | 00,999,348 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\GABARITOS_FURP.zip

[2009/04/27 22:31:54 | 02,254,782 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\CADERNOS_FURP.zip

[2009/04/27 20:22:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss

[2009/04/27 19:36:12 | 61,247,130 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\regbackup.reg

[2009/04/26 18:53:32 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Temporário 2009.doc

[2009/04/26 14:55:43 | 00,012,699 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Cronograma3_FURP.zip

[2009/04/24 18:14:22 | 00,043,520 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Procedimentos para remoção de vírus segundo SYMANTEC.doc

[2009/04/22 18:58:16 | 00,027,136 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Verapamil.doc

[2009/04/22 18:57:57 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Sinvastatina.doc

[2009/04/22 18:57:38 | 00,022,528 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Nifedipino.doc

[2009/04/22 18:57:15 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Isossorbida.doc

[2009/04/22 18:56:57 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Furosemida.doc

[2009/04/22 18:56:47 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Enalapril.doc

[2009/04/22 18:56:37 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Digoxina.doc

[2009/04/22 18:56:19 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Captopril.doc

[2009/04/22 18:56:02 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Carlos\Meus documentos\Amiodarona.doc

[2009/04/22 18:44:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Carlos\Desktop\Lista fármacos especiais

[2009/04/21 18:16:35 | 00,000,863 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\HT Player.lnk

[2009/04/21 18:16:34 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\HT NETWORKS

[2009/04/21 12:00:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3361

[2009/04/21 11:59:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\dhcp

[2009/04/18 18:13:05 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Carlos\Desktop\Internet.lnk

[2009/01/21 00:43:17 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini

[2008/12/14 19:38:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI

[2008/10/02 10:45:03 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2008/08/18 17:52:28 | 00,395,776 | ---- | C] () -- C:\WINDOWS\System32\MPGPlay.dll

[2008/08/18 17:52:27 | 00,209,408 | ---- | C] () -- C:\WINDOWS\System32\Twasbb01.dll

[2008/08/18 17:52:27 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\Twavbx32.dll

[2008/08/18 17:52:25 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\Bc40hot.dll

[2008/08/18 17:51:50 | 00,000,309 | ---- | C] () -- C:\WINDOWS\TEXTWARE.INI

[2008/08/04 17:37:12 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2008/02/11 19:33:36 | 00,000,201 | ---- | C] () -- C:\WINDOWS\civ.ini

[2008/01/28 00:08:07 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll

[2008/01/28 00:08:06 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll

[2008/01/28 00:08:06 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll

[2008/01/27 23:12:19 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2007/05/29 19:06:55 | 00,000,766 | ---- | C] () -- C:\WINDOWS\CoD.INI

[2006/11/14 18:26:42 | 00,000,544 | ---- | C] () -- C:\WINDOWS\SIERRA.INI

[2006/11/13 18:38:31 | 00,000,162 | ---- | C] () -- C:\WINDOWS\msffile.ini

[2006/11/13 18:35:51 | 00,000,734 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI

[2006/11/12 23:03:50 | 00,001,116 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006/11/12 23:03:50 | 00,000,103 | ---- | C] () -- C:\WINDOWS\odbcisam.ini

[2006/11/12 23:03:48 | 00,000,052 | ---- | C] () -- C:\WINDOWS\WINWORD6.INI

[2006/11/12 23:03:48 | 00,000,010 | ---- | C] () -- C:\WINDOWS\ARTGALRY.INI

[2006/11/12 23:03:46 | 00,000,134 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI

[2006/11/12 23:03:44 | 00,000,152 | ---- | C] () -- C:\WINDOWS\EXCEL5.INI

[2006/11/12 22:38:01 | 00,000,280 | ---- | C] () -- C:\WINDOWS\TTEMBED.INI

[2006/11/12 22:34:50 | 00,000,535 | ---- | C] () -- C:\WINDOWS\MSTXTCNV.INI

[2006/11/12 22:33:48 | 00,002,041 | ---- | C] () -- C:\WINDOWS\MSFNTMAP.INI

[2006/04/08 12:26:44 | 00,000,187 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2006/01/31 18:14:04 | 00,061,440 | R--- | C] () -- C:\WINDOWS\sm56ger.dll

[2006/01/31 18:14:04 | 00,061,440 | R--- | C] () -- C:\WINDOWS\sm56fra.dll

[2006/01/31 18:14:04 | 00,053,248 | R--- | C] () -- C:\WINDOWS\sm56jpn.dll

[2006/01/31 18:14:04 | 00,049,152 | R--- | C] () -- C:\WINDOWS\sm56cht.dll

[2006/01/31 18:14:04 | 00,049,152 | R--- | C] () -- C:\WINDOWS\sm56chs.dll

[2006/01/31 18:14:02 | 00,069,632 | R--- | C] () -- C:\WINDOWS\sm56spn.dll

[2006/01/31 18:14:02 | 00,069,632 | R--- | C] () -- C:\WINDOWS\sm56itl.dll

[2006/01/31 18:14:02 | 00,069,632 | R--- | C] () -- C:\WINDOWS\sm56eng.dll

[2006/01/31 18:14:02 | 00,069,632 | R--- | C] () -- C:\WINDOWS\sm56brz.dll

[2005/11/09 13:23:32 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/11/09 07:33:18 | 00,074,299 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini

[2005/10/18 11:54:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2005/09/28 08:44:34 | 00,001,179 | ---- | C] () -- C:\WINDOWS\win.ini

[2005/09/28 05:32:24 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[2005/07/12 08:35:08 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2005/06/30 13:28:24 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2005/04/27 15:38:00 | 00,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll

[2005/04/27 15:37:49 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll

[2004/08/12 10:53:34 | 00,106,346 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini

[2004/08/04 06:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll

[2003/04/06 23:30:02 | 00,005,383 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Files - Modified Within 30 Days ==========

[2 C:\WINDOWS\System32\*.tmp files]

[2009/05/18 01:19:15 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carlos\Desktop\OTListIt2.exe

[2009/05/18 01:00:02 | 00,000,504 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job

[2009/05/17 23:52:07 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Acompanhamento de pesos e medidas - 2007-2008.xls

[2009/05/17 23:37:19 | 00,102,400 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Planilha - finanças 2006-2008.xls

[2009/05/17 23:18:29 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009/05/17 23:17:51 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Carlos\Configurações locais\desktop.ini

[2009/05/17 23:17:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009/05/17 23:17:41 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009/05/17 23:17:40 | 50,284,5440 | -HS- | M] () -- C:\hiberfil.sys

[2009/05/16 12:13:13 | 08,951,392 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Referências Centro de Radiofarmácia 2009.zip

[2009/05/14 21:38:36 | 00,000,716 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2009/05/13 17:06:53 | 00,999,348 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\GABARITO_FINAL_FURP.zip

[2009/05/13 15:13:05 | 01,291,365 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Resultado_Preliminar_Prova_Objetiva_FURP.zip

[2009/05/13 00:33:16 | 00,261,632 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Think thin, be thin.doc

[2009/05/12 18:49:12 | 00,002,559 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Microsoft Office Word 2003.lnk

[2009/05/12 10:33:51 | 00,000,593 | ---- | M] () -- C:\Winupdt.vbs

[2009/05/09 11:25:20 | 00,118,784 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Programação de atividades aeróbicas 2008.doc

[2009/05/08 17:21:11 | 00,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe

[2009/05/08 17:21:08 | 00,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe

[2009/05/08 17:20:46 | 00,001,673 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk

[2009/05/08 17:20:46 | 00,001,601 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2009.lnk

[2009/05/08 16:24:48 | 00,058,880 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Sétimo passo - remoção de vírus do computador.doc

[2009/05/08 00:30:06 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\QUESTIONÁRIO FARMACEUTICOS (respondido).doc

[2009/05/07 12:52:00 | 00,040,960 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Sexto passo - remoção de vírus do computador.doc

[2009/05/07 12:49:32 | 00,394,752 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Poster Emilia AIDS vaccine2008.ppt

[2009/05/06 01:15:31 | 00,031,744 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\CV para drogarias - Carlos Farias Felgueiras (maio2009).doc

[2009/05/06 01:15:31 | 00,031,744 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\CV - Carlos Farias Felgueiras.doc

[2009/05/06 00:33:49 | 00,052,340 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Regulamento sobre prova física - prova PF.pdf

[2009/05/05 01:08:27 | 00,001,644 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Firewall Pro.lnk

[2009/05/05 01:08:26 | 00,000,281 | RHS- | M] () -- C:\boot.ini

[2009/05/05 01:07:33 | 00,075,520 | ---- | M] (Comodo Research Lab., Inc.) -- C:\WINDOWS\System32\drivers\cmdmon.sys

[2009/05/05 01:07:33 | 00,051,328 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys

[2009/05/04 18:57:57 | 00,332,981 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Plano 5BX.pdf

[2009/05/04 18:39:17 | 00,222,208 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Edital bolsas PG 1 sem[1]. 2009 CNPq CAPES IPEN rev 2.doc

[2009/05/04 12:07:43 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2009/05/04 12:07:43 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2009/05/04 11:55:00 | 00,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk

[2009/05/04 11:32:52 | 30,001,096 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\avira_antivir_personal_en-Baixaki.exe

[2009/05/04 10:31:59 | 00,027,648 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Sexto passo - remoção de vírus do computador.doc

[2009/05/03 23:52:27 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2009/05/03 23:37:55 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Quinto passo - remoção de vírus do computador.doc

[2009/05/03 01:27:19 | 00,001,179 | ---- | M] () -- C:\WINDOWS\win.ini

[2009/05/03 01:27:19 | 00,000,281 | ---- | M] () -- C:\boot.ini.comodofirewall

[2009/05/03 00:53:32 | 61,247,130 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\regbackup.reg

[2009/05/02 23:31:03 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Quarto passo - remoção de vírus do computador.doc

[2009/05/01 22:23:34 | 00,021,504 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Terceiro passo - remoção de vírus do PC.doc

[2009/05/01 22:15:59 | 00,001,475 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Windows Explorer.lnk

[2009/05/01 19:15:42 | 00,002,521 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Microsoft Office Excel 2003.lnk

[2009/05/01 17:08:45 | 00,043,008 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Segundo passo - remoção de vírus.doc

[2009/05/01 16:12:00 | 00,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk

[2009/04/30 00:40:28 | 00,071,168 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Ferramentas para limpeza do pendrive.doc

[2009/04/29 19:11:47 | 00,061,799 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\DrWeb.csv

[2009/04/29 18:55:26 | 00,071,712 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/04/29 18:55:26 | 00,001,916 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009/04/29 18:50:00 | 00,063,727 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Blackwell Synergy - Scand J Immunol, Volume 66 Issue 2-3 Page 106-112, August-September 2007 (Full Text).htm

[2009/04/29 18:50:00 | 00,038,038 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\How to Start Jogging.htm

[2009/04/29 18:49:15 | 00,029,904 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Diet Calculator, Body Fat Calculator.htm

[2009/04/29 15:33:32 | 00,050,688 | ---- | M] () -- C:\WINDOWS\System32\XC3SUNIN.EXE

[2009/04/29 15:33:16 | 00,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WISPTIS.EXE

[2009/04/29 15:33:16 | 00,171,520 | ---- | M] () -- C:\WINDOWS\System32\wjview.exe

[2009/04/29 15:32:59 | 00,114,688 | ---- | M] () -- C:\WINDOWS\System32\uha.exe

[2009/04/29 15:32:58 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe

[2009/04/29 15:32:52 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe

[2009/04/29 15:31:10 | 00,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe

[2009/04/29 15:30:56 | 00,172,032 | ---- | M] () -- C:\WINDOWS\System32\jview.exe

[2009/04/29 15:30:54 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\JETCOMP.exe

[2009/04/29 15:30:54 | 00,014,848 | ---- | M] () -- C:\WINDOWS\System32\jdbgmgr.exe

[2009/04/29 15:30:02 | 00,049,152 | ---- | M] () -- C:\WINDOWS\System32\clspack.exe

[2009/04/29 15:30:01 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe

[2009/04/29 15:29:49 | 00,078,848 | ---- | M] () -- C:\WINDOWS\System32\Apiload.exe

[2009/04/29 15:11:33 | 00,302,592 | ---- | M] () -- C:\WINDOWS\unin0416.exe

[2009/04/29 15:11:31 | 00,544,768 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe

[2009/04/29 15:11:30 | 00,046,080 | ---- | M] () -- C:\WINDOWS\setdebug.exe

[2009/04/29 15:11:20 | 00,040,960 | ---- | M] () -- C:\WINDOWS\InstFunc.exe

[2009/04/29 13:26:24 | 00,268,999 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Cópia do RG - Francisca Fernanda Farias Felgueiras.pdf

[2009/04/28 21:15:14 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Primeiro passo - remoção de vírus.doc

[2009/04/28 00:13:50 | 00,000,211 | ---- | M] () -- C:\Boot.bak

[2009/04/27 23:53:35 | 00,450,560 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Diversos.doc

[2009/04/27 22:34:51 | 00,999,348 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\GABARITOS_FURP.zip

[2009/04/27 22:31:55 | 02,254,782 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\CADERNOS_FURP.zip

[2009/04/27 14:21:36 | 00,028,928 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll

[2009/04/26 18:53:32 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Temporário 2009.doc

[2009/04/26 14:55:44 | 00,012,699 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Cronograma3_FURP.zip

[2009/04/24 18:14:22 | 00,043,520 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Procedimentos para remoção de vírus segundo SYMANTEC.doc

[2009/04/23 16:30:07 | 00,000,753 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts.bak

[2009/04/22 19:13:41 | 00,027,136 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Verapamil.doc

[2009/04/22 19:12:26 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Sinvastatina.doc

[2009/04/22 19:11:15 | 00,022,528 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Nifedipino.doc

[2009/04/22 19:10:24 | 00,022,016 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Isossorbida.doc

[2009/04/22 19:09:06 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Furosemida.doc

[2009/04/22 19:08:16 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Enalapril.doc

[2009/04/22 19:05:45 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Digoxina.doc

[2009/04/22 19:03:00 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Captopril.doc

[2009/04/22 19:00:54 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Carlos\Meus documentos\Amiodarona.doc

[2009/04/22 09:53:23 | 00,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys

[2009/04/22 09:53:23 | 00,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys

[2009/04/21 18:16:35 | 00,000,863 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\HT Player.lnk

[2009/04/18 18:13:05 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\Carlos\Desktop\Internet.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 308 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst

< End of report >

Carlos SP · Maio 18, 2009

EXTRAS OTListIt:

OTListIt Extras logfile created on: 18/5/2009 01:20:07 - Run 1

OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Documents and Settings\Carlos\Desktop

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

479,48 Mb Total Physical Memory | 121,21 Mb Available Physical Memory | 25,28% Memory free

1,10 Gb Paging File | 0,78 Gb Available in Paging File | 71,20% Paging File free

Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 74,52 Gb Total Space | 58,34 Gb Free Space | 78,29% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: HP-AF5E76A48CD1

Current User Name: Carlos

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Output = Standard

File Age = 30 Days

Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2009/04/29 13:37:13 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Messenger\msmsgs.exe:*:Enabled:Windows Messenger

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio Data Module

"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations

"{0AD604BD-75F9-40F8-8EFF-81C9FDAF2FA2}" = CD-ROM Coleção Completa Superinteressante 2006

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA

"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update

"{26792CA7-D87A-4DBE-896B-C2F66B344511}" = Roxio CinePlayer

"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 13

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Roxio Update Manager

"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp

"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3819891A-030B-4a4e-98ED-B28A649E48AB}" = HP Deskjet 3900 series

"{42F6BED9-41DD-40F1-85A8-8E0350493626}" = HPDeskjet3900Series

"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009

"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg

"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch

"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder

"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942

"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003

"{90170416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A04C0520-4B34-4A58-ADC6-EFF04BB0C4D6}" = Great Battles of WWII: Stalingrad (Demo)

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio Audio Module

"{AC76BA86-7AD7-1046-7B44-A00000000001}" = Adobe Reader 6.0.1 - Português

"{AE7CB755-7C0B-4D11-8E5D-D6B6C1090A7B}" = Victoria

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio Copy Module

"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm

"{CBACCC0D-7B8B-4C3E-AA96-B6C64DCF19BB}" = LS_HSI

"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant

"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter

"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status

"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"a-squared free_is1" = a-squared Free 4.0

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"BOOKcase 4.0" = BOOKcase 4.0

"Call of Duty" = Call of Duty

"Cambridge Dictionary of American English, version 1.1" = Cambridge Dictionary of American English, version 1.1

"CNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_205514F1" = PCI SoftV92 Modem

"COMODO Firewall Pro" = COMODO Firewall Pro

"GraphPad Prism_is1" = GraphPad Prism 4

"hijackthis" = HijackThis 2.0.2

"HP Imaging Device Functions" = HP Imaging Device Functions 5.0

"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.0

"HPExtendedCapabilities" = HP Extended Capabilities 5.0

"HT Player" = HT Player

"InterActual Player" = InterActual Player

"Macromedia Shockwave Player" = Macromedia Shockwave Player

"PDFCreator Toolbar" = PDFCreator Toolbar

"Sierra Uninstall" = Sierra On-Line Games (Remove only)

"SimCity 3000" = SimCity 3000

"SiS VGA Driver" = SiS 661FX

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"TONS_2005.1" = Tons

"WinRAR archiver" = Arquivo do WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 16/5/2009 10:03:17 | Computer Name = HP-AF5E76A48CD1 | Source = MsiInstaller | ID = 11706

Description = Product: HPProductAssistant -- Error 1706.No valid source could be

found for product HPProductAssistant. The Windows Installer cannot continue.

Error - 16/5/2009 10:13:51 | Computer Name = HP-AF5E76A48CD1 | Source = Application Hang | ID = 1002

Description = Aplicativo com falha iexplore.exe, versão 6.0.2900.2180, módulo com

falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

Error - 16/5/2009 16:23:52 | Computer Name = HP-AF5E76A48CD1 | Source = crypt32 | ID = 131080

Description = Falha na recuperação de atualização automática do número de seqüência

de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com erro: Esta operação foi retornada porque o tempo limite expirou.

Error - 16/5/2009 16:28:52 | Computer Name = HP-AF5E76A48CD1 | Source = crypt32 | ID = 131080

Description = Falha na recuperação de atualização automática do número de seqüência

de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com erro: O nome ou o endereço do servidor não pôde ser resolvido

Error - 17/5/2009 10:25:53 | Computer Name = HP-AF5E76A48CD1 | Source = crypt32 | ID = 131080

Description = Falha na recuperação de atualização automática do número de seqüência

de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com erro: O nome ou o endereço do servidor não pôde ser resolvido

Error - 17/5/2009 10:26:05 | Computer Name = HP-AF5E76A48CD1 | Source = MsiInstaller | ID = 11706

Description = Product: HPProductAssistant -- Error 1706.No valid source could be

found for product HPProductAssistant. The Windows Installer cannot continue.

Error - 17/5/2009 10:26:21 | Computer Name = HP-AF5E76A48CD1 | Source = MsiInstaller | ID = 11706

Description = Product: HPProductAssistant -- Error 1706.No valid source could be

found for product HPProductAssistant. The Windows Installer cannot continue.

Error - 17/5/2009 10:26:30 | Computer Name = HP-AF5E76A48CD1 | Source = Application Hang | ID = 1002

Description = Aplicativo com falha hpqtra08.exe, versão 0.0.0.0, módulo com falha

hungapp, versão 0.0.0.0, endereço com falha 0x00000000.

Error - 17/5/2009 17:01:49 | Computer Name = HP-AF5E76A48CD1 | Source = crypt32 | ID = 131080

Description = Falha na recuperação de atualização automática do número de seqüência

de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com erro: O nome ou o endereço do servidor não pôde ser resolvido

Error - 17/5/2009 22:18:31 | Computer Name = HP-AF5E76A48CD1 | Source = crypt32 | ID = 131080

Description = Falha na recuperação de atualização automática do número de seqüência

de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

com erro: O nome ou o endereço do servidor não pôde ser resolvido

[ System Events ]

Error - 17/5/2009 22:18:13 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452701

Description = O provedor de tempo NtpClient foi configurado para obter tempo de

uma ou mais fontes de tempo; no entanto, nenhuma delas está acessível no momento.

Não será feita nenhuma tentativa de contatar uma fonte durante 14 minutos. O NtpClient

não tem uma fonte de tempo preciso.

Error - 17/5/2009 22:18:14 | Computer Name = HP-AF5E76A48CD1 | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: Cinemsup sptd

Error - 17/5/2009 22:18:14 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452689

Description = Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível

de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma

nova tentativa em 15 minutos. Erro: Uma operação de soquete foi tentada em um host

inacessível. (0x80072751)

Error - 17/5/2009 22:18:14 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452701

Description = O provedor de tempo NtpClient foi configurado para obter tempo de

uma ou mais fontes de tempo; no entanto, nenhuma delas está acessível no momento.

Não será feita nenhuma tentativa de contatar uma fonte durante 15 minutos. O NtpClient

não tem uma fonte de tempo preciso.

Error - 17/5/2009 22:33:14 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452689

Description = Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível

de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma

nova tentativa em 30 minutos. Erro: Uma operação de soquete foi tentada em um host

inacessível. (0x80072751)

Error - 17/5/2009 22:33:14 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452701

Description = O provedor de tempo NtpClient foi configurado para obter tempo de

uma ou mais fontes de tempo; no entanto, nenhuma delas está acessível no momento.

Não será feita nenhuma tentativa de contatar uma fonte durante 29 minutos. O NtpClient

não tem uma fonte de tempo preciso.

Error - 17/5/2009 23:03:15 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452689

Description = Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível

de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma

nova tentativa em 60 minutos. Erro: Uma operação de soquete foi tentada em um host

inacessível. (0x80072751)

Error - 17/5/2009 23:03:15 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452701

Description = O provedor de tempo NtpClient foi configurado para obter tempo de

uma ou mais fontes de tempo; no entanto, nenhuma delas está acessível no momento.

Não será feita nenhuma tentativa de contatar uma fonte durante 59 minutos. O NtpClient

não tem uma fonte de tempo preciso.

Error - 18/5/2009 00:03:15 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452689

Description = Provedor de tempo NtpClient: erro durante a pesquisa de DNS do nível

de protocolo 'time.windows.com,0x1' configurado manualmente. O NtpClient fará uma

nova tentativa em 120 minutos. Erro: Uma operação de soquete foi tentada em um host

inacessível. (0x80072751)

Error - 18/5/2009 00:03:15 | Computer Name = HP-AF5E76A48CD1 | Source = W32Time | ID = 39452701

Description = O provedor de tempo NtpClient foi configurado para obter tempo de

uma ou mais fontes de tempo; no entanto, nenhuma delas está acessível no momento.

Não será feita nenhuma tentativa de contatar uma fonte durante 119 minutos. O NtpClient

não tem uma fonte de tempo preciso.

< End of report >

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.

Abraço.

DigRam · Maio 21, 2009

Boa Noite! Carlos SP

<@> Baixe: < FixPolicies >

<@> Salve-o no Desktop!

<@> Esteja logado como Administrador.

<@> Execute o arquivo FixPolicies.exe,com um duplo-clique.

<@> Clique em Install.

<@> Abra a pasta FixPolicies --> Clique em Fix_policies.cmd --> Enter.

<@> Dê permissão ao reparo,caso seja negada por programas de proteção.

<@> Aguarde o término da verificação!

<><><><><><><><><><>

<@> Faça um escaneamento de desinfecção,em < BitDefender > e poste o relatório.

<@> Ps: Utilize o navegador Internet Explorer!

<@> Abrirá a página: < BitDefender OnLine Scanner >

<@> Clique em: < >

<@> Aguarde e aceite a instalação do ActiveX,para que possa ocorrer o scan.

<@> Terminando,poste o relatório: C:\Windows\BDOSCAN8\bdoscan.log <--

Abraços!

Carlos SP · Maio 21, 2009

Boa noite, DigRam!

Eis o post bdoscan.log:

[General]

App = "楂䑴晥湥敤⁲湏楬敮匠慣湮牥 v8"

Date = 21:05:2009

Time = 18:46:14

Scan Path = A:\;C:\;D:\;

[Engines Info]

Virus Definitions = 3095089

Engine build = "AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)"

Scan plugins = 17

Archive plugins = 45

Unpack plugins = 7

E-mail plugins = 6

System plugins = 4

[scan Statistics]

Folders = 3226

Files = 215871

Archives = 1334

Packed files = 9161

Identified viruses = 1

Infected files = 35

Warnings = 0

Suspect files = 0

Disinfected files = 0

Deleted files = 35

Copied files = 0

Moved files = 0

Renamed files = 0

I/O Errors = 41

[scan Settings]

SecondAction = Delete

FirstAction = Disinfect

Heuristics = 1

Enable Warnings = 1

Exclude Ext =

Extensions = *;

Scan Emails = 1

Scan Archives = 1

Scan Packed = 1

Scan Files = 1

Scan Boot = 1

Verify Memory = 0

[scan Results]

Line00000104 = "C:\Arquivos de programas\Call of Duty\Docs\Help\index.htm Infected with: Trojan.Iframe.GS"

Line00000103 = "C:\Arquivos de programas\Call of Duty\Docs\Help\index.htm Disinfection failed"

Line00000102 = "C:\Arquivos de programas\Call of Duty\Docs\Help\index.htm Deleted"

Line00000101 = "C:\Arquivos de programas\Call of Duty\Docs\Help\Readme\readme.htm Infected with: Trojan.Iframe.GS"

Line00000100 = "C:\Arquivos de programas\Call of Duty\Docs\Help\Readme\readme.htm Disinfection failed"

Line00000099 = "C:\Arquivos de programas\Call of Duty\Docs\Help\Readme\readme.htm Deleted"

Line00000098 = "C:\Arquivos de programas\Roxio\CinePlayer\PTB\Readme.htm Infected with: Trojan.Iframe.GS"

Line00000097 = "C:\Arquivos de programas\Roxio\CinePlayer\PTB\Readme.htm Disinfection failed"

Line00000096 = "C:\Arquivos de programas\Roxio\CinePlayer\PTB\Readme.htm Deleted"

Line00000095 = "C:\WINDOWS\Help\ixqlang.htm Infected with: Trojan.Iframe.GS"

Line00000094 = "C:\WINDOWS\Help\ixqlang.htm Disinfection failed"

Line00000093 = "C:\WINDOWS\Help\ixqlang.htm Deleted"

Line00000092 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\about_support.htm Infected with: Trojan.Iframe.GS"

Line00000091 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\about_support.htm Disinfection failed"

Line00000090 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\about_support.htm Deleted"

Line00000089 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\Favorites.htm Infected with: Trojan.Iframe.GS"

Line00000088 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\Favorites.htm Disinfection failed"

Line00000087 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\Favorites.htm Deleted"

Line00000086 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\ftshelp.htm Infected with: Trojan.Iframe.GS"

Line00000085 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\ftshelp.htm Disinfection failed"

Line00000084 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\ftshelp.htm Deleted"

Line00000083 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\History.htm Infected with: Trojan.Iframe.GS"

Line00000082 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\History.htm Disinfection failed"

Line00000081 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\History.htm Deleted"

Line00000080 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\Index.htm Infected with: Trojan.Iframe.GS"

Line00000079 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\Index.htm Disinfection failed"

Line00000078 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\Index.htm Deleted"

Line00000077 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\isupport.htm Infected with: Trojan.Iframe.GS"

Line00000076 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\isupport.htm Disinfection failed"

Line00000075 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\isupport.htm Deleted"

Line00000074 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\keywordhelp.htm Infected with: Trojan.Iframe.GS"

Line00000073 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\keywordhelp.htm Disinfection failed"

Line00000072 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\keywordhelp.htm Deleted"

Line00000071 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\options.htm Infected with: Trojan.Iframe.GS"

Line00000070 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\options.htm Disinfection failed"

Line00000069 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\options.htm Deleted"

Line00000068 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\searchblurb.htm Infected with: Trojan.Iframe.GS"

Line00000067 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\searchblurb.htm Disinfection failed"

Line00000066 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\searchblurb.htm Deleted"

Line00000065 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\tools.htm Infected with: Trojan.Iframe.GS"

Line00000064 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\tools.htm Disinfection failed"

Line00000063 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\tools.htm Deleted"

Line00000062 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\windows_newsgroups.htm Infected with: Trojan.Iframe.GS"

Line00000061 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\windows_newsgroups.htm Disinfection failed"

Line00000060 = "C:\WINDOWS\pchealth\helpctr\System\blurbs\windows_newsgroups.htm Deleted"

Line00000059 = "C:\WINDOWS\pchealth\helpctr\System\errors\badurl.htm Infected with: Trojan.Iframe.GS"

Line00000058 = "C:\WINDOWS\pchealth\helpctr\System\errors\badurl.htm Disinfection failed"

Line00000057 = "C:\WINDOWS\pchealth\helpctr\System\errors\badurl.htm Deleted"

Line00000056 = "C:\WINDOWS\pchealth\helpctr\System\errors\indexfirstlevel.htm Infected with: Trojan.Iframe.GS"

Line00000055 = "C:\WINDOWS\pchealth\helpctr\System\errors\indexfirstlevel.htm Disinfection failed"

Line00000054 = "C:\WINDOWS\pchealth\helpctr\System\errors\indexfirstlevel.htm Deleted"

Line00000053 = "C:\WINDOWS\pchealth\helpctr\System\errors\notfound.htm Infected with: Trojan.Iframe.GS"

Line00000052 = "C:\WINDOWS\pchealth\helpctr\System\errors\notfound.htm Disinfection failed"

Line00000051 = "C:\WINDOWS\pchealth\helpctr\System\errors\notfound.htm Deleted"

Line00000050 = "C:\WINDOWS\pchealth\helpctr\System\errors\offline.htm Infected with: Trojan.Iframe.GS"

Line00000049 = "C:\WINDOWS\pchealth\helpctr\System\errors\offline.htm Disinfection failed"

Line00000048 = "C:\WINDOWS\pchealth\helpctr\System\errors\offline.htm Deleted"

Line00000047 = "C:\WINDOWS\pchealth\helpctr\System\errors\redirect.htm Infected with: Trojan.Iframe.GS"

Line00000046 = "C:\WINDOWS\pchealth\helpctr\System\errors\redirect.htm Disinfection failed"

Line00000045 = "C:\WINDOWS\pchealth\helpctr\System\errors\redirect.htm Deleted"

Line00000044 = "C:\WINDOWS\pchealth\helpctr\System\errors\unreachable.htm Infected with: Trojan.Iframe.GS"

Line00000043 = "C:\WINDOWS\pchealth\helpctr\System\errors\unreachable.htm Disinfection failed"

Line00000042 = "C:\WINDOWS\pchealth\helpctr\System\errors\unreachable.htm Deleted"

Line00000041 = "C:\WINDOWS\pchealth\helpctr\System\Headlines.htm Infected with: Trojan.Iframe.GS"

Line00000040 = "C:\WINDOWS\pchealth\helpctr\System\Headlines.htm Disinfection failed"

Line00000039 = "C:\WINDOWS\pchealth\helpctr\System\Headlines.htm Deleted"

Line00000038 = "C:\WINDOWS\pchealth\helpctr\System\HomePage__DESKTOP.htm Infected with: Trojan.Iframe.GS"

Line00000037 = "C:\WINDOWS\pchealth\helpctr\System\HomePage__DESKTOP.htm Disinfection failed"

Line00000036 = "C:\WINDOWS\pchealth\helpctr\System\HomePage__DESKTOP.htm Deleted"

Line00000035 = "C:\WINDOWS\pchealth\helpctr\System\HomePage__SERVER.htm Infected with: Trojan.Iframe.GS"

Line00000034 = "C:\WINDOWS\pchealth\helpctr\System\HomePage__SERVER.htm Disinfection failed"

Line00000033 = "C:\WINDOWS\pchealth\helpctr\System\HomePage__SERVER.htm Deleted"

Line00000032 = "C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm Infected with: Trojan.Iframe.GS"

Line00000031 = "C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm Disinfection failed"

Line00000030 = "C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm Deleted"

Line00000029 = "C:\WINDOWS\pchealth\helpctr\System\panels\firstpage.htm Infected with: Trojan.Iframe.GS"

Line00000028 = "C:\WINDOWS\pchealth\helpctr\System\panels\firstpage.htm Disinfection failed"

Line00000027 = "C:\WINDOWS\pchealth\helpctr\System\panels\firstpage.htm Deleted"

Line00000026 = "C:\WINDOWS\pchealth\helpctr\System\panels\HHWrapper.htm Infected with: Trojan.Iframe.GS"

Line00000025 = "C:\WINDOWS\pchealth\helpctr\System\panels\HHWrapper.htm Disinfection failed"

Line00000024 = "C:\WINDOWS\pchealth\helpctr\System\panels\HHWrapper.htm Deleted"

Line00000023 = "C:\WINDOWS\pchealth\helpctr\System\panels\MiniNavBar.htm Infected with: Trojan.Iframe.GS"

Line00000022 = "C:\WINDOWS\pchealth\helpctr\System\panels\MiniNavBar.htm Disinfection failed"

Line00000021 = "C:\WINDOWS\pchealth\helpctr\System\panels\MiniNavBar.htm Deleted"

Line00000020 = "C:\WINDOWS\pchealth\helpctr\System\panels\Options.htm Infected with: Trojan.Iframe.GS"

Line00000019 = "C:\WINDOWS\pchealth\helpctr\System\panels\Options.htm Disinfection failed"

Line00000018 = "C:\WINDOWS\pchealth\helpctr\System\panels\Options.htm Deleted"

Line00000017 = "C:\WINDOWS\pchealth\helpctr\System\panels\ShareHelp.htm Infected with: Trojan.Iframe.GS"

Line00000016 = "C:\WINDOWS\pchealth\helpctr\System\panels\ShareHelp.htm Disinfection failed"

Line00000015 = "C:\WINDOWS\pchealth\helpctr\System\panels\ShareHelp.htm Deleted"

Line00000014 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\History.htm Infected with: Trojan.Iframe.GS"

Line00000013 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\History.htm Disinfection failed"

Line00000012 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\History.htm Deleted"

Line00000011 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Index.htm Infected with: Trojan.Iframe.GS"

Line00000010 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Index.htm Disinfection failed"

Line00000009 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Index.htm Deleted"

Line00000008 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Options.htm Infected with: Trojan.Iframe.GS"

Line00000007 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Options.htm Disinfection failed"

Line00000006 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Options.htm Deleted"

Line00000005 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Subsite.htm Infected with: Trojan.Iframe.GS"

Line00000004 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Subsite.htm Disinfection failed"

Line00000003 = "C:\WINDOWS\pchealth\helpctr\System\panels\subpanels\Subsite.htm Deleted"

Line00000002 = "C:\WINDOWS\pchealth\helpctr\System\panels\Topics.htm Infected with: Trojan.Iframe.GS"

Line00000001 = "C:\WINDOWS\pchealth\helpctr\System\panels\Topics.htm Disinfection failed"

Line00000000 = "C:\WINDOWS\pchealth\helpctr\System\panels\Topics.htm Deleted"

---

Abraços!

DigRam · Maio 24, 2009

Boa Noite! Carlos SP

<@> Execute o OTListIt2.exe.

<@> Copie estas informações que estão no QUOTE,para o campo clipboard da ferramenta. ( Custom Scans/Fixes )

:Processes
explorer.exe

:OTLI

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-3748263854-567553014-1567553014-1295907222-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate= 1

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present

:Commands

[purity]

[emptytemp]

[start explorer]

[Reboot]

<@> Clique no botão Run Fix --> Aguarde a conclusão!

<@> Terminando,vá até a pasta: C:\_OTListIt\MovedFiles\*.log <-- Poste!

Abraços!

Carlos SP · Maio 25, 2009

Boa noite, DigRam!

O OTlistIt travou enquanto corriam os processos (nas três vezes que tentei executá-lo), especificamente na seguinte linha:

"O7 - HKU\S-1-5-21-3748263854

56755301412959072221007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:NoWindowsUpdate=1

(...)"

Comparando com as outras linhas, vi que nessas duas faltam alguns "hífens" (p.ex. O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\). Pode ser isso que travou o OTListIt?

---

Abraços!

DigRam · Maio 26, 2009

Boa noite, DigRam!

O OTlistIt travou enquanto corriam os processos (nas três vezes que tentei executá-lo), especificamente na seguinte linha:

"O7 - HKU\S-1-5-21-3748263854

56755301412959072221007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:NoWindowsUpdate=1

(...)"

Comparando com as outras linhas, vi que nessas duas faltam alguns "hífens" (p.ex. O7 - HKU\S-1-5-21-3748263854-567553014-1295907222-1007\). Pode ser isso que travou o OTListIt?

---

Abraços!

<><><><><><><><><>

Opa! Carlos SP

<!> Com certeza,foi um fator inibidor.

<!> Editei lá no Post,a correção. Tente,novamente,executar o OTListIt.

Abraços!

Carlos SP · Maio 26, 2009

Boa noite, DigRam!

Desta vez deu certo...

Log:

========== PROCESSES ==========

Process explorer.exe killed successfully!

========== OTLISTIT ==========

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.

Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.

Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.

Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.

Registry key HKEY_USERS\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.

Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.

Registry key HKEY_USERS\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-21-3748263854-567553014-1295907222-1007\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.

Registry key HKEY_USERS\S-1-5-21-3748263854-567553014-1295907222-1007\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

Registry key HKEY_USERS\S-1-5-21-3748263854-567553014-1567553014-1295907222-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.

Registry key HKEY_USERS\S-1-5-21-3748263854-567553014-1295907222-1007_Classes\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.

Registry key HKEY_USERS\S-1-5-21-3748263854-567553014-1295907222-1007_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.

========== COMMANDS ==========

File delete failed. C:\Documents and Settings\Carlos\Configurações locais\Temp\~DF57E.tmp scheduled to be deleted on reboot.

User's Temp folder emptied.

User's Internet Explorer cache folder emptied.

File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_1cc.dat scheduled to be deleted on reboot.

Windows Temp folder emptied.

Java cache emptied.

Temp folders emptied.

Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.15.6 log created on 05262009_012653

Files moved on Reboot...

File C:\Documents and Settings\Carlos\Configurações locais\Temp\~DF57E.tmp not found!

File C:\WINDOWS\temp\Perflib_Perfdata_1cc.dat not found!

Registry entries deleted on Reboot...

-------------------------------------------

Abraços!

DigRam · Maio 26, 2009

Boa Noite! Carlos SP

<@> Tenha em mãos,o CD-ROM do Windows-XP.

<@> No Executar,digite ou cole: %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection AutoUpdate 132 %SystemRoot%\inf\au.inf

<@> Dê o Ok!

<@> Quando o CD-ROM for solicitado,dê o caminho: %windir%\servicepackfiles\i386

<@> Caso não funcione,abra o prompt e digite:

REG DELETE "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate" /v DisableWindowsUpdateAccess /f --> Aperte Enter!

REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v AUOptions /f --> Aperte Enter!

REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /f --> Aperte Enter!

net start wuauserv --> Aperte Enter!

<@> Ps: Este último iniciará o serviço de Atualização Automática.

<><><><><><><><><><><><><><>

<!> Creio que,dentre os meus conhecimentos,já lhe passei tudo sobre a Restauração dessa importante função.

Abraços!

Carlos SP · Junho 3, 2009

Boa noite, DigRam!

Desculpe-me pela demora em responder, tive alguns problemas de conexão nos últimos dias.

<@> No Executar,digite ou cole: %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection AutoUpdate 132 %SystemRoot%\inf\au.inf
<@> Dê o Ok!

<@> Quando o CD-ROM for solicitado,dê o caminho: %windir%\servicepackfiles\i386

Copiei e colei, mas não aconteceu nada - nem foi solicitado o CD.

<@> Caso não funcione,abra o prompt e digite:

REG DELETE "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate" /v DisableWindowsUpdateAccess /f --> Aperte Enter!

REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v AUOptions /f --> Aperte Enter!

REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /f --> Aperte Enter!

net start wuauserv --> Aperte Enter!

Na primeira vez que tentei, apenas a primeira linha foi aceita; para as demais, houve o aviso de que não foram encontrados os registros. Em outras tentativas, nem a primeira linha foi possível.

----------------------------

É possível que o acesso negado às Atualizações Automáticas esteja relacionado ao firewall Comodo??? Pergunto isso porque, recentemente, "perdi" o acesso à Internet, e só o recuperei ajustando essa permissão no Comodo...

-----------------------------

Abraços!

DigRam · Junho 6, 2009

Boa Noite! Carlos SP

É possível que o acesso negado às Atualizações Automáticas esteja relacionado ao firewall Comodo??? Pergunto isso porque, recentemente, "perdi" o acesso à Internet, e só o recuperei ajustando essa permissão no Comodo...

<!> Sim! Mas...esse problema não lhe acometeu,antes da instalação do Comodo?

<><><><><><><><><>

<@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 )

<@> Salve-o no Desktop! --> Tire-o do zip!

<@> Desabilite,temporariamente,seus programas de proteção. <-- ( antivírus,antispyware e firewall )

<@> Para maiores detalhes,na instalação,siga as recomendações deste Tutorial. <-- Link

<@> Execute a ferramenta,com um duplo-clique em UsbFix.exe.

<@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... )

<@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok.

<@> O computador irá reiniciar. <-- Aguarde!

<@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta.

<@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante!

<@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter.

<@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado.

Abraços!

Carlos SP · Junho 8, 2009

Boa noite, DigRam!

UsbFix.txt:

############################## [ UsbFix V3.029 | Cleaning ]

# User : Carlos (Administradores) # HP-AF5E76A48CD1

# Update on 05/06/09 by Chiquitine29, C_XX & Chimay8

# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html

# Start at: 18:23:57 | 8/6/2009

# Intel® Pentium® 4 CPU 3.20GHz

# Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 2

# Internet Explorer 6.0.2900.2180

# Windows Firewall Status : Enabled

# AV : AntiVir Desktop 9.0.1.26 [ (!) Disabled | Updated ]

# FW : COMODO Firewall Pro[ (!) Disabled ]2.3.035

# A:\ # Unidade de disquete de 3 1/2 polegadas

# C:\ # Disco fixo local # 74,52 Go (57,64 Go free) # NTFS

# D:\ # Disco CD-ROM

# H:\ # Disco removível # 1,89 Go (1,11 Go free) [KINGSTON] # FAT

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\logonui.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\a-squared Free\a2service.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\TUProgSt.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\WgaTray.exe

################## [ Fichiers # Dossiers infectieux ]

Deleted ! H:\RunDll32.exe

(!) Not Deleted ! H:\autorun.inf

Deleted ! "H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013"

################## [ Registre # Clés Run infectieuses ]

Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

Deleted ! HKLM\software\microsoft\windows nt\currentversion\winlogon "Taskman"

################## [ Registre # Mountpoints2 ]

################## [ Listing des fichiers présent ]

[28/09/2005 08:44|--a------|0] - C:\AUTOEXEC.BAT

[28/04/2009 00:13|--a------|211] - C:\Boot.bak

[05/05/2009 01:08|-rahs----|281] - C:\boot.ini

[03/05/2009 01:27|--a------|281] - C:\boot.ini.comodofirewall

[04/08/2004 06:00|-rahs----|4952] - C:\Bootfont.bin

[09/08/2008 19:16|--a------|6643] - C:\ccc.exe

[03/08/2004 23:00|--a------|261920] - C:\cmldr

[28/09/2005 08:44|--a------|0] - C:\CONFIG.SYS

[19/01/2009 17:45|--a------|199] - C:\Documento recuperado 1.txt

[19/01/2009 17:45|--a------|120] - C:\Documento recuperado.txt

[?|?|?] - C:\hiberfil.sys

[28/09/2005 08:44|-rahs----|0] - C:\IO.SYS

[09/08/2008 00:31|--a------|1539] - C:\krk.exe

[09/08/2008 14:33|--a------|1635] - C:\kvk.exe

[28/09/2005 08:44|-rahs----|0] - C:\MSDOS.SYS

[04/08/2004 06:00|-rahs----|47564] - C:\NTDETECT.COM

[04/08/2004 06:00|-rahs----|251168] - C:\ntldr

[?|?|?] - C:\pagefile.sys

[08/06/2009 18:25|--a------|3299] - C:\UsbFix.txt

[01/05/2009 15:19|---------|894] - C:\Win32.Worm.Downladup.Gen.log

[12/05/2009 10:33|--a------|593] - C:\Winupdt.vbs

[29/04/2009 19:58|--a------|33280] - H:\MSMSGS.EXE

[29/04/2009 19:58|--a------|33280] - H:\TZNWJ.EXE

[03/03/2009 21:58|--a------|5764096] - H:\Apresentação Carlos F. Felgueiras 04março2009.ppt

[16/03/2009 01:48|--a------|32768] - H:\CV - Carlos Farias Felgueiras (março2009).doc

[08/04/2009 08:45|--a------|27648] - H:\Provisório 2.doc

[29/04/2009 19:58|--a------|33280] - H:\WINSERVICES.EXE

[31/03/2009 14:03|--a------|55296] - H:\Provisório.doc

[31/07/2008 01:59|---h-----|29696] - H:\~WRL0488.tmp

[15/04/2009 13:38|--a------|115073] - H:\Curso Pesquisa Clínica - Racine.pdf

[?|?|?] - H:\AUTORUN.INF

[29/04/2009 19:58|--a------|33280] - H:\QYESO.EXE

[15/04/2009 13:42|--a------|128591] - H:\Curso Farmácia Hospitalar - Racine.pdf

[27/04/2009 14:46|--a------|22528] - H:\Sobre HOSTS.doc

[17/04/2009 14:46|--a------|502784] - H:\Instruções para pesquisa nos algoritmos BIMAS e SYFPEITHI (17042009).doc

[27/04/2009 14:55|--a------|3063218] - H:\Norton_Removal_Tool.exe

[29/04/2009 11:55|--a------|2011997] - H:\Cópia RG - Francisca Fernanda Farias Felgueiras.JPG

[29/04/2009 12:04|--a------|13827712] - H:\drweb-cureit.exe

[29/04/2009 12:07|--a------|8951392] - H:\referências.zip

[29/04/2009 12:08|--a------|38473448] - H:\setup_7.0.0.290_29.04.2009_16-50.exe

[?|?|?] - H:\-¦¾üY¹à+.õƒ

################## [ Vaccination ]

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

################## [ ! Fin du rapport # UsbFix V3.029 ! ]

__________________________________________________________

HijackThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:36:22, on 8/6/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\a-squared Free\a2service.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\TUProgSt.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\Comodo\Firewall\cpf.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Hijack\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/