Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

RAT_GTR

[Resolvido!] PC trava

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

RAT_GTR    0

RAT_GTR
Postado

Olá pessoal!

 

Não pretendia incomodar vocês novamente já que fiz isso há pouco tempo, mas a Internet começou a ficar lenta, muuuuito lenta, a velocidade de download estava e está normal mas para abrir sites etc é horrível, tentei de tudo e não deu, o provedor disse estar tudo normal com as linhas, equipamentos...

Decidi formatar (tentei adiar isso ao máximo hehehe), o problema é que agora o PC trava a cada 10 minutos, nem consegue desligar qndo trava, abre coisas "do nada" (como páginas do Firefox, Meu Computador)...

Antes usava Avast!+Comodo+Spybot, agora baixei o Avira + Spybot, o Avira sempre pega um monte de vírus, trojans e BDO (ou BDR, coisa assim), e para instalar o Comodo preciso do SP2, só que quando trava o download sempre fica corrompido, e a Internet continua ruim (tanto no FF qnto no IE).

Caso seja possível, poderiam dar uma olhadinha no log?

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:09:52, on 19/8/2009

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\WgaTray.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Hijack\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{68FB9C9A-9F63-4E01-B10D-F16760E326F3}: NameServer = 200.221.11.100,200.221.11.101

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 4854 bytes

 

================================================================================

A barra de tarefas acabou de travar...

Será que vale a pena formatar tudo de novo ou vou passar mais raiva ainda?

 

Obrigado, abraço!

Obs. Tem algum perigo em digitar senhas por enquanto? Ah, sempre mando tudo para quarentena, se quiserem posso colocar os nomes do que o Avira pegou.

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Bom Dia! RAT_GTR

 

<@> Abra o Spybot Search & Destroy!

<@> No menu superior,vá em Modo e selecione a opção Avançado. --> Confirme!

<@> Clique no botão Ferramentas e depois em Residente.

<@> Desmarque a opção: Ativar "TeaTimer" do Residente. ( Proteção geral das configurações de sistema )

<><><><><><><><><><><>

<@> Baixe: < McAfee Avert Stinger >

<@> Salve-o no Desktop!

<@> Clique em Add,e adicione as demais unidades de disco que possua. ( Por exemplo, a unidade D:\ )

<@> Em seguida,clique em "Scan now".

<@> Aguarde o término do Scan.

<><><><><><><><><><><>

<@> Baixe: < thumb_mbam256.png > Malwarebytes

<@> Atualize o programa!

<@> Escolha o escaneamento Completo!

<@> Desabilite programas de proteção,ao executar o malwarebytes.

<@> Procure enviar os ítens detectados para a quarentena,clicando em Remover itens.

<@> Para maiores detalhes: < Link >

<><><><><><><><><><><>

<@> Poste,os relatórios: mbam-log-2009-xx-xx (00-00-00).txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

RAT_GTR    0

RAT_GTR
Postado

Muito Boa Noite, DigRam!

 

Passei o primeiro programa, ele achou e excluiu automaticamente um arquivo, algo como "o.exe" que estava infectado com W32/SDBOT.worm.

O Malwarebytes ao que parece não achou nada.

O PC continua travando e com internet ruim, mas por enquanto não abriu nenhuma aba do Firefox nem outras coisas estranhas que ele abria.

Seguem os logs.

 

Malwarebytes' Anti-Malware 1.40

Versão do banco de dados: 2665

Windows 5.1.2600 Service Pack 1

 

20/8/2009 18:14:33

mbam-log-2009-08-20 (18-14-33).txt

 

Tipo de Verificação: Completa (C:\|D:\|E:\|)

Objetos verificados: 128884

Tempo decorrido: 22 minute(s), 27 second(s)

 

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 0

Valores do Registro infectados: 0

Ítens do Registro infectados: 0

Pastas infectadas: 0

Arquivos infectados: 0

 

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

 

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

 

Chaves do Registro infectadas:

(Nenhum ítem malicioso foi detectado)

 

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

====================================================================

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:29:02, on 20/8/2009

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\WgaTray.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe

C:\Hijack\HiJackThis.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 4649 bytes

======================================================================

Obrigado e abraço.

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! RAT_GTR

 

<!> Mantenha,ainda,desabilitado o Spybot. ( TeaTimer )

<><><><><><><><><><>

<@> Abra o HijackThis --> Clique: Do a system scan only

 

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

 

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

<@> Marque,àcima,estas entradas --> Clique: Fix checked --> Sim!

<><><><><><><><><><>

<@> Baixe: < otlDesktopIcon.png > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

 

OTLI-scan.png

 

<@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users".

<@> Segundo a imagem,mude a opção em "Output" para "Minimal Output".

<@> Clique em: < runscanbutton.png > --> Aguarde!

<@> Poste:

 

<1> OTL.txt <--

<2> Extra.txt <--

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

RAT_GTR    0

RAT_GTR
Postado

Boa Noite DigRam!

 

Fiz os procedimentos e executei o OTL, os logs estão logo abaixo.

 

OTL logfile created on: 20/8/2009 20:25:14 - Run 1

OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Home\Desktop

Windows XP Professional Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2800.1106)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

1,99 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 77,22% Memory free

3,84 Gb Paging File | 3,53 Gb Available in Paging File | 91,82% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 53,71 Gb Total Space | 43,51 Gb Free Space | 80,99% Space Free | Partition Type: NTFS

Drive D: | 10,74 Gb Total Space | 2,96 Gb Free Space | 27,52% Space Free | Partition Type: NTFS

Drive E: | 10,07 Gb Total Space | 4,15 Gb Free Space | 41,25% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: NRLR-M04QJKA95R

Current User Name: Home

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)

PRC - C:\WINDOWS\System32\WgaTray.exe (Microsoft Corporation)

PRC - C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)

PRC - C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)

PRC - C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)

PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Arquivos de programas\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

PRC - C:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Documents and Settings\Home\Desktop\OTL.exe (OldTimer Tools)

 

========== Win32 Services (SafeList) ==========

 

SRV - (AntiVirSchedulerService [Auto | Running]) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (AntiVirService [Auto | Running]) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

SRV - (uploadmgr [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

SRV - (WmdmPmSp [Auto | Running]) -- C:\WINDOWS\System32\mspmspsv.dll (Microsoft Corporation)

 

========== Driver Services (SafeList) ==========

 

DRV - (avgntdd [system | Running]) -- C:\WINDOWS\System32\DRIVERS\avgntdd.sys (Avira GmbH)

DRV - (avgntmgr [boot | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntmgr.sys (Avira GmbH)

DRV - (avipbb [system | Running]) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys (Avira GmbH)

DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)

DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys (Intel Corporation)

DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)

DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation )

DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys ()

DRV - (ssmdrv [system | Running]) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (Avira GmbH)

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

 

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1078081533-1303643608-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm

IE - HKU\S-1-5-21-1078081533-1303643608-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

IE - HKU\S-1-5-21-1078081533-1303643608-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKU\S-1-5-21-1078081533-1303643608-839522115-1003\S-1-5-21-1078081533-1303643608-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "Ask.com (Virtus Designs)"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.uol.com.br/"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1

FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6

FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.15

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:3.0.3

FF - prefs.js..extensions.enabledItems: pt-BR@dictionaries.addons.mozilla.org:1.0.0.1

FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090414

FF - prefs.js..extensions.enabledItems: orbit_ffext@orbitdownloader:2.0.2

FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.5

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

 

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff [2009/08/18 14:25:11 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2009/08/16 17:33:35 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2009/08/18 14:25:20 | 00,000,000 | ---D | M]

 

[2009/08/16 18:10:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Extensions

[2009/08/16 18:10:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009/08/19 20:24:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions

[2009/08/16 18:21:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2009/08/16 18:21:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}

[2009/08/16 18:17:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}

[2009/08/16 18:21:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2009/08/16 18:21:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2009/08/16 21:08:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2009/08/16 18:21:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2009/08/16 18:21:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}

[2009/08/16 18:21:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\anycolor.pavlos256@gmail.com

[2009/08/16 18:21:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\askopensearch-VTS@ask.com

[2009/08/16 18:21:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\en-US@dictionaries.addons.mozilla.org

[2009/08/16 18:21:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\pt-BR@dictionaries.addons.mozilla.org

[2009/08/16 18:17:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions

[2009/08/16 18:17:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions

[2009/08/16 18:17:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions

[2009/08/16 18:17:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dados de aplicativos\mozilla\Firefox\Profiles\vhwwunfo.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions

[2009/08/18 21:29:51 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions

[2009/08/16 17:31:23 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009/08/18 14:25:21 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

[2009/07/30 20:45:43 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browserdirprovider.dll

[2009/07/30 20:45:43 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\brwsrcmp.dll

[2009/08/18 14:25:10 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\mozilla firefox\plugins\npdeploytk.dll

[2009/07/30 20:45:43 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Arquivos de programas\mozilla firefox\plugins\npnul32.dll

[2009/07/30 19:51:30 | 00,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml

[2009/07/30 20:45:41 | 00,002,371 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\google.xml

[2009/07/30 19:51:30 | 00,001,135 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml

[2009/07/30 19:51:30 | 00,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml

[2009/07/30 19:51:30 | 00,000,648 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml

 

O1 HOSTS File: (321537 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 11016 more lines...

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (&Rádio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll ()

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)

O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [skyTel] C:\WINDOWS\SkyTel.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1078081533-1303643608-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Download by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\S-1-5-21-1078081533-1303643608-839522115-1003\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.76.224.13 201.76.224.14

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\msdxm.ocx (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/08/16 16:33:31 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[1 C:\WINDOWS\System32\*.tmp files]

[2 C:\WINDOWS\*.tmp files]

[2009/08/20 20:22:15 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTL.exe

[2009/08/20 18:49:56 | 00,017,144 | ---- | C] () -- C:\Documents and Settings\Home\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT

[2009/08/20 15:26:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Malwarebytes

[2009/08/20 15:26:24 | 00,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2009/08/20 15:26:21 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009/08/20 15:26:18 | 00,018,456 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009/08/20 15:26:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes

[2009/08/20 15:26:18 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware

[2009/08/19 21:09:29 | 00,000,000 | ---D | C] -- C:\Hijack

[2009/08/18 21:29:37 | 00,000,000 | ---D | C] -- C:\downloads

[2009/08/18 21:29:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\GrabPro

[2009/08/18 21:29:36 | 00,000,782 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Orbit.lnk

[2009/08/18 21:29:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Orbit

[2009/08/18 21:29:34 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Orbitdownloader

[2009/08/18 20:06:20 | 00,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys

[2009/08/18 20:06:20 | 00,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys

[2009/08/18 20:03:50 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys

[2009/08/18 20:03:50 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys

[2009/08/18 15:28:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

[2009/08/18 15:23:53 | 24,281,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009/08/18 14:53:18 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

[2009/08/18 14:43:06 | 01,000,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll

[2009/08/18 14:25:20 | 00,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll

[2009/08/18 14:25:20 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2009/08/18 14:25:19 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2009/08/18 14:25:19 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2009/08/18 14:25:19 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2009/08/18 14:25:07 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Java

[2009/08/18 14:17:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Sun

[2009/08/17 21:10:40 | 00,006,476 | ---- | C] () -- C:\Documents and Settings\Home\Meus documentos\cc_20090817_211038.reg

[2009/08/17 20:49:27 | 00,000,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090817-204927.backup

[2009/08/17 20:41:44 | 00,000,989 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Spybot - Search & Destroy.lnk

[2009/08/17 20:41:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

[2009/08/17 20:41:24 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Spybot - Search & Destroy

[2009/08/17 17:24:35 | 00,000,415 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009/08/17 17:24:18 | 00,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Microsoft Office.lnk

[2009/08/17 17:23:58 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Visual Studio

[2009/08/17 17:23:56 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Designer

[2009/08/17 17:22:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew

[2009/08/17 17:21:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Microsoft Web Folders

[2009/08/17 17:21:45 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Office

[2009/08/17 15:53:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Meus documentos\Meus arquivos recebidos

[2009/08/17 15:48:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2009/08/17 15:47:53 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$

[2009/08/17 15:47:30 | 00,015,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2009/08/17 15:47:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall

[2009/08/17 15:47:27 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$

[2009/08/17 15:34:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2009/08/17 15:22:42 | 00,360,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll

[2009/08/17 15:22:42 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll

[2009/08/17 15:22:42 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll

[2009/08/17 15:22:42 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll

[2009/08/17 15:22:42 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll

[2009/08/17 15:22:42 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll

[2009/08/17 15:22:42 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll

[2009/08/17 15:22:42 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll

[2009/08/17 15:22:42 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll

[2009/08/16 21:52:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Macromedia

[2009/08/16 21:52:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Adobe

[2009/08/16 20:59:16 | 00,005,120 | ---- | C] () -- C:\Documents and Settings\Home\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/08/16 20:58:13 | 00,004,028 | ---- | C] () -- C:\Documents and Settings\Home\Meus documentos\cc_20090816_205810.reg

[2009/08/16 18:14:41 | 00,001,620 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\CCleaner.lnk

[2009/08/16 18:14:40 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\CCleaner

[2009/08/16 18:12:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Meus documentos\Downloads

[2009/08/16 18:10:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2009/08/16 18:06:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2009/08/16 18:05:58 | 00,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk

[2009/08/16 18:05:54 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2009/08/16 18:05:54 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2009/08/16 18:05:54 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2009/08/16 18:05:54 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2009/08/16 18:05:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Avira

[2009/08/16 18:05:51 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Avira

[2009/08/16 17:41:20 | 00,169,328 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.cpl

[2009/08/16 17:41:20 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.ini

[2009/08/16 17:39:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution

[2009/08/16 17:36:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2009/08/16 17:36:41 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll

[2009/08/16 17:36:41 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll

[2009/08/16 17:36:41 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl

[2009/08/16 17:36:41 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll

[2009/08/16 17:36:41 | 00,186,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll

[2009/08/16 17:36:41 | 00,169,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe

[2009/08/16 17:36:41 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll

[2009/08/16 17:33:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Mozilla

[2009/08/16 17:33:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Configurações locais\Dados de aplicativos\Mozilla

[2009/08/16 17:31:24 | 00,001,674 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2009/08/16 17:31:22 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Firefox

[2009/08/16 17:22:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt

[2009/08/16 17:15:47 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Gigabyte

[2009/08/16 17:15:42 | 00,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe

[2009/08/16 17:12:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages

[2009/08/16 17:12:13 | 01,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvidctl.dll

[2009/08/16 17:12:13 | 01,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll

[2009/08/16 17:12:13 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2009/08/16 17:12:13 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll

[2009/08/16 17:12:13 | 00,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax

[2009/08/16 17:12:13 | 00,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax

[2009/08/16 17:12:13 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax

[2009/08/16 17:12:13 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax

[2009/08/16 17:12:13 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nabtsfec.sys

[2009/08/16 17:12:13 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys

[2009/08/16 17:12:13 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax

[2009/08/16 17:12:13 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax

[2009/08/16 17:12:13 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax

[2009/08/16 17:12:13 | 00,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys

[2009/08/16 17:12:13 | 00,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys

[2009/08/16 17:12:13 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll

[2009/08/16 17:12:13 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll

[2009/08/16 17:12:13 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax

[2009/08/16 17:12:13 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax

[2009/08/16 17:12:13 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax

[2009/08/16 17:12:13 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax

[2009/08/16 17:12:13 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax

[2009/08/16 17:12:13 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbisurf.ax

[2009/08/16 17:12:13 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wstcodec.sys

[2009/08/16 17:12:13 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys

[2009/08/16 17:12:13 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msyuv.dll

[2009/08/16 17:12:13 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll

[2009/08/16 17:12:13 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax

[2009/08/16 17:12:13 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax

[2009/08/16 17:12:13 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ccdecode.sys

[2009/08/16 17:12:13 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys

[2009/08/16 17:12:13 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys

[2009/08/16 17:12:13 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys

[2009/08/16 17:12:13 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\streamip.sys

[2009/08/16 17:12:13 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys

[2009/08/16 17:12:13 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax

[2009/08/16 17:12:13 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax

[2009/08/16 17:12:13 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys

[2009/08/16 17:12:13 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys

[2009/08/16 17:12:13 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\slip.sys

[2009/08/16 17:12:13 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys

[2009/08/16 17:12:13 | 00,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisip.sys

[2009/08/16 17:12:13 | 00,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys

[2009/08/16 17:12:12 | 01,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qedit.dll

[2009/08/16 17:12:12 | 01,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll

[2009/08/16 17:12:12 | 00,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll

[2009/08/16 17:12:12 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll

[2009/08/16 17:12:12 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll

[2009/08/16 17:12:12 | 00,130,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys

[2009/08/16 17:12:12 | 00,130,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ks.sys

[2009/08/16 17:12:12 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax

[2009/08/16 17:12:12 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax

[2009/08/16 17:12:12 | 00,048,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys

[2009/08/16 17:12:12 | 00,048,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stream.sys

[2009/08/16 17:12:12 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax

[2009/08/16 17:12:12 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys

[2009/08/16 17:12:12 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys

[2009/08/16 17:12:12 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstee.sys

[2009/08/16 17:12:12 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys

[2009/08/16 17:12:12 | 00,005,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys

[2009/08/16 17:12:12 | 00,005,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys

[2009/08/16 17:12:12 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys

[2009/08/16 17:12:12 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys

[2009/08/16 17:12:12 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll

[2009/08/16 17:12:12 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swenum.sys

[2009/08/16 17:12:12 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swenum.sys

[2009/08/16 17:12:11 | 01,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz.dll

[2009/08/16 17:12:11 | 01,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll

[2009/08/16 17:12:11 | 00,470,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll

[2009/08/16 17:12:11 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll

[2009/08/16 17:12:11 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll

[2009/08/16 17:12:11 | 00,316,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll

[2009/08/16 17:12:11 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcap.dll

[2009/08/16 17:12:11 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll

[2009/08/16 17:12:11 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax

[2009/08/16 17:12:11 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax

[2009/08/16 17:12:11 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll

[2009/08/16 17:12:11 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devenum.dll

[2009/08/16 17:12:11 | 00,083,456 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax

[2009/08/16 17:12:11 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll

[2009/08/16 17:12:11 | 00,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll

[2009/08/16 17:12:11 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll

[2009/08/16 17:12:11 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll

[2009/08/16 17:12:10 | 01,769,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll

[2009/08/16 17:12:10 | 01,703,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll

[2009/08/16 17:12:10 | 01,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll

[2009/08/16 17:12:10 | 01,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll

[2009/08/16 17:12:10 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe

[2009/08/16 17:12:10 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe

[2009/08/16 17:12:10 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll

[2009/08/16 17:12:10 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll

[2009/08/16 17:12:10 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll

[2009/08/16 17:12:10 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll

[2009/08/16 17:12:10 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll

[2009/08/16 17:12:10 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll

[2009/08/16 17:12:10 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll

[2009/08/16 17:12:10 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll

[2009/08/16 17:12:10 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll

[2009/08/16 17:12:10 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll

[2009/08/16 17:12:10 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll

[2009/08/16 17:12:10 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll

[2009/08/16 17:12:10 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll

[2009/08/16 17:12:10 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll

[2009/08/16 17:12:10 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll

[2009/08/16 17:12:10 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll

[2009/08/16 17:12:10 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll

[2009/08/16 17:12:10 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll

[2009/08/16 17:12:09 | 01,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll

[2009/08/16 17:12:09 | 01,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll

[2009/08/16 17:12:09 | 01,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll

[2009/08/16 17:12:09 | 01,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll

[2009/08/16 17:12:09 | 00,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll

[2009/08/16 17:12:09 | 00,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll

[2009/08/16 17:12:09 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll

[2009/08/16 17:12:09 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll

[2009/08/16 17:12:09 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll

[2009/08/16 17:12:09 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll

[2009/08/16 17:12:09 | 00,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll

[2009/08/16 17:12:09 | 00,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll

[2009/08/16 17:12:09 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll

[2009/08/16 17:12:09 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll

[2009/08/16 17:12:09 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll

[2009/08/16 17:12:09 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll

[2009/08/16 17:12:09 | 00,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll

[2009/08/16 17:12:09 | 00,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll

[2009/08/16 17:12:09 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll

[2009/08/16 17:12:09 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll

[2009/08/16 17:12:09 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll

[2009/08/16 17:12:09 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll

[2009/08/16 17:12:09 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll

[2009/08/16 17:12:09 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll

[2009/08/16 17:12:09 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe

[2009/08/16 17:12:09 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe

[2009/08/16 17:12:09 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll

[2009/08/16 17:12:09 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll

[2009/08/16 17:12:09 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll

[2009/08/16 17:12:09 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll

[2009/08/16 17:12:09 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll

[2009/08/16 17:12:09 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll

[2009/08/16 17:12:09 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe

[2009/08/16 17:12:09 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll

[2009/08/16 17:12:09 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll

[2009/08/16 17:12:09 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll

[2009/08/16 17:12:09 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe

[2009/08/16 17:12:09 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe

[2009/08/16 17:12:09 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll

[2009/08/16 17:12:09 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll

[2009/08/16 17:12:09 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll

[2009/08/16 17:12:09 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll

[2009/08/16 17:12:09 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe

[2009/08/16 17:12:09 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe

[2009/08/16 17:12:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll

[2009/08/16 17:12:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll

[2009/08/16 17:12:09 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll

[2009/08/16 17:12:09 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll

[2009/08/16 17:12:09 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll

[2009/08/16 17:12:09 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll

[2009/08/16 17:11:20 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2009/08/16 17:08:25 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav

[2009/08/16 17:08:25 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav

[2009/08/16 17:08:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2009/08/16 17:08:17 | 00,143,360 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll

[2009/08/16 17:07:05 | 00,077,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys

[2009/08/16 17:07:05 | 00,077,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys

[2009/08/16 17:07:05 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys

[2009/08/16 17:07:05 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys

[2009/08/16 17:07:04 | 00,050,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys

[2009/08/16 17:07:04 | 00,050,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys

[2009/08/16 17:07:03 | 00,142,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys

[2009/08/16 17:07:03 | 00,142,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys

[2009/08/16 17:07:03 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys

[2009/08/16 17:07:03 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys

[2009/08/16 17:07:01 | 00,159,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys

[2009/08/16 17:07:01 | 00,159,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys

[2009/08/16 17:07:01 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2009/08/16 17:07:00 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys

[2009/08/16 17:07:00 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys

[2009/08/16 17:07:00 | 00,002,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys

[2009/08/16 17:07:00 | 00,002,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys

[2009/08/16 17:06:48 | 00,085,120 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtnicxp.sys

[2009/08/16 17:06:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM

[2009/08/16 17:06:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS

[2009/08/16 17:06:37 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys

[2009/08/16 17:06:37 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys

[2009/08/16 17:06:35 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdmaud.drv

[2009/08/16 17:06:35 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll

[2009/08/16 17:06:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\InstallShield

[2009/08/16 17:06:30 | 00,086,016 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe

[2009/08/16 17:06:29 | 02,879,488 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe

[2009/08/16 17:06:28 | 01,183,744 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe

[2009/08/16 17:06:27 | 04,225,920 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys

[2009/08/16 17:06:27 | 00,282,624 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.Cpl

[2009/08/16 17:06:25 | 09,709,568 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe

[2009/08/16 17:06:18 | 16,270,848 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe

[2009/08/16 17:06:17 | 02,157,568 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe

[2009/08/16 17:06:14 | 00,069,632 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe

[2009/08/16 17:06:12 | 02,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe

[2009/08/16 17:06:12 | 00,299,008 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.Cpl

[2009/08/16 17:06:12 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Realtek

[2009/08/16 17:06:10 | 00,000,000 | -H-D | C] -- C:\Arquivos de programas\InstallShield Installation Information

[2009/08/16 17:06:07 | 00,499,712 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll

[2009/08/16 17:06:01 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\InstallShield

[2009/08/16 17:05:42 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe

[2009/08/16 17:05:24 | 00,061,440 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4436.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTRK.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTHA.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuSVE.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuRUS.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTG.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTB.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPLK.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNOR.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNLD.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuKOR.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuJPN.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuITA.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHUN.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHEB.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRC.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRA.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll

[2009/08/16 17:05:24 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDAN.dll

[2009/08/16 17:05:23 | 00,524,288 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll

[2009/08/16 17:05:23 | 00,114,688 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe

[2009/08/16 17:05:23 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCSY.dll

[2009/08/16 17:05:23 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll

[2009/08/16 17:05:23 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll

[2009/08/16 17:05:23 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll

[2009/08/16 17:05:23 | 00,040,960 | R--- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll

[2009/08/16 17:05:21 | 02,310,144 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll

[2009/08/16 17:05:21 | 00,147,456 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc

[2009/08/16 17:05:21 | 00,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc

[2009/08/16 17:05:21 | 00,094,208 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxext.exe

[2009/08/16 17:05:21 | 00,049,152 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll

[2009/08/16 17:05:21 | 00,040,960 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll

[2009/08/16 17:05:20 | 00,155,648 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc

[2009/08/16 17:05:20 | 00,151,552 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc

[2009/08/16 17:05:20 | 00,143,360 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc

[2009/08/16 17:05:20 | 00,143,360 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc

[2009/08/16 17:05:20 | 00,143,360 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc

[2009/08/16 17:05:20 | 00,143,360 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc

[2009/08/16 17:05:20 | 00,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc

[2009/08/16 17:05:20 | 00,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc

[2009/08/16 17:05:20 | 00,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc

[2009/08/16 17:05:20 | 00,126,976 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc

[2009/08/16 17:05:20 | 00,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc

[2009/08/16 17:05:19 | 00,155,648 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc

[2009/08/16 17:05:19 | 00,151,552 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc

[2009/08/16 17:05:19 | 00,151,552 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc

[2009/08/16 17:05:19 | 00,147,456 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc

[2009/08/16 17:05:19 | 00,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc

[2009/08/16 17:05:19 | 00,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc

[2009/08/16 17:05:19 | 00,135,168 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc

[2009/08/16 17:05:19 | 00,122,880 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc

[2009/08/16 17:05:19 | 00,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc

[2009/08/16 17:05:19 | 00,081,920 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc

[2009/08/16 17:05:19 | 00,081,920 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc

[2009/08/16 17:05:18 | 00,122,880 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc

[2009/08/16 17:05:18 | 00,118,784 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpers.exe

[2009/08/16 17:05:17 | 01,503,232 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll

[2009/08/16 17:05:17 | 00,135,168 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdev.dll

[2009/08/16 17:05:17 | 00,114,688 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe

[2009/08/16 17:05:17 | 00,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxtray.exe

[2009/08/16 17:05:17 | 00,086,016 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll

[2009/08/16 17:05:17 | 00,077,824 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hkcmd.exe

[2009/08/16 17:05:16 | 00,450,560 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe

[2009/08/16 17:05:16 | 00,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.exe

[2009/08/16 17:05:16 | 00,147,456 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll

[2009/08/16 17:05:16 | 00,077,824 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl

[2009/08/16 17:05:16 | 00,073,728 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll

[2009/08/16 17:05:16 | 00,058,704 | R--- | C] () -- C:\WINDOWS\System32\igxpxk32.vp

[2009/08/16 17:05:16 | 00,057,344 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll

[2009/08/16 17:05:16 | 00,025,920 | R--- | C] () -- C:\WINDOWS\System32\igxpxs32.vp

[2009/08/16 17:05:16 | 00,000,929 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.vp

[2009/08/16 17:05:15 | 00,524,850 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa

[2009/08/16 17:05:14 | 01,353,820 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\ialmnt5.sys

[2009/08/16 17:05:14 | 00,899,194 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll

[2009/08/16 17:05:14 | 00,214,746 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdev5.dll

[2009/08/16 17:05:14 | 00,119,419 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll

[2009/08/16 17:05:14 | 00,036,990 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll

[2009/08/16 17:03:58 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll

[2009/08/16 17:03:58 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll

[2009/08/16 17:03:57 | 00,135,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys

[2009/08/16 17:03:57 | 00,135,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys

[2009/08/16 17:03:57 | 00,051,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbhub.sys

[2009/08/16 17:03:57 | 00,051,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbhub.sys

[2009/08/16 17:03:57 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbehci.sys

[2009/08/16 17:03:55 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbuhci.sys

[2009/08/16 17:03:55 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys

[2009/08/16 17:03:47 | 00,086,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atapi.sys

[2009/08/16 17:03:47 | 00,086,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys

[2009/08/16 17:03:47 | 00,023,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys

[2009/08/16 17:03:47 | 00,023,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciidex.sys

[2009/08/16 17:03:47 | 00,003,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciide.sys

[2009/08/16 17:03:47 | 00,003,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciide.sys

[2009/08/16 17:03:42 | 00,036,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\isapnp.sys

[2009/08/16 17:03:42 | 00,036,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapnp.sys

[2009/08/16 17:03:40 | 00,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pci.sys

[2009/08/16 17:03:40 | 00,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pci.sys

[2009/08/16 17:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups

[2009/08/16 17:03:36 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Intel

[2009/08/16 16:55:54 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft

[2009/08/16 16:55:52 | 06,410,416 | -H-- | C] () -- C:\Documents and Settings\Home\Configurações locais\Dados de aplicativos\IconCache.db

[2009/08/16 16:54:58 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer

[2009/08/16 16:54:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Identities

[2009/08/16 16:54:51 | 00,000,000 | -H-D | C] -- C:\Arquivos de programas\Uninstall Information

[2009/08/16 16:54:50 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Home\Meus documentos\Minhas músicas

[2009/08/16 16:54:50 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Home\Meus documentos\Minhas imagens

[2009/08/16 16:54:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Configurações locais\Dados de aplicativos\Microsoft

[2009/08/16 16:54:46 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Home\Dados de aplicativos\Microsoft

[2009/08/16 16:45:40 | 00,000,000 | -HSD | C] -- C:\System Volume Information

[2009/08/16 16:45:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2009/08/16 16:36:04 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD

[2009/08/16 16:35:18 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2009/08/16 16:35:11 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime

[2009/08/16 16:35:11 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime

[2009/08/16 16:35:11 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime

[2009/08/16 16:35:11 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime

[2009/08/16 16:35:10 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime

[2009/08/16 16:35:10 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime

[2009/08/16 16:35:10 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll

[2009/08/16 16:35:10 | 00,031,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys

[2009/08/16 16:35:09 | 00,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll

[2009/08/16 16:35:09 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll

[2009/08/16 16:35:09 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll

[2009/08/16 16:35:09 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll

[2009/08/16 16:35:09 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll

[2009/08/16 16:35:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll

[2009/08/16 16:35:09 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll

[2009/08/16 16:35:08 | 00,426,042 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll

[2009/08/16 16:35:08 | 00,086,074 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll

[2009/08/16 16:35:08 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll

[2009/08/16 16:35:07 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll

[2009/08/16 16:35:07 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll

[2009/08/16 16:35:07 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime

[2009/08/16 16:35:07 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe

[2009/08/16 16:35:06 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe

[2009/08/16 16:35:06 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe

[2009/08/16 16:35:06 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll

[2009/08/16 16:35:06 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll

[2009/08/16 16:35:05 | 00,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime

[2009/08/16 16:35:05 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll

[2009/08/16 16:35:05 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys

[2009/08/16 16:35:05 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys

[2009/08/16 16:35:05 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys

[2009/08/16 16:35:04 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll

[2009/08/16 16:35:04 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll

[2009/08/16 16:35:04 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll

[2009/08/16 16:35:04 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll

[2009/08/16 16:35:03 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll

[2009/08/16 16:35:03 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll

[2009/08/16 16:35:02 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll

[2009/08/16 16:35:02 | 00,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll

[2009/08/16 16:35:02 | 00,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll

[2009/08/16 16:35:02 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll

[2009/08/16 16:35:02 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe

[2009/08/16 16:35:02 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll

[2009/08/16 16:35:02 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe

[2009/08/16 16:35:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll

[2009/08/16 16:35:02 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll

[2009/08/16 16:35:01 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll

[2009/08/16 16:35:01 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe

[2009/08/16 16:35:01 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll

[2009/08/16 16:35:01 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll

[2009/08/16 16:35:01 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll

[2009/08/16 16:35:01 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll

[2009/08/16 16:35:01 | 00,012,800 | ---- | C] (Microsoft Corporation

) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll

[2009/08/16 16:35:01 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll

[2009/08/16 16:35:01 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll

[2009/08/16 16:35:01 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll

[2009/08/16 16:35:00 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll

[2009/08/16 16:35:00 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll

[2009/08/16 16:35:00 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll

[2009/08/16 16:35:00 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll

[2009/08/16 16:35:00 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll

[2009/08/16 16:35:00 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll

[2009/08/16 16:35:00 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll

[2009/08/16 16:35:00 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll

[2009/08/16 16:35:00 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll

[2009/08/16 16:35:00 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll

[2009/08/16 16:35:00 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll

[2009/08/16 16:34:58 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll

[2009/08/16 16:34:58 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll

[2009/08/16 16:34:57 | 00,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2009/08/16 16:34:57 | 00,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2009/08/16 16:34:57 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll

[2009/08/16 16:34:57 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll

[2009/08/16 16:34:57 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll

[2009/08/16 16:34:57 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll

[2009/08/16 16:34:56 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime

[2009/08/16 16:34:56 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe

[2009/08/16 16:34:56 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe

[2009/08/16 16:34:56 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll

[2009/08/16 16:34:54 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime

[2009/08/16 16:34:54 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe

[2009/08/16 16:34:54 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe

[2009/08/16 16:34:54 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll

[2009/08/16 16:34:53 | 00,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime

[2009/08/16 16:34:53 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll

[2009/08/16 16:34:53 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe

[2009/08/16 16:34:53 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll

[2009/08/16 16:34:53 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll

[2009/08/16 16:34:53 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll

[2009/08/16 16:34:52 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll

[2009/08/16 16:34:52 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime

[2009/08/16 16:34:52 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll

[2009/08/16 16:34:52 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll

[2009/08/16 16:34:52 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll

[2009/08/16 16:34:52 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll

[2009/08/16 16:34:51 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll

[2009/08/16 16:34:51 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll

[2009/08/16 16:34:51 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll

[2009/08/16 16:34:50 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll

[2009/08/16 16:34:50 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll

[2009/08/16 16:34:49 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll

[2009/08/16 16:34:48 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll

[2009/08/16 16:34:47 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe

[2009/08/16 16:34:46 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe

[2009/08/16 16:34:45 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex

[2009/08/16 16:34:45 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll

[2009/08/16 16:34:43 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys

[2009/08/16 16:34:43 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe

[2009/08/16 16:34:42 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll

[2009/08/16 16:34:42 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll

[2009/08/16 16:34:42 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll

[2009/08/16 16:34:42 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll

[2009/08/16 16:34:42 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll

[2009/08/16 16:34:41 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll

[2009/08/16 16:34:41 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll

[2009/08/16 16:34:41 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll

[2009/08/16 16:34:41 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll

[2009/08/16 16:34:41 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll

[2009/08/16 16:34:40 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2009/08/16 16:34:40 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll

[2009/08/16 16:34:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll

[2009/08/16 16:34:39 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll

[2009/08/16 16:34:39 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll

[2009/08/16 16:34:39 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll

[2009/08/16 16:34:39 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll

[2009/08/16 16:34:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll

[2009/08/16 16:34:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll

[2009/08/16 16:34:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll

[2009/08/16 16:34:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll

[2009/08/16 16:34:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll

[2009/08/16 16:34:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll

[2009/08/16 16:34:38 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll

[2009/08/16 16:34:38 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll

[2009/08/16 16:34:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll

[2009/08/16 16:34:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll

[2009/08/16 16:34:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll

[2009/08/16 16:34:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll

[2009/08/16 16:34:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll

[2009/08/16 16:34:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll

[2009/08/16 16:34:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll

[2009/08/16 16:34:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll

[2009/08/16 16:34:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll

[2009/08/16 16:34:37 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll

[2009/08/16 16:34:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll

[2009/08/16 16:34:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll

[2009/08/16 16:34:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll

[2009/08/16 16:34:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll

[2009/08/16 16:34:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll

[2009/08/16 16:34:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll

[2009/08/16 16:34:37 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll

[2009/08/16 16:34:37 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll

[2009/08/16 16:34:37 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll

[2009/08/16 16:34:36 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll

[2009/08/16 16:34:36 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll

[2009/08/16 16:34:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll

[2009/08/16 16:34:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll

[2009/08/16 16:34:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll

[2009/08/16 16:34:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll

[2009/08/16 16:34:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll

[2009/08/16 16:34:35 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll

[2009/08/16 16:34:35 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll

[2009/08/16 16:34:35 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll

[2009/08/16 16:34:35 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll

[2009/08/16 16:34:35 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll

[2009/08/16 16:34:34 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll

[2009/08/16 16:34:34 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll

[2009/08/16 16:34:34 | 00,274,490 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll

[2009/08/16 16:34:34 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll

[2009/08/16 16:34:34 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe

[2009/08/16 16:34:34 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe

[2009/08/16 16:34:34 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe

[2009/08/16 16:34:33 | 00,307,258 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe

[2009/08/16 16:34:33 | 00,262,201 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe

[2009/08/16 16:34:33 | 00,233,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe

[2009/08/16 16:34:33 | 00,208,953 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe

[2009/08/16 16:34:33 | 00,196,666 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe

[2009/08/16 16:34:33 | 00,155,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe

[2009/08/16 16:34:33 | 00,081,977 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll

[2009/08/16 16:34:33 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe

[2009/08/16 16:34:33 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe

[2009/08/16 16:34:32 | 00,827,438 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll

[2009/08/16 16:34:32 | 00,716,857 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll

[2009/08/16 16:34:32 | 00,360,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll

[2009/08/16 16:34:32 | 00,340,013 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime

[2009/08/16 16:34:32 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe

[2009/08/16 16:34:32 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll

[2009/08/16 16:34:31 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2009/08/16 16:34:31 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll

[2009/08/16 16:34:31 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime

[2009/08/16 16:34:31 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll

[2009/08/16 16:34:31 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll

[2009/08/16 16:34:31 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe

[2009/08/16 16:34:31 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll

[2009/08/16 16:34:31 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe

[2009/08/16 16:34:31 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll

[2009/08/16 16:34:30 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll

[2009/08/16 16:34:30 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll

[2009/08/16 16:34:30 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll

[2009/08/16 16:34:30 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll

[2009/08/16 16:34:27 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll

[2009/08/16 16:34:22 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll

[2009/08/16 16:34:18 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll

[2009/08/16 16:34:18 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll

[2009/08/16 16:34:18 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll

[2009/08/16 16:34:18 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll

[2009/08/16 16:34:17 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2009/08/16 16:34:17 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll

[2009/08/16 16:34:17 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll

[2009/08/16 16:34:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll

[2009/08/16 16:34:16 | 00,559,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll

[2009/08/16 16:34:16 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll

[2009/08/16 16:34:16 | 00,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll

[2009/08/16 16:34:16 | 00,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe

[2009/08/16 16:34:16 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll

[2009/08/16 16:34:16 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll

[2009/08/16 16:34:16 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll

[2009/08/16 16:34:16 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll

[2009/08/16 16:34:16 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe

[2009/08/16 16:34:15 | 00,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll

[2009/08/16 16:34:15 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe

[2009/08/16 16:34:15 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll

[2009/08/16 16:34:15 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe

[2009/08/16 16:34:15 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll

[2009/08/16 16:34:15 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll

[2009/08/16 16:34:15 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll

[2009/08/16 16:34:15 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll

[2009/08/16 16:34:15 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll

[2009/08/16 16:34:15 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll

[2009/08/16 16:34:15 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll

[2009/08/16 16:34:15 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll

[2009/08/16 16:34:14 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll

[2009/08/16 16:34:14 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll

[2009/08/16 16:34:14 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll

[2009/08/16 16:34:14 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe

[2009/08/16 16:34:14 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll

[2009/08/16 16:34:14 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll

[2009/08/16 16:34:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll

[2009/08/16 16:34:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll

[2009/08/16 16:34:13 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll

[2009/08/16 16:34:13 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll

[2009/08/16 16:34:13 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe

[2009/08/16 16:34:13 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll

[2009/08/16 16:34:13 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe

[2009/08/16 16:34:13 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe

[2009/08/16 16:34:13 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll

[2009/08/16 16:34:13 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll

[2009/08/16 16:34:12 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll

[2009/08/16 16:34:12 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll

[2009/08/16 16:34:12 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll

[2009/08/16 16:34:12 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys

[2009/08/16 16:34:11 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll

[2009/08/16 16:34:09 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime

[2009/08/16 16:34:09 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe

[2009/08/16 16:34:08 | 00,057,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe

[2009/08/16 16:34:08 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll

[2009/08/16 16:34:08 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe

[2009/08/16 16:34:07 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe

[2009/08/16 16:34:07 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll

[2009/08/16 16:34:07 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll

[2009/08/16 16:34:06 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe

[2009/08/16 16:34:06 | 00,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll

[2009/08/16 16:34:06 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll

[2009/08/16 16:34:06 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll

[2009/08/16 16:34:06 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll

[2009/08/16 16:34:06 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime

[2009/08/16 16:34:05 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll

[2009/08/16 16:34:05 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll

[2009/08/16 16:34:05 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe

[2009/08/16 16:34:05 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe

[2009/08/16 16:34:05 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe

[2009/08/16 16:34:04 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime

[2009/08/16 16:34:04 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe

[2009/08/16 16:34:03 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll

[2009/08/16 16:34:03 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys

[2009/08/16 16:34:03 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll

[2009/08/16 16:34:03 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll

[2009/08/16 16:34:03 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll

[2009/08/16 16:34:02 | 00,344,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll

[2009/08/16 16:34:02 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll

[2009/08/16 16:34:02 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll

[2009/08/16 16:34:02 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll

[2009/08/16 16:34:02 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll

[2009/08/16 16:34:02 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll

[2009/08/16 16:34:01 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll

[2009/08/16 16:34:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll

[2009/08/16 16:34:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll

[2009/08/16 16:34:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll

[2009/08/16 16:34:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll

[2009/08/16 16:34:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll

[2009/08/16 16:34:01 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll

[2009/08/16 16:34:01 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll

[2009/08/16 16:34:00 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll

[2009/08/16 16:34:00 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll

[2009/08/16 16:34:00 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll

[2009/08/16 16:33:58 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe

[2009/08/16 16:33:58 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll

[2009/08/16 16:33:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll

[2009/08/16 16:33:57 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll

[2009/08/16 16:33:57 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll

[2009/08/16 16:33:57 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll

[2009/08/16 16:33:56 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll

[2009/08/16 16:33:56 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe

[2009/08/16 16:33:54 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx

[2009/08/16 16:33:53 | 00,810,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll

[2009/08/16 16:33:53 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll

[2009/08/16 16:33:53 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll

[2009/08/16 16:33:53 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll

[2009/08/16 16:33:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe

[2009/08/16 16:33:53 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll

[2009/08/16 16:33:53 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll

[2009/08/16 16:33:53 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe

[2009/08/16 16:33:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll

[2009/08/16 16:33:52 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll

[2009/08/16 16:33:52 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll

[2009/08/16 16:33:52 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll

[2009/08/16 16:33:52 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll

[2009/08/16 16:33:52 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe

[2009/08/16 16:33:52 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe

[2009/08/16 16:33:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll

[2009/08/16 16:33:51 | 00,872,557 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll

[2009/08/16 16:33:51 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe

[2009/08/16 16:33:51 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe

[2009/08/16 16:33:51 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll

[2009/08/16 16:33:51 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll

[2009/08/16 16:33:51 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll

[2009/08/16 16:33:51 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll

[2009/08/16 16:33:51 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe

[2009/08/16 16:33:50 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe

[2009/08/16 16:33:50 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll

[2009/08/16 16:33:50 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll

[2009/08/16 16:33:50 | 00,127,034 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll

[2009/08/16 16:33:50 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll

[2009/08/16 16:33:50 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll

[2009/08/16 16:33:50 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx

[2009/08/16 16:33:50 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll

[2009/08/16 16:33:49 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx

[2009/08/16 16:33:49 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll

[2009/08/16 16:33:49 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx

[2009/08/16 16:33:49 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll

[2009/08/16 16:33:49 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll

[2009/08/16 16:33:49 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe

[2009/08/16 16:33:49 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe

[2009/08/16 16:33:47 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll

[2009/08/16 16:33:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

[2009/08/16 16:33:46 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\xerox

[2009/08/16 16:33:46 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\microsoft frontpage

[2009/08/16 16:33:31 | 00,002,969 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT

[2009/08/16 16:33:31 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2009/08/16 16:33:31 | 00,000,000 | RHS- | C] () -- C:\IO.SYS

[2009/08/16 16:33:31 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS

[2009/08/16 16:33:31 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT

[2009/08/16 16:33:30 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml

[2009/08/16 16:33:29 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2009/08/16 16:33:29 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2009/08/16 16:33:28 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx

[2009/08/16 16:33:23 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT

[2009/08/16 16:33:20 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll

[2009/08/16 16:32:36 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2009/08/16 16:32:36 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2009/08/16 16:32:36 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files

[2009/08/16 16:32:36 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages

[2009/08/16 16:32:31 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest

[2009/08/16 16:32:31 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2009/08/16 16:32:31 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2009/08/16 16:32:31 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2009/08/16 16:32:31 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2009/08/16 16:32:31 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2009/08/16 16:32:19 | 00,106,562 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll

[2009/08/16 16:32:18 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex

[2009/08/16 16:32:18 | 03,346,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll

[2009/08/16 16:32:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX

[2009/08/16 16:31:49 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe

[2009/08/16 16:31:49 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll

[2009/08/16 16:31:49 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll

[2009/08/16 16:31:49 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll

[2009/08/16 16:31:47 | 00,352,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll

[2009/08/16 16:31:47 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe

[2009/08/16 16:31:47 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll

[2009/08/16 16:31:47 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll

[2009/08/16 16:31:47 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll

[2009/08/16 16:31:47 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll

[2009/08/16 16:31:47 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe

[2009/08/16 16:31:47 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll

[2009/08/16 16:31:47 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll

[2009/08/16 16:31:47 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll

[2009/08/16 16:31:47 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll

[2009/08/16 16:31:47 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll

[2009/08/16 16:31:47 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll

[2009/08/16 16:31:47 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll

[2009/08/16 16:31:46 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe

[2009/08/16 16:31:46 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll

[2009/08/16 16:31:45 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp

[2009/08/16 16:31:45 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp

[2009/08/16 16:31:39 | 00,118,784 | ---- | C] (Microsoft Corporation

) -- C:\WINDOWS\System32\msg723.acm

[2009/08/16 16:31:39 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe

[2009/08/16 16:31:39 | 00,032,768 | ---- | C] (Microsoft Corporation

) -- C:\WINDOWS\System32\mnmsrvc.exe

[2009/08/16 16:31:39 | 00,032,768 | ---- | C] (Microsoft Corporation

) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe

[2009/08/16 16:31:39 | 00,028,672 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll

[2009/08/16 16:31:39 | 00,028,672 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll

[2009/08/16 16:31:39 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll

[2009/08/16 16:31:39 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll

[2009/08/16 16:31:39 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf

[2009/08/16 16:31:38 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll

[2009/08/16 16:31:38 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe

[2009/08/16 16:31:38 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe

[2009/08/16 16:31:38 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe

[2009/08/16 16:31:37 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WABIMP.DLL

[2009/08/16 16:31:37 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll

[2009/08/16 16:31:37 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll

[2009/08/16 16:31:37 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WAB.EXE

[2009/08/16 16:31:37 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WABFIND.DLL

[2009/08/16 16:31:37 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WABMIG.EXE

[2009/08/16 16:31:37 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Serviços

[2009/08/16 16:31:36 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\DIRECTDB.DLL

[2009/08/16 16:31:36 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\INETRES.DLL

[2009/08/16 16:31:36 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\INETRES.DLL

[2009/08/16 16:31:34 | 02,520,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MSOERES.DLL

[2009/08/16 16:31:34 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\OEIMPORT.DLL

[2009/08/16 16:31:33 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll

[2009/08/16 16:31:33 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll

[2009/08/16 16:31:33 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll

[2009/08/16 16:31:33 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll

[2009/08/16 16:31:33 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll

[2009/08/16 16:31:33 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll

[2009/08/16 16:31:33 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll

[2009/08/16 16:31:33 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll

[2009/08/16 16:31:33 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\OEMIG50.EXE

[2009/08/16 16:31:33 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\OEMIGLIB.DLL

[2009/08/16 16:31:33 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll

[2009/08/16 16:31:33 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll

[2009/08/16 16:31:33 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks

[2009/08/16 16:31:32 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll

[2009/08/16 16:31:32 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll

[2009/08/16 16:31:32 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll

[2009/08/16 16:31:32 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll

[2009/08/16 16:31:32 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe

[2009/08/16 16:31:32 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll

[2009/08/16 16:31:31 | 00,557,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll

[2009/08/16 16:31:31 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll

[2009/08/16 16:31:31 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll

[2009/08/16 16:31:31 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe

[2009/08/16 16:31:31 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe

[2009/08/16 16:31:31 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll

[2009/08/16 16:31:31 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll

[2009/08/16 16:31:31 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe

[2009/08/16 16:31:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe

[2009/08/16 16:31:31 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\MSSoap

[2009/08/16 16:31:30 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll

[2009/08/16 16:31:30 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll

[2009/08/16 16:31:30 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll

[2009/08/16 16:31:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll

[2009/08/16 16:31:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll

[2009/08/16 16:31:30 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll

[2009/08/16 16:31:29 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx

[2009/08/16 16:31:29 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll

[2009/08/16 16:31:29 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll

[2009/08/16 16:31:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll

[2009/08/16 16:31:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll

[2009/08/16 16:31:27 | 00,798,782 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll

[2009/08/16 16:31:26 | 00,851,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.DLL

[2009/08/16 16:31:26 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll

[2009/08/16 16:31:26 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe

[2009/08/16 16:31:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed

[2009/08/16 16:31:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst

[2009/08/16 16:31:25 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe

[2009/08/16 16:31:25 | 00,360,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll

[2009/08/16 16:31:25 | 00,327,743 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll

[2009/08/16 16:31:25 | 00,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe

[2009/08/16 16:31:25 | 00,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll

[2009/08/16 16:31:25 | 00,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll

[2009/08/16 16:31:24 | 00,806,969 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe

[2009/08/16 16:31:24 | 00,537,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll

[2009/08/16 16:31:24 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll

[2009/08/16 16:31:24 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe

[2009/08/16 16:31:24 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Movie Maker

[2009/08/16 16:31:23 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll

[2009/08/16 16:31:23 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll

[2009/08/16 16:31:21 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe

[2009/08/16 16:31:20 | 00,742,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe

[2009/08/16 16:31:20 | 00,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe

[2009/08/16 16:31:20 | 00,373,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe

[2009/08/16 16:31:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\PCHealth

[2009/08/16 16:31:19 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll

[2009/08/16 16:31:19 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll

[2009/08/16 16:31:19 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll

[2009/08/16 16:31:19 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv

[2009/08/16 16:31:19 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll

[2009/08/16 16:31:19 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll

[2009/08/16 16:31:19 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll

[2009/08/16 16:31:19 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll

[2009/08/16 16:31:19 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll

[2009/08/16 16:31:19 | 00,069,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys

[2009/08/16 16:31:19 | 00,069,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys

[2009/08/16 16:31:19 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll

[2009/08/16 16:31:19 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll

[2009/08/16 16:31:19 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll

[2009/08/16 16:31:19 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll

[2009/08/16 16:31:19 | 00,008,223 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll

[2009/08/16 16:31:19 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe

[2009/08/16 16:31:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore

[2009/08/16 16:31:18 | 00,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll

[2009/08/16 16:31:18 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll

[2009/08/16 16:31:18 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll

[2009/08/16 16:31:18 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll

[2009/08/16 16:31:18 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll

[2009/08/16 16:31:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll

[2009/08/16 16:31:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll

[2009/08/16 16:31:18 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll

[2009/08/16 16:31:17 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll

[2009/08/16 16:31:17 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll

[2009/08/16 16:31:17 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll

[2009/08/16 16:31:17 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll

[2009/08/16 16:31:17 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll

[2009/08/16 16:31:17 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll

[2009/08/16 16:31:17 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll

[2009/08/16 16:31:17 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll

[2009/08/16 16:31:17 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll

[2009/08/16 16:31:17 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll

[2009/08/16 16:31:16 | 01,003,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe

[2009/08/16 16:31:16 | 00,465,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WAB32.DLL

[2009/08/16 16:31:16 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSOEACCT.DLL

[2009/08/16 16:31:16 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MSOEACCT.DLL

[2009/08/16 16:31:16 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSOERT2.DLL

[2009/08/16 16:31:16 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MSOERT2.DLL

[2009/08/16 16:31:16 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\NetMeeting

[2009/08/16 16:31:15 | 00,596,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\INETCOMM.DLL

[2009/08/16 16:31:15 | 00,596,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\INETCOMM.DLL

[2009/08/16 16:31:15 | 00,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll

[2009/08/16 16:31:15 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MSIMN.EXE

[2009/08/16 16:31:14 | 01,176,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MSOE.DLL

[2009/08/16 16:31:14 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll

[2009/08/16 16:31:14 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll

[2009/08/16 16:31:14 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll

[2009/08/16 16:31:14 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll

[2009/08/16 16:31:14 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe

[2009/08/16 16:31:14 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe

[2009/08/16 16:31:14 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe

[2009/08/16 16:31:14 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Outlook Express

[2009/08/16 16:31:12 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe

[2009/08/16 16:31:11 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll

[2009/08/16 16:31:11 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll

[2009/08/16 16:31:11 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll

[2009/08/16 16:31:11 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll

[2009/08/16 16:31:10 | 00,303,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll

[2009/08/16 16:31:10 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll

[2009/08/16 16:31:10 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll

[2009/08/16 16:31:10 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll

[2009/08/16 16:31:10 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll

[2009/08/16 16:31:10 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll

[2009/08/16 16:31:10 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb

[2009/08/16 16:31:10 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll

[2009/08/16 16:31:10 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll

[2009/08/16 16:31:10 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll

[2009/08/16 16:31:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll

[2009/08/16 16:31:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll

[2009/08/16 16:31:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll

[2009/08/16 16:31:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll

[2009/08/16 16:31:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll

[2009/08/16 16:31:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll

[2009/08/16 16:31:09 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll

[2009/08/16 16:31:09 | 00,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll

[2009/08/16 16:31:09 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll

[2009/08/16 16:31:09 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll

[2009/08/16 16:31:09 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll

[2009/08/16 16:31:09 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll

[2009/08/16 16:31:09 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb

[2009/08/16 16:31:09 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb

[2009/08/16 16:31:09 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb

[2009/08/16 16:31:09 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll

[2009/08/16 16:31:09 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll

[2009/08/16 16:31:09 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll

[2009/08/16 16:31:08 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll

[2009/08/16 16:31:08 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe

[2009/08/16 16:31:08 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll

[2009/08/16 16:31:08 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Internet Explorer

[2009/08/16 16:31:08 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\System

[2009/08/16 16:31:07 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Minhas músicas

[2009/08/16 16:31:07 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Minhas imagens

[2009/08/16 16:30:49 | 00,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009/08/16 16:30:41 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\ComPlus Applications

[2009/08/16 16:30:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration

[2009/08/16 16:30:31 | 00,000,000 | -H-D | C] -- C:\Arquivos de programas\WindowsUpdate

[2009/08/16 16:30:31 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Media Player

[2009/08/16 16:30:31 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Serviços on-line

[2009/08/16 16:30:25 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Messenger

[2009/08/16 16:30:24 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe

[2009/08/16 16:30:23 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll

[2009/08/16 16:30:23 | 00,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll

[2009/08/16 16:30:23 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll

[2009/08/16 16:30:23 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll

[2009/08/16 16:30:23 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll

[2009/08/16 16:30:23 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe

[2009/08/16 16:30:23 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe

[2009/08/16 16:30:23 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll

[2009/08/16 16:30:22 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll

[2009/08/16 16:30:22 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll

[2009/08/16 16:30:22 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll

[2009/08/16 16:30:22 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll

[2009/08/16 16:30:22 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe

[2009/08/16 16:30:22 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe

[2009/08/16 16:30:22 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll

[2009/08/16 16:30:22 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll

[2009/08/16 16:30:22 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll

[2009/08/16 16:30:22 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll

[2009/08/16 16:30:21 | 01,042,003 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll

[2009/08/16 16:30:21 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll

[2009/08/16 16:30:21 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll

[2009/08/16 16:30:21 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe

[2009/08/16 16:30:21 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll

[2009/08/16 16:30:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe

[2009/08/16 16:30:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe

[2009/08/16 16:30:21 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\MSN Gaming Zone

[2009/08/16 16:30:17 | 00,275,456 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe

[2009/08/16 16:30:12 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe

[2009/08/16 16:30:12 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe

[2009/08/16 16:30:12 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl

[2009/08/16 16:30:12 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl

[2009/08/16 16:30:11 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll

[2009/08/16 16:30:11 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll

[2009/08/16 16:30:11 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe

[2009/08/16 16:30:11 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe

[2009/08/16 16:30:11 | 00,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe

[2009/08/16 16:30:11 | 00,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe

[2009/08/16 16:30:11 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll

[2009/08/16 16:30:11 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll

[2009/08/16 16:30:11 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll

[2009/08/16 16:30:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll

[2009/08/16 16:30:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll

[2009/08/16 16:30:11 | 00,013,312

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! RAT_GTR

 

<@> Baixe: < LopS&D >

<@> Salve-o no Disco Local-C!

<@> Instale o programa e clique em: LopSD.cmd

<@> Na janela que abrir,aperte o "p" --> Aperte Enter.

 

Lop_Choix-large.jpg

 

<@> Em outra janela,aperte a opção: 3 - Fix - Hosts --> Aperte Enter --> Aguarde!

 

Lop_Lang_en-large.jpg

 

<@> Ps: Fique atento às notificações de seu antivírus,enviando os ficheiros detectados,para a quarentena.

<@> Terminando,salve e poste o relatório. ( C:\Lop SD\LopR_1.txt )

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

RAT_GTR    0

RAT_GTR
Postado

Boa Tarde DigRam!

 

Seguem os logs.

 

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

 

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 1

X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.06GHz )

BIOS : Award Modular BIOS v6.00PG

USER : Home ( Administrator )

BOOT : Normal boot

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:53 Go (Free:43 Go)

D:\ (Local Disk) - NTFS - Total:10 Go (Free:2 Go)

E:\ (Local Disk) - NTFS - Total:10 Go (Free:4 Go)

F:\ (USB)

G:\ (USB)

H:\ (USB)

I:\ (USB)

J:\ (CD or DVD)

 

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [3] ( --- 21/08/2009|15:14 )

 

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ REMOVIDOS

 

Falha ! - C:\Arquivos de programas\Orbitdownloader\addons

Deletado! - C:\Arquivos de programas\Orbitdownloader\banurl.ini

Deletado! - C:\Arquivos de programas\Orbitdownloader\changelog.txt

Deletado! - C:\Arquivos de programas\Orbitdownloader\download.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\Grab.exe

Deletado! - C:\Arquivos de programas\Orbitdownloader\GrabDll.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\GrabKernel.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\idht.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\Lang.ini

Deletado! - C:\Arquivos de programas\Orbitdownloader\language

Deletado! - C:\Arquivos de programas\Orbitdownloader\libeay32.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

Deletado! - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\orbitnet.exe

Deletado! - C:\Arquivos de programas\Orbitdownloader\saction.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\siteinfo.ini

Deletado! - C:\Arquivos de programas\Orbitdownloader\ssleay32.dll

Deletado! - C:\Arquivos de programas\Orbitdownloader\unins000.dat

Deletado! - C:\Arquivos de programas\Orbitdownloader\unins000.exe

Deletado! - C:\Arquivos de programas\Orbitdownloader\update

Deletado! - C:\Arquivos de programas\Orbitdownloader\winfile.dll

Falha ! - C:\Arquivos de programas\Orbitdownloader

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SEGUNDO PASSO

 

Falha ! - C:\Arquivos de programas\Orbitdownloader\addons

Falha ! - C:\Arquivos de programas\Orbitdownloader

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

--------------------\\ Lista de pastas em DADOSD~1

 

[18/08/2009|16:41] C:\DOCUME~1\ADMINI~1\DADOSD~1\Microsoft

 

[16/08/2009|18:05] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Avira

[20/08/2009|15:26] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Malwarebytes

[16/08/2009|16:33] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Microsoft

[20/08/2009|14:58] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Spybot - Search & Destroy

[17/08/2009|15:47] C:\DOCUME~1\ALLUSE~1\DADOSD~1\TEMP

[18/08/2009|15:28] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Windows Genuine Advantage

 

[16/08/2009|16:33] C:\DOCUME~1\DEFAUL~1\DADOSD~1\Microsoft

 

[16/08/2009|21:52] C:\DOCUME~1\Home\DADOSD~1\Adobe

[18/08/2009|21:29] C:\DOCUME~1\Home\DADOSD~1\GrabPro

[16/08/2009|16:54] C:\DOCUME~1\Home\DADOSD~1\Identities

[16/08/2009|17:06] C:\DOCUME~1\Home\DADOSD~1\InstallShield

[16/08/2009|21:52] C:\DOCUME~1\Home\DADOSD~1\Macromedia

[20/08/2009|15:26] C:\DOCUME~1\Home\DADOSD~1\Malwarebytes

[17/08/2009|17:24] C:\DOCUME~1\Home\DADOSD~1\Microsoft

[17/08/2009|17:21] C:\DOCUME~1\Home\DADOSD~1\Microsoft Web Folders

[16/08/2009|18:10] C:\DOCUME~1\Home\DADOSD~1\Mozilla

[20/08/2009|18:55] C:\DOCUME~1\Home\DADOSD~1\Orbit

[18/08/2009|14:17] C:\DOCUME~1\Home\DADOSD~1\Sun

 

[17/08/2009|20:27] C:\DOCUME~1\LOCALS~1\DADOSD~1\Microsoft

 

[16/08/2009|16:33] C:\DOCUME~1\NETWOR~1\DADOSD~1\Microsoft

 

--------------------\\ Tarefas Agendadas na pasta C:\WINDOWS\Tasks

 

[21/08/2009 15:04][--ah-----] C:\WINDOWS\tasks\SA.DAT

[28/10/2001 09:07][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

--------------------\\ Lista de pastas em C:\Arquivos de programas

 

[18/08/2009|14:53] C:\Arquivos de programas\Arquivos comuns

[16/08/2009|18:05] C:\Arquivos de programas\Avira

[16/08/2009|18:14] C:\Arquivos de programas\CCleaner

[16/08/2009|16:30] C:\Arquivos de programas\ComPlus Applications

[17/08/2009|15:17] C:\Arquivos de programas\Gigabyte

[16/08/2009|17:22] C:\Arquivos de programas\InstallShield Installation Information

[16/08/2009|17:03] C:\Arquivos de programas\Intel

[16/08/2009|16:32] C:\Arquivos de programas\Internet Explorer

[18/08/2009|14:25] C:\Arquivos de programas\Java

[20/08/2009|15:26] C:\Arquivos de programas\Malwarebytes' Anti-Malware

[18/08/2009|15:22] C:\Arquivos de programas\Messenger

[17/08/2009|17:21] C:\Arquivos de programas\microsoft frontpage

[17/08/2009|17:21] C:\Arquivos de programas\Microsoft Office

[17/08/2009|17:23] C:\Arquivos de programas\Microsoft Visual Studio

[16/08/2009|16:32] C:\Arquivos de programas\Movie Maker

[21/08/2009|15:10] C:\Arquivos de programas\Mozilla Firefox

[16/08/2009|16:30] C:\Arquivos de programas\MSN

[16/08/2009|16:30] C:\Arquivos de programas\MSN Gaming Zone

[16/08/2009|16:31] C:\Arquivos de programas\NetMeeting

[21/08/2009|15:15] C:\Arquivos de programas\Orbitdownloader

[18/08/2009|15:24] C:\Arquivos de programas\Outlook Express

[16/08/2009|17:06] C:\Arquivos de programas\Realtek

[16/08/2009|16:30] C:\Arquivos de programas\Servi‡os on-line

[17/08/2009|20:44] C:\Arquivos de programas\Spybot - Search & Destroy

[16/08/2009|16:54] C:\Arquivos de programas\Uninstall Information

[18/08/2009|15:32] C:\Arquivos de programas\Windows Media Player

[16/08/2009|16:30] C:\Arquivos de programas\Windows NT

[16/08/2009|17:36] C:\Arquivos de programas\WindowsUpdate

[16/08/2009|16:33] C:\Arquivos de programas\xerox

 

--------------------\\ Lista de pastas em C:\Arquivos de programas\Arquivos comuns

 

[17/08/2009|17:23] C:\Arquivos de programas\Arquivos comuns\Designer

[16/08/2009|17:06] C:\Arquivos de programas\Arquivos comuns\InstallShield

[17/08/2009|17:23] C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

[16/08/2009|16:31] C:\Arquivos de programas\Arquivos comuns\MSSoap

[16/08/2009|16:16] C:\Arquivos de programas\Arquivos comuns\ODBC

[16/08/2009|16:31] C:\Arquivos de programas\Arquivos comuns\Servi‡os

[16/08/2009|16:16] C:\Arquivos de programas\Arquivos comuns\SpeechEngines

[18/08/2009|15:24] C:\Arquivos de programas\Arquivos comuns\System

[18/08/2009|14:53] C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

 

--------------------\\ Process

 

( 27 Processes )

 

... OK !

 

--------------------\\ Procura pelo S_Lop

 

Não foram encontradas pastas com o Lop!

 

--------------------\\ Procura por Arquivos/Ficheiros e pastas do Lop

 

C:\Arquivos de programas\Orbitdownloader

C:\Arquivos de programas\Orbitdownloader\addons

 

--------------------\\ Procura no Registro

 

..... OK !

 

--------------------\\ Verificando o Arquivos/Ficheiros Hosts

 

Arquivos/Ficheiros Hosts LIMPO

 

 

--------------------\\ Procurando Arquivos/Ficheiros ocultos com o Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-08-21 15:15:31

Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

 

--------------------\\ Procurando por outras infecções

 

 

Não foram encontradas outras infecções.

 

[F:44][D:55]-> C:\DOCUME~1\Home\CONFIG~1\Temp

[F:2][D:0]-> C:\DOCUME~1\Home\Cookies

[F:15][D:4]-> C:\DOCUME~1\Home\CONFIG~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - --- 21/08/2009|15:16 - Option : [3]

===================================================================================================

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:19:57, on 21/8/2009

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\WgaTray.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Hijack\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll (file missing)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll (file missing)

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 4501 bytes

===================================================================

Abraço!

Compartilhar este post

Link para o post
Compartilhar em outros sites

RAT_GTR    0

RAT_GTR
Postado

Desculpem, mas o post saiu duplicado, não consigo apagar.

 

Abraço.

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Tarde! RAT_GTR

 

<!> Abra o HijackThis --> Clique: Do a system scan only

 

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll (file missing)

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll (file missing)

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

<@> Marque,àcima,estas entradas! --> Clique: Fix checked --> Sim!

<><><><><><><><><><

<@> Execute o OTL.exe.

<@> Copie estas informações que estão no QUOTE,para o campo clipboard da ferramenta. ( Custom Scans/Fixes )

 

:Processes

explorer.exe

:OTLI

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

:Services

Secdrv

:Reg

:Files

C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll

C:\Arquivos de programas\Orbitdownloader\addons

C:\Arquivos de programas\Orbitdownloader

:Commands

[purity]

[emptytemp]

[start explorer]

[Reboot]

<@> Clique no botão Run Fix --> Aguarde a conclusão!

<@> Terminando,vá até a pasta: C:\_OTL\MovedFiles\*.log <-- Poste!

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

RAT_GTR    0

RAT_GTR
Postado

Boa Noite DigRam!

 

Feito! Abaixo estão os dois logs.

 

All processes killed

========== PROCESSES ==========

No active process named explorer.exe was found!

Error: Unable to interpret <:OTLI> in the current context!

Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm> in the current context!

========== SERVICES/DRIVERS ==========

 

Service\Driver Secdrv deleted successfully.

========== REGISTRY ==========

========== FILES ==========

File\Folder C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll not found.

C:\Arquivos de programas\Orbitdownloader\addons\orbitff\chrome moved successfully.

C:\Arquivos de programas\Orbitdownloader\addons\orbitff moved successfully.

C:\Arquivos de programas\Orbitdownloader\addons moved successfully.

C:\Arquivos de programas\Orbitdownloader moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrador

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Home

->Temp folder emptied: 10453811 bytes

File delete failed. C:\Documents and Settings\Home\Configurações locais\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

->Temporary Internet Files folder emptied: 33722 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 89761551 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 315912 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 402 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 1100105 bytes

%systemroot%\System32 .tmp files removed: 2969 bytes

Windows Temp folder emptied: 246243 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 97,26 mb

 

 

OTL by OldTimer - Version 3.0.10.7 log created on 08212009_194836

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

========================================================================

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:57:09, on 21/8/2009

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\WgaTray.exe

C:\WINDOWS\notepad.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Hijack\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 3664 bytes

=====================================================================

Quando fiz a parte do Fix no HT, deu algo como "HT is about to remove a BHO and the corresponding file from your system. Close all internet explorer windows AND all windows explorer windows before continuing for the best chance of success." Apenas dei "ok".

Devo dizer que, pelo menos por enquanto, a Internet melhorou consideravelmente, os travamentos diminuíram.

 

Obrigado e abraço!

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! RAT_GTR

 

<@> Baixe: < thumb_ccleaner.png > CCleaner

<@> Salve-o no Desktop!

<@> Com a opção < Limpador >,já selecionada,clique em Analisar. --> Aguarde o progresso!

<@> Terminando,clique em Executar Cleaner.

<@> Na janela que surgir,dê o Ok. --> Aguarde o progresso!

<@> Selecionando a opção Registro,clique em Procurar erros.

<@> Terminando,clique em Corrigir erros selecionados...

<@> Na pergunta,clique em Sim!

<@> Nomeie os backups e clique em Salvar.

<@> Por alguns dias,estando tudo Ok,poderá deletar esse arquivo backup. ( .reg )

<@> Na janela que aparecer,clique em: "Corrigir todos os erros selecionados"

<@> Clique em Ok --> Fechar.

<@> Para maiores detalhes,leia o Tutorial: < Link >

<><><><><><><><><><>

<@> Faça um escaneamento de desinfecção,em: < BitDefender >

<@> Ps: Utilize o navegador Internet Explorer!

<@> Abrirá a página: < BitDefender OnLine Scanner >

 

<@> Clique em: < agree2.gif >

 

<@> Aguarde e aceite a instalação do ActiveX,para que possa ocorrer o scan.

<@> Terminando,poste o relatório: C:\Windows\BDOSCAN8\bdoscan.log <--

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

RAT_GTR    0

RAT_GTR
Postado

Bom Dia DigRam!

 

Fiz a limpeza com o Ccleaner, sempre uso esse programa.

O BitDefender pediu para instalar o ActiveX, permiti, atualizou programa só que a atualização do database de vírus parou em 10% e não progredia, fiz novamente e parou em 13%, não consegue passar disso.

Outra coisa que não mencionei antes, algumas [raras] vezes a barra de tarefas fica cinza, no estilo do Windows 98.

A internet melhorou, travamentos diminuíram.

Devo fazer algum scan no Kaspersky online ou outro procedimento similar?

 

Obrigado pela paciência, abraço!

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Bom Dia! RAT_GTR

 

<@> Faça um escaneamento,online,em: < Eset Nod32 >

<@> Utilize o navegador Internet Explorer.

<@> Marque a caixa: "SIM,aceito as condições de uso" --> Iniciar.

<@> Marque a caixa: "YES, I accept the Terms of Use" --> Start.

<@> Aceite a instalação do ActiveX e,ao terminar,salve e poste o relatório. ( C:\Arquivos de programas\EsetOnlineScanner\log )

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

RAT_GTR    0

RAT_GTR
Postado

Boa Noite DigRam!

 

Demorei um pouco mas fiz o procedimento acima descrito, segue o log.

 

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=6

# iexplore.exe=6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

# OnlineScanner.ocx=1.0.0.6048

# api_version=3.0.2

# EOSSerial=d82639e18a8fc9449d6348fed9eaa205

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2009-08-24 09:59:35

# local_time=2009-08-24 06:59:35 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1046

# osver=5.1.2600 NT Service Pack 2

# compatibility_mode=1797 21 100 100 154766093750

# compatibility_mode=3073 61 80 88 990702031250

# scanned=68464

# found=2

# cleaned=2

# scan_time=2367

C:\WINDOWS\system32\winvalidate.exe provavelmente uma variante de Win32/Injector.QJ cavalo de Tróia (limpo por exclusão - em quarentena) 00000000000000000000000000000000 C

D:\Shared\Everest Poker.exe uma variante de Win32/Adware.Casino aplicativo (limpo por exclusão - em quarentena) 00000000000000000000000000000000 C

====================================================================

Apesar de jogar [mal] poker(mas não no PC), não lembro de ter baixado esse arquivo e muito menos o outro que estava no system32.

 

De qualquer forma, baixei o SP2 do Windows, instalei o Comodo (agora me sinto bem, hehehe) e o PC está praticamente perfeito.

Ainda há algum procedimento a ser feito?

 

Obrigado e abraço! :thumbsup:

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! RAT_GTR

 

De qualquer forma, baixei o SP2 do Windows, instalei o Comodo (agora me sinto bem, hehehe) e o PC está praticamente perfeito.

Ainda há algum procedimento a ser feito?

<!> Pouca coisa!

<><><><><><><><><><><>

<@> Baixe: < DnsDisabled.zip >

 

<!> < Link-2 >

 

<@> Salve-o em C:\ ou desktop.

<@> Retire-o do zip e execute-o com um duplo-clique. --> Confirme!

<><><><><><><><><><><>

<@> Abra o OTL --> Clique em CleanUp --> Aguarde!

<><><><><><><><><><><>

<@> Estando tudo Ok,crie um ponto limpo na Restauração do Sistema.

<@> Clique com o direito do mouse,em cima de Meu Computador --> Propriedades --> Restauração do Sistema.

<@> Marque: Desativar Restauração do Sistema --> Aplicar --> Aguarde! --> Ok.

<@> Depois,desmarque novamente! --> Aplicar --> Aguarde! --> Ok.

<@> Para maiores detalhes,leia o Tutorial: < Link >

<><><><><><><><><><><>

<!> Seu log está limpo!

<!> Bom trabalho!

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

RAT_GTR    0

RAT_GTR
Postado

Boa Tarde DigRam!

 

Tudo certinho, o PC está normal (exceto pelo Anti-vírus que decidiu não atualizar, mas isso eu resolvo).

 

Obrigado por tudo, mesmo. Tudo isso certamente toma parte do seu tempo, mesmo assim você e os demais profissionais são extremamente prestativos e formam um modelo de usuário que deveria ser seguido por todos, os meios "virtuais" seriam natural e indubitavelmente mais agradáveis. :thumbsup:

Enfim, agradeço pelo seu esforço em fazer me PC voltar ao normal (conseguiu!) e espero que em algum dia eu possa retribuir essa ajuda.

 

Obrigado, abraço!

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito