[Arquivado] PC travando

esdrasyave · Setembro 14, 2009

Ajudem ai please. Já fiz o log do Hjack e Combofix.

ComboFix 09-08-10.06 - lan-04 14/09/2009 15:38.12.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.510.136 [GMT -3:00]

Executando de: c:\documents and settings\lan-04\Desktop\ComboFix.exe

AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FW: Firewall pessoal do ESET *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

.

- MODO DE FUNCIONALIDADE REDUZIDA -

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-08-14 to 2009-09-14 ))))))))))))))))))))))))))))

.

2009-09-13 01:12 . 2009-09-13 01:12 -------- d-----w- C:\1169e70e494ec216297c

2009-09-10 09:52 . 2009-09-03 14:53 30912 ----a-w- c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll

2009-09-10 09:52 . 2009-09-03 14:53 22848 ----a-w- c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe

2009-09-10 09:52 . 2009-09-03 14:53 19792 ----a-w- c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe

2009-09-09 23:34 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll

2009-09-03 03:12 . 2009-09-03 03:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DAEMON Tools Lite

2009-09-03 03:10 . 2009-09-03 03:12 -------- d-----w- c:\arquivos de programas\DAEMON Tools Toolbar

2009-09-03 03:09 . 2009-09-03 03:12 -------- d-----w- c:\arquivos de programas\DAEMON Tools Lite

2009-09-02 21:09 . 2009-09-02 21:09 721904 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-09-02 21:08 . 2009-09-03 03:14 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\DAEMON Tools Lite

2009-08-27 03:12 . 2009-08-27 03:12 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\ESET

2009-08-26 21:39 . 2009-08-26 21:39 -------- d-----w- c:\windows\system32\wbem\Repository

2009-08-25 21:48 . 2009-08-25 21:49 -------- d-----w- c:\arquivos de programas\MIDI-TO-MP3 1.2

2009-08-25 21:34 . 2009-08-25 21:35 163657 ----a-w- c:\windows\Wave@MP3 Uninstaller.exe

2009-08-25 21:34 . 2009-08-25 21:34 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\River Past G5

2009-08-25 21:34 . 2009-08-25 21:34 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\River Past G5

2009-08-25 21:34 . 2009-08-25 21:34 -------- d-----w- c:\arquivos de programas\Arquivos comuns\River Past

2009-08-25 21:34 . 2009-08-25 21:34 -------- d-----w- c:\arquivos de programas\River Past

2009-08-24 23:27 . 2009-08-24 23:27 -------- d-----w- c:\arquivos de programas\Lavalys

2009-08-18 21:32 . 2007-04-03 01:13 21632 ----a-w- c:\windows\system32\drivers\motmodem.sys

2009-08-18 21:32 . 2006-11-13 18:45 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll

2009-08-18 21:19 . 2009-09-13 01:19 1024 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\BVRP Software\mobile PhoneTools\faxres.cmd

2009-08-18 21:15 . 2009-08-18 21:15 -------- d-----w- c:\arquivos de programas\Software WIDCOMM

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-14 18:36 . 2009-04-11 19:12 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\BitTorrent

2009-09-14 18:25 . 2009-03-14 04:09 1580939296 -csha-w- c:\windows\system32\drivers\fidbox.dat

2009-09-14 18:11 . 2009-04-11 19:12 -------- d-----w- c:\arquivos de programas\BitTorrent

2009-09-14 11:32 . 2009-03-14 04:09 18370280 -csha-w- c:\windows\system32\drivers\fidbox.idx

2009-09-14 09:44 . 2009-03-03 23:12 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\SolidDocuments

2009-09-13 23:52 . 2009-04-01 15:31 -------- d-----w- c:\windows\system32\config\systemprofile\Dados de aplicativos\SolidDocuments

2009-09-13 20:07 . 2008-07-27 13:19 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\Orbit

2009-09-13 01:55 . 2009-04-30 19:11 -------- d-----w- c:\arquivos de programas\PhotoScape

2009-09-10 09:53 . 2009-01-11 14:45 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NOS

2009-09-10 08:50 . 2009-01-07 14:15 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight

2009-09-08 22:51 . 2009-03-21 00:59 -------- d-----w- c:\arquivos de programas\Foxit Software

2009-09-06 17:25 . 2008-07-10 20:54 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\Image Zone Express

2009-08-27 03:05 . 2009-08-03 23:25 -------- d-----w- c:\arquivos de programas\ESET

2009-08-18 00:23 . 2008-06-21 13:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\WLInstaller

2009-08-17 23:56 . 2009-08-02 14:22 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2009-08-17 23:53 . 2009-08-02 14:23 3942048 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2009-08-17 00:46 . 2008-08-13 20:26 -------- d-----w- c:\arquivos de programas\GbPlugin

2009-08-16 03:53 . 2009-04-30 21:53 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Babylon

2009-08-13 21:49 . 2008-08-17 02:36 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DVD Shrink

2009-08-08 14:50 . 2009-03-14 20:23 -------- d-----w- c:\arquivos de programas\a-squared Free

2009-08-08 03:23 . 2009-04-30 21:53 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\Babylon

2009-08-05 12:20 . 2009-08-05 13:28 41063272 ----a-w- c:\arquivos de programas\Caspo.exe

2009-08-05 09:00 . 2004-08-04 03:45 205312 ----a-w- c:\windows\system32\mswebdvd.dll

2009-08-05 00:09 . 2009-08-04 23:58 -------- d-----w- c:\arquivos de programas\Virus Removal Tool

2009-08-04 23:56 . 2009-08-04 23:43 40958056 ----a-w- c:\arquivos de programas\setup_7.0.0.290_05.08.2009_03-20.exe

2009-08-03 18:07 . 2009-08-03 18:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll

2009-08-03 18:07 . 2009-08-03 18:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe

2009-08-03 16:36 . 2009-08-02 14:22 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-03 16:36 . 2009-08-02 14:22 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-08-02 14:06 . 2009-04-11 19:12 -------- d-----w- c:\arquivos de programas\DNA

2009-07-31 22:50 . 2009-04-17 02:09 -------- d-----w- c:\arquivos de programas\UsbFix

2009-07-17 19:03 . 2004-08-04 03:45 58880 ----a-w- c:\windows\system32\atl.dll

2009-07-17 03:18 . 2009-01-14 23:23 -------- d-----w- c:\arquivos de programas\Megacubo

2009-07-17 02:57 . 2008-06-20 18:33 -------- d-----w- c:\arquivos de programas\Free Audio Pack

2009-07-17 02:55 . 2008-06-20 19:47 -------- d-----w- c:\arquivos de programas\eMule

2009-07-17 02:53 . 2008-07-21 22:30 -------- d-----w- c:\arquivos de programas\Any Video Converter

2009-07-17 02:53 . 2008-07-21 22:30 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\Any Video Converter

2009-07-17 02:52 . 2009-02-21 21:56 -------- d-----w- c:\arquivos de programas\Puxa Rápido

2009-07-14 02:43 . 2004-08-04 03:45 286208 ----a-w- c:\windows\system32\wmpdxm.dll

2009-07-03 16:59 . 2004-08-04 03:45 915456 ----a-w- c:\windows\system32\wininet.dll

2009-06-25 08:27 . 2004-08-04 03:45 56832 ----a-w- c:\windows\system32\secur32.dll

2009-06-25 08:27 . 2004-08-04 03:45 54272 ----a-w- c:\windows\system32\wdigest.dll

2009-06-25 08:27 . 2004-08-04 03:45 147456 ----a-w- c:\windows\system32\schannel.dll

2009-06-25 08:27 . 2004-08-04 03:45 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-06-25 08:27 . 2004-08-04 03:45 732672 ----a-w- c:\windows\system32\lsasrv.dll

2009-06-25 08:27 . 2004-08-04 03:45 301568 ----a-w- c:\windows\system32\kerberos.dll

2009-06-24 11:18 . 2004-08-04 01:59 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2008-06-19 20:56 . 2008-06-19 20:56 4450382 ----a-w- c:\arquivos de programas\nero_photoshow_express_4_us_row.exe

2008-06-19 20:42 . 2008-06-19 20:42 6104632 ----a-w- c:\arquivos de programas\picasaweb-current-setup.exe

2004-07-22 13:51 . 2004-07-22 13:51 3432656 ----a-w- c:\arquivos de programas\ManagedDX.CAB

2004-07-20 01:58 . 2004-07-20 01:58 1156363 ----a-w- c:\arquivos de programas\BDANT.cab

2004-07-20 01:53 . 2004-07-20 01:53 976020 ----a-w- c:\arquivos de programas\BDAXP.cab

2004-07-09 17:17 . 2004-07-09 17:17 13265040 ----a-w- c:\arquivos de programas\dxnt.cab

2004-07-09 12:13 . 2004-07-09 12:13 15493481 -c--a-w- c:\arquivos de programas\DirectX.cab

2004-07-09 12:13 . 2004-07-09 12:13 703080 -c--a-w- c:\arquivos de programas\BDA.cab

2004-07-09 07:08 . 2004-07-09 07:08 472576 ----a-w- c:\arquivos de programas\dxsetup.exe

2004-07-09 07:08 . 2004-07-09 07:08 2242560 ----a-w- c:\arquivos de programas\dsetup32.dll

2004-07-09 06:03 . 2004-07-09 06:03 62976 ----a-w- c:\arquivos de programas\DSETUP.dll

2009-03-14 04:18 . 2009-03-14 04:09 352288 -csha-w- c:\windows\system32\drivers\fidbox2.dat

.

((((((((((((((((((((((((((((( SnapShot@2009-08-17_23.19.15 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-09-14 18:27 . 2009-09-14 18:27 16384 c:\windows\temp\Perflib_Perfdata_1f8.dat

+ 2008-06-22 14:02 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe

- 2008-09-23 17:07 . 2007-04-03 01:13 21632 c:\windows\system32\DRVSTORE\motport_C2507623DD349B7DF9F3CD18A7DCF51CAD96A420\motport.sys

+ 2009-08-18 21:32 . 2007-04-03 01:13 21632 c:\windows\system32\DRVSTORE\motport_C2507623DD349B7DF9F3CD18A7DCF51CAD96A420\motport.sys

- 2008-09-23 17:07 . 2007-01-24 01:36 22016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\Motousbnet.sys

+ 2009-08-18 21:32 . 2007-01-24 01:36 22016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\Motousbnet.sys

+ 2009-08-18 21:32 . 2006-12-14 14:27 40832 c:\windows\system32\DRVSTORE\motodrv_A52528875D728E964C8846E6EE59057B28F55E3E\motodrv.sys

- 2008-09-23 17:07 . 2006-12-14 14:27 40832 c:\windows\system32\DRVSTORE\motodrv_A52528875D728E964C8846E6EE59057B28F55E3E\motodrv.sys

- 2008-09-23 17:07 . 2007-04-03 01:13 21632 c:\windows\system32\DRVSTORE\motmodem_032E8111520766BD9EDB0974011BC85D4BFEF872\motmodem.sys

+ 2009-08-18 21:32 . 2007-04-03 01:13 21632 c:\windows\system32\DRVSTORE\motmodem_032E8111520766BD9EDB0974011BC85D4BFEF872\motmodem.sys

- 2008-09-23 17:07 . 2007-04-03 01:13 17920 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motccgp.sys

+ 2009-08-18 21:32 . 2007-04-03 01:13 17920 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motccgp.sys

+ 2009-05-14 18:49 . 2009-05-14 18:49 55768 c:\windows\system32\drivers\epfwtdi.sys

+ 2009-05-14 18:49 . 2009-05-14 18:49 33096 c:\windows\system32\drivers\epfwndis.sys

+ 2003-09-19 18:14 . 2003-09-19 18:14 22183 c:\windows\system32\drivers\btserial.sys

+ 2003-09-19 18:03 . 2003-09-19 18:03 30235 c:\windows\system32\drivers\btport.sys

+ 2003-09-19 18:01 . 2003-09-19 18:01 21861 c:\windows\system32\drivers\btaudio.sys

+ 2009-06-25 08:27 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll

- 2009-02-03 19:58 . 2009-02-03 19:58 56832 c:\windows\system32\dllcache\secur32.dll

+ 2009-02-03 19:58 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll

+ 2004-08-04 01:59 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys

+ 2002-07-15 18:58 . 2002-07-15 18:58 50176 c:\windows\system32\CSH.DLL

+ 2003-09-19 18:17 . 2003-09-19 18:17 24576 c:\windows\system32\BtXpShell.dll

+ 2003-09-19 18:24 . 2003-09-19 18:24 40960 c:\windows\system32\btwpimif.dll

+ 2003-09-19 18:34 . 2003-09-19 18:34 65536 c:\windows\system32\btsendto_wab.dll

+ 2003-09-19 18:31 . 2003-09-19 18:31 49152 c:\windows\system32\btsendto_notes.dll

+ 2003-09-19 18:35 . 2003-09-19 18:35 73728 c:\windows\system32\btsendto_ie.dll

+ 2003-09-19 18:04 . 2003-09-19 18:04 53248 c:\windows\system32\btrezxp.dll

+ 2003-09-19 18:27 . 2003-09-19 18:27 73728 c:\windows\system32\btprn2k.dll

+ 2003-09-19 18:04 . 2003-09-19 18:04 65536 c:\windows\system32\BTNCopy.dll

+ 2003-09-19 18:26 . 2003-09-19 18:26 98304 c:\windows\system32\bthcrpui.dll

+ 2003-09-19 18:26 . 2003-09-19 18:26 98304 c:\windows\system32\bthcrp.dll

+ 2003-09-19 18:06 . 2003-09-19 18:06 32768 c:\windows\system32\btdev.dll

+ 2003-09-19 18:17 . 2003-09-19 18:17 61440 c:\windows\system32\BtAudioHelper.dll

+ 2003-09-19 18:05 . 2003-09-19 18:05 94208 c:\windows\system32\bt2k_ins.dll

+ 2009-08-18 21:16 . 2009-08-18 21:16 33982 c:\windows\Installer\{FE90E9E7-A158-4687-8853-DF677A939A61}\ARPPRODUCTICON.exe

- 2009-06-11 14:31 . 2009-06-11 14:31 38240 c:\windows\Installer\{90120000-0020-0416-0000-0000000FF1CE}\O12ConvIcon.exe

+ 2009-08-29 13:21 . 2009-08-29 13:21 38240 c:\windows\Installer\{90120000-0020-0416-0000-0000000FF1CE}\O12ConvIcon.exe

+ 2009-08-27 03:08 . 2009-08-27 03:08 97360 c:\windows\Installer\{378914D6-FBC8-42D1-B5FD-648CF8E6C039}\egui.exe

+ 2009-08-27 03:08 . 2009-08-27 03:08 10134 c:\windows\Installer\{378914D6-FBC8-42D1-B5FD-648CF8E6C039}\callmsi.exe

+ 2009-04-03 21:01 . 2009-04-03 21:01 71504 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\XL12CNVP.DLL

+ 2009-04-03 20:57 . 2009-04-03 20:57 21320 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\WRD12EXE.EXE

+ 2009-04-02 17:35 . 2009-04-02 17:35 16712 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\PXBPROXY.DLL

+ 2009-04-02 17:35 . 2009-04-02 17:35 68496 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\PXBCOM.EXE

+ 2006-10-27 00:13 . 2006-10-27 00:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\XL12CNVP.DLL

+ 2007-03-21 21:58 . 2007-03-21 21:58 24416 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\WRD12EXE.EXE

+ 2006-10-27 00:07 . 2006-10-27 00:07 17680 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\PXBPROXY.DLL

+ 2007-03-21 22:00 . 2007-03-21 22:00 72096 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\PXBCOM.EXE

+ 2009-08-29 15:40 . 2009-08-29 15:40 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll

+ 2009-08-29 14:51 . 2009-08-29 14:51 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll

+ 2009-08-29 14:51 . 2009-08-29 14:51 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe

+ 2009-08-29 14:50 . 2009-08-29 14:50 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll

+ 2009-08-18 21:32 . 2006-12-06 21:33 6400 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motswch.sys

- 2008-09-23 17:07 . 2006-12-06 21:33 6400 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motswch.sys

- 2008-09-23 17:07 . 2007-01-24 01:36 6016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motfilt.sys

+ 2009-08-18 21:32 . 2007-01-24 01:36 6016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motfilt.sys

- 2008-09-23 17:07 . 2006-07-28 11:10 6144 c:\windows\system32\DRVSTORE\motodrv_A52528875D728E964C8846E6EE59057B28F55E3E\mot_ci.dll

+ 2009-08-18 21:32 . 2006-07-28 11:10 6144 c:\windows\system32\DRVSTORE\motodrv_A52528875D728E964C8846E6EE59057B28F55E3E\mot_ci.dll

- 2008-09-23 17:07 . 2006-12-06 21:33 6400 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motswch.sys

+ 2009-08-18 21:32 . 2006-12-06 21:33 6400 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motswch.sys

+ 2009-08-18 21:32 . 2007-01-23 23:03 7680 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motccgpfl.sys

- 2008-09-23 17:07 . 2007-01-23 23:03 7680 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motccgpfl.sys

+ 2003-09-19 18:22 . 2003-09-19 18:22 503808 c:\windows\system32\WidcommSdk.dll

+ 2003-09-19 18:20 . 2003-09-19 18:20 536637 c:\windows\system32\wbtapi.dll

+ 2008-06-29 04:05 . 2009-08-26 21:39 230028 c:\windows\system32\Restore\rstrlog.dat

+ 2009-08-03 18:07 . 2007-06-02 21:48 676224 c:\windows\system32\OGACheckControl.dll

+ 2004-08-04 03:45 . 2009-06-22 06:48 726528 c:\windows\system32\jscript.dll

- 2004-08-04 03:45 . 2009-03-08 07:33 726528 c:\windows\system32\jscript.dll

+ 2009-05-14 18:49 . 2009-05-14 18:49 133000 c:\windows\system32\drivers\epfw.sys

+ 2009-05-14 18:47 . 2009-05-14 18:47 107256 c:\windows\system32\drivers\ehdrv.sys

+ 2009-05-14 18:41 . 2009-05-14 18:41 114472 c:\windows\system32\drivers\eamon.sys

+ 2003-09-19 18:30 . 2003-09-19 18:30 146812 c:\windows\system32\drivers\btwdndis.sys

+ 2003-09-19 18:14 . 2003-09-19 18:14 222876 c:\windows\system32\drivers\btslbcsp.sys

+ 2002-11-15 15:15 . 2002-11-15 15:15 148794 c:\windows\system32\drivers\bcbthub.sys

+ 2008-12-05 06:58 . 2009-06-25 08:27 147456 c:\windows\system32\dllcache\schannel.dll

+ 2009-06-25 08:27 . 2009-06-25 08:27 136192 c:\windows\system32\dllcache\msv1_0.dll

+ 2009-04-16 21:34 . 2009-06-25 08:27 732672 c:\windows\system32\dllcache\lsasrv.dll

+ 2009-06-25 08:27 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll

- 2008-10-18 00:58 . 2009-03-08 07:33 726528 c:\windows\system32\dllcache\jscript.dll

+ 2008-10-18 00:58 . 2009-06-22 06:48 726528 c:\windows\system32\dllcache\jscript.dll

+ 2003-09-19 18:17 . 2003-09-19 18:17 102400 c:\windows\system32\BTXPPanel.dll

+ 2003-09-19 18:39 . 2003-09-19 18:39 770048 c:\windows\system32\BtWizard.dll

+ 2003-09-19 18:34 . 2003-09-19 18:34 163840 c:\windows\system32\btsendto_office.dll

+ 2003-09-19 18:25 . 2003-09-19 18:25 118784 c:\windows\system32\btsendto.dll

+ 2003-09-19 18:36 . 2003-09-19 18:36 176128 c:\windows\system32\btsec.dll

+ 2003-09-19 18:28 . 2003-09-19 18:28 135168 c:\windows\system32\btosif_olx.dll

+ 2003-09-19 18:24 . 2003-09-19 18:24 196608 c:\windows\system32\btosif_ol.dll

+ 2003-09-19 18:23 . 2003-09-19 18:23 155648 c:\windows\system32\btosif_notes.dll

+ 2003-09-19 18:23 . 2003-09-19 18:23 118784 c:\windows\system32\btosif.dll

+ 2003-09-19 18:44 . 2003-09-19 18:44 794701 c:\windows\system32\BTNeighborhood.dll

+ 2003-09-19 18:09 . 2003-09-19 18:09 376832 c:\windows\system32\btins.dll

+ 2003-09-19 18:37 . 2003-09-19 18:37 200704 c:\windows\system32\btcss.dll

+ 2003-09-19 18:17 . 2003-09-19 18:17 135168 c:\windows\system32\btbigbmp.dll

+ 2009-08-28 23:50 . 2009-08-28 23:50 119296 c:\windows\Installer\1978657.msi

+ 2009-03-20 14:48 . 2009-03-20 14:48 183808 c:\windows\Installer\1978644.msp

+ 2006-10-26 23:49 . 2006-10-26 23:49 509200 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\WRD12CVR.DLL

+ 2007-05-10 12:04 . 2007-05-10 12:04 846248 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\OICE.EXE

+ 2006-10-26 23:12 . 2006-10-26 23:12 396592 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\MOC.EXE

+ 2009-09-10 02:16 . 2008-07-08 12:58 395128 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll

+ 2009-09-10 02:16 . 2008-07-08 12:58 233336 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe

+ 2009-09-10 02:16 . 2009-03-08 07:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe

+ 2009-08-29 15:41 . 2009-08-29 15:41 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll

+ 2009-08-29 01:21 . 2009-08-29 01:21 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll

+ 2009-08-29 01:21 . 2009-08-29 01:21 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll

+ 2009-08-29 14:51 . 2009-08-29 14:51 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll

+ 2009-08-29 14:51 . 2009-08-29 14:51 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe

+ 2009-08-29 14:50 . 2009-08-29 14:50 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe

+ 2009-08-29 14:50 . 2009-08-29 14:50 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe

+ 2009-08-29 14:49 . 2009-08-29 14:49 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2009-08-29 14:51 . 2009-08-29 14:51 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll

+ 2009-08-29 14:51 . 2009-08-29 14:51 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll

+ 2009-08-29 03:37 . 2009-08-29 03:37 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe

+ 2009-08-29 14:50 . 2009-08-29 14:50 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll

+ 2004-08-04 03:45 . 2009-05-20 07:56 2458112 c:\windows\system32\WMVCore.dll

- 2004-08-04 03:45 . 2008-06-18 07:03 2458112 c:\windows\system32\WMVCore.dll

+ 2001-11-14 16:56 . 2001-11-14 16:56 1802240 c:\windows\system32\lcppn21.dll

- 2008-09-23 17:07 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motport_C2507623DD349B7DF9F3CD18A7DCF51CAD96A420\wdfcoinstaller01005.dll

+ 2009-08-18 21:32 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motport_C2507623DD349B7DF9F3CD18A7DCF51CAD96A420\wdfcoinstaller01005.dll

+ 2009-08-18 21:32 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\wdfcoinstaller01005.dll

- 2008-09-23 17:07 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\wdfcoinstaller01005.dll

- 2008-09-23 17:07 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motmodem_032E8111520766BD9EDB0974011BC85D4BFEF872\wdfcoinstaller01005.dll

+ 2009-08-18 21:32 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motmodem_032E8111520766BD9EDB0974011BC85D4BFEF872\wdfcoinstaller01005.dll

+ 2009-08-18 21:32 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\wdfcoinstaller01005.dll

- 2008-09-23 17:07 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\wdfcoinstaller01005.dll

+ 2003-09-19 18:11 . 2003-09-19 18:11 1257418 c:\windows\system32\drivers\btkrnl.sys

- 2004-08-04 03:45 . 2008-06-18 07:03 2458112 c:\windows\system32\dllcache\WMVCore.dll

+ 2004-08-04 03:45 . 2009-05-20 07:56 2458112 c:\windows\system32\dllcache\WMVCore.dll

+ 2003-03-24 13:37 . 2003-03-24 13:37 2830336 c:\windows\system32\btrez.dll

+ 2009-08-27 03:08 . 2009-08-27 03:08 1139712 c:\windows\Installer\f4d909.msi

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\ca0a0.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\ca09a.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\b963dc.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\b963d6.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\b858f4.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\b858ee.msp

+ 2009-08-25 17:57 . 2009-08-25 17:57 5518336 c:\windows\Installer\a383f.msp

+ 2009-05-04 10:46 . 2009-05-04 10:46 8299008 c:\windows\Installer\99d11d.msp

+ 2009-04-24 15:31 . 2009-04-24 15:31 1425920 c:\windows\Installer\99d118.msp

+ 2009-04-24 15:30 . 2009-04-24 15:30 2583552 c:\windows\Installer\99d113.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\7f8d19.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\7f8d13.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\7d4258.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\69f96b.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\69f965.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\589545.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\58953f.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\3c8cbf.msp

+ 2009-05-04 10:46 . 2009-05-04 10:46 8299008 c:\windows\Installer\3c8cbd.msp

+ 2009-04-24 15:31 . 2009-04-24 15:31 1425920 c:\windows\Installer\3c8cb2.msp

+ 2009-04-24 15:30 . 2009-04-24 15:30 2583552 c:\windows\Installer\3c8ca6.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\1a730a1.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\1a7309b.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\197864b.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\1978646.msp

+ 2009-04-23 20:57 . 2009-04-23 20:57 7672832 c:\windows\Installer\1978635.msp

+ 2009-05-12 16:01 . 2009-05-12 16:01 6818816 c:\windows\Installer\1978611.msp

+ 2009-05-01 18:49 . 2009-05-01 18:49 4328960 c:\windows\Installer\197860c.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\16486d6.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\16486d0.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\1540167.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\1540161.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\14665b3.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\14665ad.msp

+ 2009-08-18 21:16 . 2009-08-18 21:16 2061824 c:\windows\Installer\13751a5.msi

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\12d252.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\12d24c.msp

+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\1219c96.msp

+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\1219c90.msp

+ 2009-04-03 20:57 . 2009-04-03 20:57 4671320 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\WRD12CNV.DLL

+ 2009-04-02 17:35 . 2009-04-02 17:35 1787216 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\PPCNV.DLL

+ 2007-03-21 21:58 . 2007-03-21 21:58 4145520 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\WRD12CNV.DLL

+ 2007-05-10 13:11 . 2007-05-10 13:11 1767256 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\PPCNV.DLL

+ 2006-10-27 18:18 . 2006-10-27 18:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\OGL.DLL

+ 2007-03-21 21:56 . 2007-03-21 21:56 8425856 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\OARTCONV.DLL

+ 2009-08-29 15:41 . 2009-08-29 15:41 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll

+ 2009-08-29 15:41 . 2009-08-29 15:41 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll

+ 2009-08-29 15:41 . 2009-08-29 15:41 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll

+ 2009-08-29 15:41 . 2009-08-29 15:41 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll

+ 2009-08-29 15:40 . 2009-08-29 15:40 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll

+ 2009-08-29 01:22 . 2009-08-29 01:22 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll

+ 2009-08-29 01:20 . 2009-08-29 01:20 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll

+ 2009-08-29 15:38 . 2009-08-29 15:38 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll

+ 2009-08-29 14:51 . 2009-08-29 14:51 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll

+ 2009-08-29 03:37 . 2009-08-29 03:37 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll

+ 2009-08-29 15:39 . 2009-08-29 15:39 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll

+ 2009-08-29 14:51 . 2009-08-29 14:51 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2009-08-29 14:50 . 2009-08-29 14:50 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll

+ 2008-06-25 20:30 . 2009-08-28 21:38 24689600 c:\windows\system32\MRT.exe

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\ca09b.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\b963d7.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\b858ef.msp

+ 2009-09-10 02:17 . 2009-09-10 02:17 15709696 c:\windows\Installer\a383e.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\7f8d14.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\69f966.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\589540.msp

+ 2009-06-22 12:57 . 2009-06-22 12:57 35631104 c:\windows\Installer\1cdd7b.msi

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\1a7309c.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\197864c.msp

+ 2009-04-04 12:07 . 2009-04-04 12:07 38385664 c:\windows\Installer\1978633.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\16486d1.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\1540162.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\14665ae.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\12d24d.msp

+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\1219c91.msp

+ 2009-04-03 21:01 . 2009-04-03 21:01 15108448 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\XL12CNV.EXE

+ 2007-05-10 13:25 . 2007-05-10 13:25 14677368 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\XL12CNV.EXE

+ 2007-05-08 14:10 . 2007-05-08 14:10 16874376 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\MSO.DLL

+ 2009-08-29 15:40 . 2009-08-29 15:40 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll

+ 2009-08-29 03:36 . 2009-08-29 03:36 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll

.

-- Snapshot resetado para data atual --

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="c:\arquivos de programas\BitTorrent\bittorrent.exe" [2009-08-13 653104]

"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-27 39408]

"MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-10-05 98304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-10-05 114688]

"Persistence"="c:\windows\system32\igfxpers.exe" [2006-10-05 94208]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-01 7110656]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-01 86016]

"egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-04-10 16126464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Gamma Loader.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Gamma Loader.lnk

backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^BTTray.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\BTTray.lnk

backup=c:\windows\pss\BTTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Discador Oi Internet.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Discador Oi Internet.lnk

backup=c:\windows\pss\Discador Oi Internet.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Orbit.lnk

backup=c:\windows\pss\Orbit.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Arquivos de programas\\Orbitdownloader\\orbitdm.exe"=

"c:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe"=

"c:\\Arquivos de programas\\eMule\\emule.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"=

"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=

"c:\\Arquivos de programas\\SopCast\\adv\\SopAdver.exe"=

"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=

"c:\\Arquivos de programas\\BitTorrent\\bittorrent.exe"=

"c:\\Arquivos de programas\\River Past\\Wave@MP3\\WaveAtMp3.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/5/2009 15:47 107256]

R1 is-A7UA6drv;is-A7UA6drv;c:\windows\system32\drivers\47000877.sys [4/8/2009 20:58 148496]

R1 is-D8KDBdrv;is-D8KDBdrv;c:\windows\system32\drivers\98782068.sys [4/8/2009 21:04 148496]

R1 is-QR2A2drv;is-QR2A2drv;c:\windows\system32\drivers\17601523.sys [5/8/2009 10:41 148496]

R1 is-UEHSSdrv;is-UEHSSdrv;c:\windows\system32\drivers\99758160.sys [4/8/2009 22:13 148496]

R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [14/5/2009 15:47 731840]

R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\admig\Firebird\bin\fbserver.exe -s DefaultInstance --> c:\admig\Firebird\bin\fbserver.exe -s DefaultInstance [?]

S1 is-VD0FUdrv;is-VD0FUdrv;c:\windows\system32\drivers\27206467.sys [4/8/2009 21:08 148496]

S2 gupdate1c9d8de2812eabc;Google Update Service (gupdate1c9d8de2812eabc);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [19/5/2009 21:01 133104]

S3 getPlusHelper;getPlus® Helper;c:\windows\System32\svchost.exe -k getPlusHelper [4/8/2004 00:45 14336]

S3 ListOpenedFileDrv;System Explorer Opened File Info;\??\c:\docume~1\lan-04\CONFIG~1\Temp\ListOpenedFileDrvXP.sys --> c:\docume~1\lan-04\CONFIG~1\Temp\ListOpenedFileDrvXP.sys [?]

S3 sembbus;SEMC WMC Composite Device driver (WDM);c:\windows\system32\DRIVERS\sembbus.sys --> c:\windows\system32\DRIVERS\sembbus.sys [?]

S3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM);c:\windows\system32\DRIVERS\sembcard.sys --> c:\windows\system32\DRIVERS\sembcard.sys [?]

S3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter;c:\windows\system32\DRIVERS\sembmdfl2.sys --> c:\windows\system32\DRIVERS\sembmdfl2.sys [?]

S3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver;c:\windows\system32\DRIVERS\sembmdm2.sys --> c:\windows\system32\DRIVERS\sembmdm2.sys [?]

S3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM);c:\windows\system32\DRIVERS\sembmgmt.sys --> c:\windows\system32\DRIVERS\sembmgmt.sys [?]

S3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS);c:\windows\system32\DRIVERS\sembnd5.sys --> c:\windows\system32\DRIVERS\sembnd5.sys [?]

S3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM);c:\windows\system32\DRIVERS\sembunic.sys --> c:\windows\system32\DRIVERS\sembunic.sys [?]

S3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM);c:\windows\system32\DRIVERS\sembwwan.sys --> c:\windows\system32\DRIVERS\sembwwan.sys [?]

S3 SEMCReserved;SEMC Reserved Interface;c:\windows\system32\DRIVERS\semcreserved.sys --> c:\windows\system32\DRIVERS\semcreserved.sys [?]

S3 Sony_EricssonWWSC;Sony Ericsson SIM Card Reader;c:\windows\system32\DRIVERS\sesc.sys --> c:\windows\system32\DRIVERS\sesc.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Conteúdo da pasta 'Tarefas Agendadas'

2009-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-05-20 00:01]

2009-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-05-20 00:01]

2009-09-14 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07]

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.orkut.com/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mWindow Title =

uInternet Connection Wizard,ShellNext = iexplore

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Download by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/204

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Do&wnload selected by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/202

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Enviar para &Bluetooth - c:\arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm

IE: Translate with &Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

Trusted Zone: ufc.br\www.sofia

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab

FF - ProfilePath - c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\

FF - component: c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFAlert.dll

FF - plugin: c:\arquivos de programas\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npbittorrent.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npkimi.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npOGAPlugin.dll

FF - plugin: c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-14 15:40

Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]

"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•6~*]

"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'explorer.exe'(2688)

c:\windows\system32\WININET.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Tempo para conclusão: 2009-09-14 15:50

ComboFix-quarantined-files.txt 2009-09-14 18:50

ComboFix2.txt 2009-08-17 23:24

Pré-execução: 9.114.505.216 bytes disponíveis

Pós execução: 8.828.825.600 bytes disponíveis

Current=11 Default=11 Failed=10 LastKnownGood=12 Sets=1,2,3,4,5,6,7,8,10,11,12

548 --- E O F --- 2009-09-10 02:25

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:18:54, on 14/9/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\a-squared Free\a2service.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\AdmIg\Firebird\bin\fbserver.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

C:\Arquivos de programas\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Arquivos de programas\BitTorrent\bittorrent.exe

C:\Programas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orkut.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Arquivos de programas\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Arquivos de programas\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKCU\..\Run: [bitTorrent] "C:\Arquivos de programas\BitTorrent\bittorrent.exe"

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: is-A7UA6.lnk = ?

O4 - Startup: is-D8KDB.lnk = ?

O4 - Startup: is-QR2A2.lnk = ?

O4 - Startup: is-UEHSS.lnk = ?

O4 - Startup: is-VD0FU.lnk = ?

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar para &Bluetooth - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm

O8 - Extra context menu item: Translate with &Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://127.0.0.1:9070/etc/var/TVUAx.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214054730812

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Arquivos de programas\a-squared Free\a2service.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\AdmIg\Firebird\bin\fbserver.exe

O23 - Service: Google Update Service (gupdate1c9d8de2812eabc) (gupdate1c9d8de2812eabc) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Arquivos de programas\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe

--

End of file - 10342 bytes

DigRam · Setembro 17, 2009

Boa Noite! esdrasyave

<@> Vá em Iniciar --> Executar --> Digite ou cole:

"%userprofile%\desktop\combofix" /u

<@> Clique OK.

<><><><><><><><><><><>

<@> Abra a pasta Kaspersky AVP Tool. ( Ps: Estará na mesma pasta aonde está o arquivo de instalação! )

<@> Duplo-clique sobre o arquivo: unins000.exe <--

<@> Clique em OK duas vezes.

<@> O computador será reiniciado.

<><><><><><><><><><><>

<@> Baixe: < LopS&D >

<@> Salve-o no Disco Local-C!

<@> Desabilite seu anti-vírus ou Firewall.

<@> Instale o programa e clique em: LopSD.cmd

<@> Na janela que abrir,aperte o "p" --> Aperte Enter.

<@> Em outra janela,aperte a opção: 2 - Fix + Hosts --> Aperte Enter --> Aguarde!

<@> Terminando,salve e poste o relatório. ( C:\Lop SD\LopR_1.txt )

<@> Poste,também,HijackThis atualizado.

<><><><><><><><><><><>

<@> Baixe: < ToolBar S&D >

<@> Salve-o no Disco Local-C,em uma pasta própria.

<@> Reinicie o computador,em Modo de Segurança. <-- Importante!

<@> Execute o programa,e à seguir,aperte o "p" --> Enter --> Ok.

<@> Digite o dois! ( 2 ) --> Aperte Enter --> Aguarde!

<@> Terminando,poste o relatório. ( C:\ToolBar SD\TB_1.txt ) <--

<@> Poste,também,HijackThis atualizado.

Abraços!

esdrasyave · Setembro 18, 2009

Ja fiz o 1º procedimento, porém nao axei a pasta 'Kaspersky AVP Tool'

DigRam · Setembro 19, 2009

Ja fiz o 1º procedimento, porém nao axei a pasta 'Kaspersky AVP Tool'

<><><><><><><><><>

Opa! esdrasyave

<!> Siga,então,com os outros procedimentos!

Abraços!

Mário Monteiro · Outubro 19, 2009

Tópico Arquivado

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Entrar

Arquivado

[Arquivado] PC travando

Recommended Posts

esdrasyave 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

esdrasyave 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

Girls from your town - Verified Females

Prettys Womans from your city for night - Verified Women

PHP - Capturar ID do SELECT

Este projeto é apoiado pelas empresas

Fóruns

Tempo Real

Informação importante