[Resolvido!] Malware de volta!

[DaniieL™ 0]

Olá!

 

eu criei um tópico aqui no na area de Segurança & Malware

falando sobre um suposto Malware que no começo os scan's Online

nao o detectava se passando por um falso dispositivo até que o Panda Active

Scan detectou-o porém não removeu ...

efetuei varios scan's e nada pensei que meu pc já estava Limpo ...

mas, o malware voltou recentemente meu Avira AntiVir detectou-o e pos na quarentena

o pior é que meu Avira não consegue exclui-lo, ao detecta-lo só aparece as seguintes opções:

 

[ ] Move to quarentine

[ ] Rename

[ ] Deny Access

 

meu pc apresentou os seguintes sintomas ao voltar o Malware:

 

Inicialização Lenta

Auto Pedido de desinstalação do Programa System Protect

Arquivos Executáveis demoram pra abrir

Navegadores Travam

Arquivos abrem sozinhos

 

 

Olha a descrição dele:

 

HEUR / HTML.Malware ou HEUR malware / HTML é uma variante do malware prejudicial que os buracos de segurança no uso do sistema para infectar máquinas locais e de rede. HEUR / HTML.Malware costuma infectar PC via mídia corrupta codec e atualiza AcitveX baixado --- sites suspeitos e shareware. Uma vez dentro HEUR / HTML.Malwarewill criar dll corrompido e exe no system32, baixar arquivos adicionais malware e bombardeiam o PC com pop-ups em massa. O HEUR / HTML.Malware é uma infecção perigosa malware que pode prejudicar a atividade do PC!

 

Eis um Log HJT!

 

-----------------------------------------------------------------------------------------------------------

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 07:42:59, on 25/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\ThreatFire\TFTray.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe

C:\Arquivos de programas\System Protect\SysProtect_Tray.exe

C:\Arquivos de programas\Spyware Doctor\pctsTray.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Documents and Settings\Administrador\Bluebirds\BlueBirds.exe

C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\ARQUIV~1\Magentic\bin\MgApp.exe

C:\WINDOWS\system32\oobe\sample\tclock.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

C:\Arquivos de programas\Orbitdownloader\orbitnet.exe

C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\{83B29D25-4430-4C94-9207-EFBA70258B5F}\VistaBTSe7en.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

c:\ARQUIV~1\mcafee\SITEAD~1\mcsacore.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe

C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\System Protect\SysProtect_srv.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\ThreatFire\TFService.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\HiJackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\HPZipm12.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60075

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60075

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60075

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60075

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60075

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\ARQUIV~1\Crawler\Toolbar\ctbr.dll

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\ARQUIV~1\Crawler\Toolbar\ctbr.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Barra de ferramentas &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\ARQUIV~1\Crawler\Toolbar\ctbr.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [ThreatFire] C:\Arquivos de programas\ThreatFire\TFTray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [00PCTFW] "C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe" -s

O4 - HKLM\..\Run: [systemProtect] C:\Arquivos de programas\System Protect\SysProtect_Tray.exe

O4 - HKLM\..\Run: [iSTray] "C:\Arquivos de programas\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Magentic] C:\ARQUIV~1\Magentic\bin\Magentic.exe /c

O4 - HKCU\..\Run: [bluebirds] C:\Documents and Settings\Administrador\Bluebirds\BlueBirds.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O4 - Startup: is-DNHML.lnk = C:\Arquivos de programas\Virus Removal Tool\is-DNHML\startup.exe

O4 - Startup: is-NG786.lnk = C:\Documents and Settings\Administrador\Desktop\Virus Removal Tool\is-NG786\startup.exe

O4 - Startup: is-U4SAE.lnk = C:\Arquivos de programas\Virus Removal Tool\is-U4SAE\startup.exe

O4 - Global Startup: Atalho para tclock.lnk = C:\WINDOWS\system32\oobe\sample\tclock.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

O4 - Global Startup: VistaBTSe7en.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Crawler Search - tbr:iemenu

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{B9E3C1E1-5D68-4A93-97CC-B3B5897C9527}: NameServer = 200.184.26.9 200.184.26.14

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\ARQUIV~1\Crawler\Toolbar\ctbr.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Google Update Service (gupdate1ca5ff389694b52) (gupdate1ca5ff389694b52) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\ARQUIV~1\mcafee\SITEAD~1\mcsacore.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

O23 - Service: System Protect Deletion Prevention Service (SP_Service) - Xacti Corporation - C:\Arquivos de programas\System Protect\SysProtect_srv.exe

O23 - Service: ThreatFire - PC Tools - C:\Arquivos de programas\ThreatFire\TFService.exe

 

--

End of file - 13856 bytes

 

---------------------------------------------------------------------------------------------------------------

 

Abraços!

[DigRam 144]

Bom Dia! w.storm

 

<@> Siga as orientações deste tutorial,referente ao Comodo AV Scanner.

<@> Poste o relatório,ao concluir o scan.

 

<@> Baixe: < > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

 

 

<@> Segundo a imagem,mude a opção em "Output" para "Minimal Output".

<@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users".

<@> Clique em: < > --> Aguarde!

<@> Poste:

 

<1> OTL.txt <--

<2> Extra.txt <--

 

Abraços!

[DaniieL™ 0]

Boa Tarde! DigRam

 

Infelizmente não consegui executar o COMODO AV SCANNER

IE8: trava ao clicar " Open Scan Window "

FF: nada acontece ao clicar " Open Scan Window "

 

Mas, executei com sucesso a ferramenta OldTimeR

porém, não pude postar os Log'z TxT por serem grandes!

<!> Como postarei ?

 

Outra coisa um Arquivo Oculto Apareceu no meu desktop

enquanto a ferramenta OldTimeR estava em execução

 

 

<!>Ps:não pude editar a minha resposta acima, pois meu IE8 & FF não carregavam ao clicar Enviar Post Modificado

[DigRam 144]

Mas, executei com sucesso a ferramenta OldTimeR

porém, não pude postar os Log'z TxT por serem grandes!

Opa! w.storm

 

<!> Descarte o relatório Extra.txt e poste somente,OTL.txt.

<!> Ps: Pode dividi-lo em 2 posts!

 

Abraços!

[DaniieL™ 0]

<!> Descarte o relatório Extra.txt e poste somente,OTL.txt.

<!> Ps: Pode dividi-lo em 2 posts!

 

Boa Noite! DigRam

 

Eis os Relatórios Divididos:

OTL.Txt / PT 1

 

-----------------------------------------------------------------------------------------------------------------

 

 

OTL logfile created on: 25/11/2009 15:50:12 - Run 1

OTL by OldTimer - Version 3.1.10.1 Folder = C:\Documents and Settings\Administrador\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 67,96% Memory free

3,85 Gb Paging File | 3,03 Gb Available in Paging File | 78,61% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 97,65 Gb Total Space | 75,01 Gb Free Space | 76,82% Space Free | Partition Type: NTFS

Drive D: | 200,43 Gb Total Space | 200,32 Gb Free Space | 99,95% Space Free | Partition Type: NTFS

Drive E: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: XPPROBT2009

Current User Name: Administrador

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\Administrador\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe (PC Tools)

PRC - C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

PRC - C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

PRC - C:\Arquivos de programas\System Protect\SysProtect_Tray.exe (Xacti Corporation)

PRC - C:\Arquivos de programas\System Protect\SysProtect_srv.exe (Xacti Corporation)

PRC - c:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

PRC - C:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Arquivos de programas\iTunes\iTunesHelper.exe (Apple Inc.)

PRC - C:\Arquivos de programas\iPod\bin\iPodService.exe (Apple Inc.)

PRC - C:\Arquivos de programas\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)

PRC - C:\Arquivos de programas\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

PRC - C:\Arquivos de programas\ThreatFire\TFTray.exe (PC Tools)

PRC - C:\Arquivos de programas\ThreatFire\TFService.exe (PC Tools)

PRC - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)

PRC - C:\Documents and Settings\Administrador\Bluebirds\BlueBirds.exe (LG Electronics)

PRC - C:\Arquivos de programas\Magentic\bin\MgApp.exe ()

PRC - C:\WINDOWS\system32\WgaTray.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)

PRC - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)

PRC - C:\Arquivos de programas\Spyware Doctor\pctsTray.exe (PC Tools)

PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

PRC - C:\Documents and Settings\Administrador\Configurações locais\Temp\{A360B788-72AC-4175-AA2D-9FF62FF9A974}\VistaBTSe7en.exe ()

PRC - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Development Company, L.P.)

PRC - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)

PRC - C:\Arquivos de programas\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.)

PRC - C:\WINDOWS\system32\oobe\sample\tclock.exe (Kazubon)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\Administrador\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (PCToolsFirewallPlus) -- C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe (PC Tools)

SRV - (SP_Service) -- C:\Arquivos de programas\System Protect\SysProtect_srv.exe (Xacti Corporation)

SRV - (McAfee SiteAdvisor Service) -- c:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (AntiVirService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirSchedulerService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (gupdate1ca5ff389694b52) Google Update Service (gupdate1ca5ff389694b52) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe (Google Inc.)

SRV - (iPod Service) -- C:\Arquivos de programas\iPod\bin\iPodService.exe (Apple Inc.)

SRV - (JavaQuickStarterService) -- C:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

SRV - (ThreatFire) -- C:\Arquivos de programas\ThreatFire\TFService.exe (PC Tools)

SRV - (Apple Mobile Device) -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (sdCoreService) -- C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)

SRV - (FontCache3.0.0.0) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)

SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)

SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)

SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)

SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)

SRV - (Microsoft Office Groove Audit Service) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)

SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (WMPNetworkSvc) -- C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (pctNDIS) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)

DRV - (PCTFW-PacketFilter) -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys (PC Tools)

DRV - (sp_prot) -- C:\WINDOWS\system32\drivers\sp_prot.sys ()

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)

DRV - (pctplfw) -- C:\WINDOWS\system32\drivers\pctplfw.sys (PC Tools)

DRV - (SASENUM) -- C:\Arquivos de programas\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASDIFSV) -- C:\Arquivos de programas\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASKUTIL) -- C:\Arquivos de programas\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (PCTAppEvent) -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools)

DRV - (TfSysMon) -- C:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)

DRV - (TfFsMon) -- C:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)

DRV - (TfNetMon) -- C:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)

DRV - (PCTFW-DNS) -- C:\WINDOWS\system32\drivers\pctNdis-DNS.sys (PC Tools)

DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)

DRV - (GEARAspiWDM) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgio) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (is-U4SAEdrv) -- C:\WINDOWS\system32\drivers\10931726.sys (Kaspersky Lab)

DRV - (is-TBUKAdrv) -- C:\WINDOWS\system32\drivers\69758565.sys (Kaspersky Lab)

DRV - (is-HDSUNdrv) -- C:\WINDOWS\system32\drivers\86230380.sys (Kaspersky Lab)

DRV - (is-H8NG8drv) -- C:\WINDOWS\system32\drivers\34034646.sys (Kaspersky Lab)

DRV - (is-DNHMLdrv) -- C:\WINDOWS\system32\drivers\30124835.sys (Kaspersky Lab)

DRV - (is-BTLFBdrv) -- C:\WINDOWS\system32\drivers\79196936.sys (Kaspersky Lab)

DRV - (is-2IM2Mdrv) -- C:\WINDOWS\system32\drivers\65810298.sys (Kaspersky Lab)

DRV - (is-NG786drv) -- C:\WINDOWS\system32\drivers\81546140.sys (Kaspersky Lab)

DRV - (is-JB2K0drv) -- C:\WINDOWS\system32\drivers\38708115.sys (Kaspersky Lab)

DRV - (is-7JM3Edrv) -- C:\WINDOWS\system32\drivers\47366308.sys (Kaspersky Lab)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (HPZid412) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP)

DRV - (HPZius12) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP)

DRV - (HPZipr12) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP)

DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60075

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60075

 

 

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com.br/

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 69 B6 AF FD 5F CA 01 [binary data]

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

IE - HKU\S-1-5-21-1390067357-796845957-682003330-500\S-1-5-21-1390067357-796845957-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Secure Search"

FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "www.google.com.br"

FF - prefs.js..extensions.enabledItems: {561A5FBE-9761-4eb3-9182-892D82532414}:1.0

FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1

FF - prefs.js..extensions.enabledItems: {39379F86-9CCB-4724-AE33-4278DE266C88}:1.0.1

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - prefs.js..keyword.enabled: false

 

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff [2009/11/07 18:19:13 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Arquivos de programas\Real\RealPlayer\browserrecord\firefox\ext [2009/11/07 22:23:27 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/11 04:31:14 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Arquivos de programas\Crawler\Toolbar\firefox\ [2009/11/23 19:09:26 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Arquivos de programas\McAfee\SiteAdvisor [2009/11/25 15:12:53 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2009/11/20 02:37:51 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2009/11/20 02:37:51 | 00,000,000 | ---D | M]

 

[2009/11/07 17:31:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Extensions

[2009/11/07 17:31:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009/11/25 15:15:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\extensions

[2009/11/11 04:44:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009/11/25 15:06:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\extensions\{561A5FBE-9761-4eb3-9182-892D82532414}

[2009/11/07 04:44:53 | 00,002,171 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\searchplugins\bing.xml

[2009/11/08 05:33:28 | 00,002,139 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\searchplugins\MyStart Search.xml

[2009/11/25 15:15:29 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions

[2009/11/07 05:10:00 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009/11/07 17:37:58 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

[2009/11/07 05:09:53 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\Mozilla Firefox\components\browserdirprovider.dll

[2009/11/07 05:09:53 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\Mozilla Firefox\components\brwsrcmp.dll

[2009/10/11 07:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npdeploytk.dll

[2009/11/07 05:09:56 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npnul32.dll

[2009/11/07 22:23:22 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\nppl3260.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin2.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin3.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin4.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin5.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin6.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin7.dll

[2009/11/07 22:23:31 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\nprjplug.dll

[2009/11/07 22:23:10 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\nprpjplug.dll

[2009/11/07 05:09:57 | 00,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml

[2009/09/21 15:24:16 | 00,001,329 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\crawlersrch.xml

[2009/11/07 05:09:57 | 00,002,371 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\google.xml

[2009/11/15 22:37:59 | 00,002,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

[2009/11/07 05:09:57 | 00,001,135 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2009/11/07 05:09:57 | 00,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2009/11/07 05:09:57 | 00,000,648 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml

 

O1 HOSTS File: (769 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Barra de ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll ()

O3 - HKU\S-1-5-21-1390067357-796845957-682003330-500\..\Toolbar\WebBrowser: (Barra de ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O3 - HKU\S-1-5-21-1390067357-796845957-682003330-500\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll ()

O4 - HKLM..\Run: [00PCTFW] C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [GrooveMonitor] C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [iSTray] C:\Arquivos de programas\Spyware Doctor\pctsTray.exe (PC Tools)

O4 - HKLM..\Run: [iTunesHelper] C:\Arquivos de programas\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [QuickTime Task] C:\Arquivos de programas\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [systemProtect] C:\Arquivos de programas\System Protect\SysProtect_Tray.exe (Xacti Corporation)

O4 - HKLM..\Run: [ThreatFire] C:\Arquivos de programas\ThreatFire\TFTray.exe (PC Tools)

O4 - HKLM..\Run: [TkBellExe] C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKU\S-1-5-21-1390067357-796845957-682003330-500..\Run: [bluebirds] C:\Documents and Settings\Administrador\Bluebirds\BlueBirds.exe (LG Electronics)

O4 - HKU\S-1-5-21-1390067357-796845957-682003330-500..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKU\S-1-5-21-1390067357-796845957-682003330-500..\Run: [Magentic] C:\Arquivos de programas\Magentic\bin\Magentic.exe ()

O4 - HKU\S-1-5-21-1390067357-796845957-682003330-500..\Run: [msnmsgr] C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1390067357-796845957-682003330-500..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found

O4 - Startup: C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-DNHML.lnk = C:\Arquivos de programas\Virus Removal Tool\is-DNHML\startup.exe ()

O4 - Startup: C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-NG786.lnk = C:\Documents and Settings\Administrador\Desktop\Virus Removal Tool\is-NG786\startup.exe ()

O4 - Startup: C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-U4SAE.lnk = C:\Arquivos de programas\Virus Removal Tool\is-U4SAE\startup.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Atalho para tclock.lnk = C:\WINDOWS\system32\oobe\sample\tclock.exe (Kazubon)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\VistaBTSe7en.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1390067357-796845957-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Download by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Crawler Search - File not found

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O15 - HKU\S-1-5-21-1390067357-796845957-682003330-500\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKU\S-1-5-21-1390067357-796845957-682003330-500 Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Arquivos de programas\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/11/07 16:04:10 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009/04/29 07:02:01 | 00,000,055 | R--- | M] () - E:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{4e6308b1-cd6c-11de-a88b-001966c66d75}\Shell - "" = AutoRun

O33 - MountPoints2\{4e6308b4-cd6c-11de-a88b-001966c66d75}\Shell - "" = AutoRun

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\AutoRun\command - "" = knupkb.com

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\explore\Command - "" = knupkb.com

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\open\Command - "" = knupkb.com

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

O35 - comfile [open] -- "%1" %* File not found

O35 - exefile [open] -- "%1" %* File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2009/11/25 15:49:10 | 00,531,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Desktop\OTL.exe

[2009/11/24 23:01:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Downloaded Installations

[2009/11/23 22:56:25 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrador\Recent

[2009/11/23 22:49:58 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\81546140.sys

[2009/11/23 22:49:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop\Virus Removal Tool

[2009/11/23 22:44:55 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\38708115.sys

[2009/11/23 21:18:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Netscape

[2009/11/23 21:18:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Netscape

[2009/11/23 21:17:59 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Netscape

[2009/11/23 21:13:41 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll

[2009/11/23 21:13:41 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys

[2009/11/23 19:12:18 | 00,038,400 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpz3l054.dll

[2009/11/23 19:11:50 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys

[2009/11/23 19:11:50 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys

[2009/11/23 19:09:25 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Crawler

[2009/11/23 18:46:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2009/11/23 18:33:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\HP

[2009/11/23 18:27:26 | 00,000,000 | -HSD | C] -- C:\Config.Msi

[2009/11/23 15:55:26 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\iPod

[2009/11/23 15:55:23 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\iTunes

[2009/11/23 15:31:12 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Enigma Software Group

[2009/11/22 22:47:58 | 00,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys

[2009/11/22 22:45:09 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Panda Security

[2009/11/22 17:10:06 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\47366308.sys

[2009/11/20 01:17:41 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\69758565.sys

[2009/11/18 00:39:49 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\65810298.sys

[2009/11/17 22:04:01 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\mupen64 0.5

[2009/11/17 20:37:49 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\30124835.sys

[2009/11/17 15:27:47 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\VS Revo Group

[2009/11/17 14:01:46 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Sophos

[2009/11/17 13:36:30 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys

[2009/11/17 13:36:24 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Spyware Doctor

[2009/11/17 13:36:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\PC Tools

[2009/11/17 13:11:17 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Registry Mechanic

[2009/11/17 11:09:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Meus Google Gadgets

[2009/11/17 11:03:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\.earth3d

[2009/11/15 22:37:12 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\McAfee

[2009/11/15 22:36:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\McAfee

[2009/11/15 22:36:52 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\McAfee

[2009/11/15 15:21:13 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\34034646.sys

[2009/11/15 00:39:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com

[2009/11/15 00:37:36 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

[2009/11/14 19:52:59 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\System Protect

[2009/11/14 14:22:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop\FoLdeR TesTs

[2009/11/14 00:33:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\PCToolsFirewallPlus

[2009/11/14 00:29:04 | 00,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2009/11/14 00:29:04 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2009/11/14 00:29:03 | 00,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2009/11/14 00:28:47 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys

[2009/11/14 00:28:47 | 00,055,208 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys

[2009/11/14 00:28:47 | 00,032,552 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys

[2009/11/14 00:28:47 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\PC Tools

[2009/11/14 00:28:45 | 00,115,216 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys

[2009/11/14 00:28:43 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\PC Tools Firewall Plus

[2009/11/13 22:26:46 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Auslogics

[2009/11/13 21:24:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\DoctorWeb

[2009/11/13 16:46:27 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\79196936.sys

[2009/11/13 16:35:27 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\86230380.sys

[2009/11/13 01:06:30 | 00,000,000 | -H-D | C] -- C:\Arquivos de programas\InstallShield Installation Information

[2009/11/13 01:06:23 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\InstallShield

[2009/11/13 01:05:45 | 00,067,072 | ---- | C] (Anark Corporation) -- C:\WINDOWS\System32\AKCPanel.cpl

[2009/11/13 01:05:43 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Anark

[2009/11/11 22:52:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8

[2009/11/11 21:27:10 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\ESET

[2009/11/11 21:12:58 | 00,000,000 | ---D | C] -- C:\LinhaDefensiva

[2009/11/11 19:17:32 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\10931726.sys

[2009/11/11 19:17:31 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Virus Removal Tool

[2009/11/11 06:55:56 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live

[2009/11/11 06:10:14 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft

[2009/11/11 05:27:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Contacts

[2009/11/11 05:26:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Os meus ficheiros recebidos

[2009/11/10 16:11:17 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Project64 1.6

[2009/11/10 16:06:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\SUPERAntiSpyware.com

[2009/11/10 16:06:24 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\SUPERAntiSpyware

[2009/11/09 18:16:01 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\VIVO ZAP 3G

[2009/11/09 17:05:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2009/11/09 16:59:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview

[2009/11/09 16:59:27 | 00,442,368 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvuninst.exe

[2009/11/09 16:59:27 | 00,442,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe

[2009/11/09 16:57:51 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys

[2009/11/09 16:57:51 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys

[2009/11/09 16:57:49 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys

[2009/11/09 16:57:49 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys

[2009/11/09 16:57:46 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys

[2009/11/09 16:57:46 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys

[2009/11/09 16:57:42 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys

[2009/11/09 16:57:42 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys

[2009/11/09 16:57:39 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys

[2009/11/09 16:57:39 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys

[2009/11/09 16:57:36 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys

[2009/11/09 16:57:36 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys

[2009/11/09 16:57:34 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys

[2009/11/09 16:57:34 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys

[2009/11/09 16:57:33 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys

[2009/11/09 16:57:33 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys

[2009/11/09 16:57:32 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys

[2009/11/09 16:57:32 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys

[2009/11/09 16:57:30 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys

[2009/11/09 16:57:30 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys

[2009/11/09 16:57:29 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys

[2009/11/09 16:57:29 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys

[2009/11/09 16:57:21 | 00,034,816 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll

[2009/11/09 16:57:20 | 01,684,736 | R--- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys

[2009/11/09 16:57:18 | 01,389,056 | R--- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys

[2009/11/09 16:57:17 | 01,200,128 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe

[2009/11/09 16:57:16 | 00,057,344 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE

[2009/11/09 16:57:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM

[2009/11/09 16:57:15 | 02,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE

[2009/11/09 16:57:14 | 00,278,528 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL

[2009/11/09 16:57:13 | 09,715,200 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE

[2009/11/09 16:57:09 | 01,826,816 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe

[2009/11/09 16:57:09 | 00,266,240 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL

[2009/11/09 16:57:09 | 00,077,824 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

[2009/11/09 16:57:06 | 02,168,320 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe

[2009/11/09 16:56:51 | 17,331,200 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE

[2009/11/09 16:56:45 | 04,942,336 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys

[2009/11/09 16:56:43 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys

[2009/11/09 16:56:43 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys

[2009/11/09 16:56:43 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax

[2009/11/09 16:56:43 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax

[2009/11/09 16:56:43 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys

[2009/11/09 16:56:43 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys

[2009/11/09 16:56:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll

[2009/11/09 16:56:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll

[2009/11/08 14:15:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Auslogics

[2009/11/08 12:01:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Bluebirds

[2009/11/08 11:57:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\HP

[2009/11/08 11:53:34 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\HP

[2009/11/08 11:49:56 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll

[2009/11/08 11:49:54 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll

[2009/11/08 11:48:30 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Hewlett-Packard

[2009/11/08 11:47:38 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

[2009/11/08 11:46:05 | 00,094,208 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipt12.dll

[2009/11/08 11:46:05 | 00,057,344 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZisn12.dll

[2009/11/08 11:46:04 | 00,282,680 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZidr12.dll

[2009/11/08 11:46:04 | 00,204,800 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipr12.dll

[2009/11/08 11:46:04 | 00,069,632 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipm12.exe

[2009/11/08 11:46:04 | 00,065,536 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZinw12.exe

[2009/11/08 11:46:01 | 00,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe

[2009/11/08 11:43:48 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\HP

[2009/11/08 11:36:03 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys

[2009/11/08 11:36:03 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys

[2009/11/08 11:34:09 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys

[2009/11/08 11:34:09 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys

[2009/11/08 11:23:13 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0

[2009/11/08 07:12:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates

[2009/11/08 06:30:23 | 08,491,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll

[2009/11/08 06:18:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Media Player Classic

[2009/11/08 05:46:50 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Administrador\IECompatCache

[2009/11/08 05:45:07 | 00,750,984 | ---- | C] (IncrediMail LTD.) -- C:\WINDOWS\System32\Magentic Screensaver.scr

[2009/11/08 05:45:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Magentic

[2009/11/08 05:45:00 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Magentic

[2009/11/08 00:52:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall

[2009/11/08 00:31:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution

[2009/11/08 00:10:58 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Windows Live

[2009/11/07 23:50:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\GrabPro

[2009/11/07 23:50:28 | 00,000,000 | ---D | C] -- C:\downloads

[2009/11/07 23:50:25 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Orbitdownloader

[2009/11/07 23:50:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Orbit

[2009/11/07 22:43:41 | 00,008,576 | ---- | C] (Panda Software International) -- C:\WINDOWS\System32\drivers\luxxgtwyefvc.sys

[2009/11/07 22:23:04 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\xing shared

[2009/11/07 22:22:30 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Real

[2009/11/07 22:05:19 | 00,093,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys

[2009/11/07 21:50:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lavasoft

[2009/11/07 21:46:54 | 01,414,440 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\ShellManager310E2D762.dll

[2009/11/07 21:43:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Google

[2009/11/07 21:35:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/11/07 21:34:59 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\QuickTime

[2009/11/07 21:34:22 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Apple

[2009/11/07 21:34:02 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\HiJackThis.exe

[2009/11/07 21:32:37 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\PhotoScape

[2009/11/07 21:30:45 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\SpywareBlaster

[2009/11/07 21:27:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Malwarebytes

[2009/11/07 21:27:37 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009/11/07 21:27:35 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009/11/07 21:27:35 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Malwarebytes' Anti-Malware

[2009/11/07 21:27:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes

[2009/11/07 21:26:41 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Marcos Velasco Security

[2009/11/07 21:06:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2009/11/07 21:02:43 | 00,059,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys

[2009/11/07 21:02:43 | 00,051,984 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys

[2009/11/07 21:02:43 | 00,033,552 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys

[2009/11/07 21:02:43 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\ThreatFire

[2009/11/07 21:02:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PC Tools

[2009/11/07 21:00:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop\DeSkToP FiLeS

[2009/11/07 20:57:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Administrador\PrivacIE

[2009/11/07 20:56:01 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\SystemRequirementsLab

[2009/11/07 20:55:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\SystemRequirementsLab

[2009/11/07 20:55:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun

[2009/11/07 20:52:18 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Administrador\IETldCache

[2009/11/07 20:48:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2009/11/07 20:17:47 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\pLuGiNs

[2009/11/07 19:44:48 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Google

[2009/11/07 19:44:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe

[2009/11/07 19:24:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data

[2009/11/07 19:23:23 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF

[2009/11/07 19:13:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt

[2009/11/07 19:06:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\WinRAR

[2009/11/07 18:34:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Meus vídeos

[2009/11/07 18:34:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\SoundSpectrum

[2009/11/07 18:33:21 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll

[2009/11/07 18:33:15 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\SoundSpectrum

[2009/11/07 18:33:14 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Real

[2009/11/07 18:21:41 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2009/11/07 18:21:41 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2009/11/07 18:21:41 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2009/11/07 18:21:41 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2009/11/07 18:21:41 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2009/11/07 18:21:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Avira

[2009/11/07 18:21:40 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Avira

[2009/11/07 18:21:23 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS

[2009/11/07 18:21:23 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys

[2009/11/07 18:19:20 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2009/11/07 18:19:20 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2009/11/07 18:19:20 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2009/11/07 18:19:20 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2009/11/07 18:19:11 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Java

[2009/11/07 18:17:17 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2009/11/07 18:16:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Downloads

[2009/11/07 18:09:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Temp

[2009/11/07 18:09:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google

[2009/11/07 18:09:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Opera

[2009/11/07 18:09:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Opera

[2009/11/07 18:08:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Apple Computer

[2009/11/07 18:08:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Apple Computer

[2009/11/07 18:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Apple Computer

[2009/11/07 18:08:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Apple

[2009/11/07 18:08:16 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Apple Software Update

[2009/11/07 18:08:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Apple

[2009/11/07 18:07:41 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight

[2009/11/07 18:03:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Battlefield 2

[2009/11/07 17:50:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop\ArQuiVoS

[2009/11/07 17:33:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Macromedia

[2009/11/07 17:33:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Adobe

[2009/11/07 17:31:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla

[2009/11/07 17:31:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Mozilla

[2009/11/07 17:31:14 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Firefox

[2009/11/07 16:45:41 | 00,032,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll

[2009/11/07 16:45:36 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Foxit Software

[2009/11/07 16:45:02 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Works

[2009/11/07 16:44:48 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Visual Studio

[2009/11/07 16:44:48 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\DESIGNER

[2009/11/07 16:44:28 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft.NET

[2009/11/07 16:43:21 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Visual Studio 8

[2009/11/07 16:42:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW

[2009/11/07 16:42:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft Help

[2009/11/07 16:42:52 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Office

[2009/11/07 16:42:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

[2009/11/07 16:42:41 | 00,000,000 | RH-D | C] -- C:\MSOCache

[2009/11/07 16:42:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Ahead

[2009/11/07 16:41:56 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\NeroInstall.bak

[2009/11/07 16:41:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Nero

[2009/11/07 16:38:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

[2009/11/07 16:38:00 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Nero

[2009/11/07 16:38:00 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Nero

[2009/11/07 16:37:15 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll

[2009/11/07 16:37:15 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll

[2009/11/07 16:37:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX

[2009/11/07 16:24:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Stardock

[2009/11/07 16:24:28 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll

[2009/11/07 16:24:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Identities

[2009/11/07 16:24:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Minhas músicas

[2009/11/07 16:24:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Minhas imagens

[2009/11/07 16:24:24 | 00,000,000 | -H-D | C] -- C:\Arquivos de programas\Uninstall Information

[2009/11/07 16:24:15 | 26,768,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009/11/07 16:22:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer

[2009/11/07 16:22:52 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\MSBuild

[2009/11/07 16:22:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us

[2009/11/07 16:22:49 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Reference Assemblies

[2009/11/07 16:22:39 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll

[2009/11/07 16:22:33 | 00,150,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rgb9rast_2.dll

[2009/11/07 16:22:32 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll

[2009/11/07 16:22:32 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll

[2009/11/07 16:22:32 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe

[2009/11/07 16:22:32 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll

[2009/11/07 16:22:32 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll

[2009/11/07 16:22:28 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll

[2009/11/07 16:22:26 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll

[2009/11/07 16:21:57 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Microsoft

[2009/11/07 16:21:57 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft

[2009/11/07 16:21:57 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos

[2009/11/07 16:21:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrador\Meus documentos

[2009/11/07 16:21:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrador\Menu Iniciar

[2009/11/07 16:21:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrador\Favoritos

[2009/11/07 16:21:57 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Administrador\Cookies

[2009/11/07 16:21:57 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrador\Configurações locais

[2009/11/07 16:21:57 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrador\Ambiente de rede

[2009/11/07 16:21:57 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrador\Ambiente de impressão

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Sun

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Real

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Real

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS956.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8B4.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8B3.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8B2.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8B1.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8B0.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8AF.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8AE.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8AD.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS8A5.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS88E.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS7FB.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS7F9.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS7F6.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS7F3.tmp

[2009/11/07 16:21:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\7zS7D7.tmp

[2009/11/07 16:21:56 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrador\SendTo

[2009/11/07 16:21:56 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrador\Modelos

[2009/11/07 16:21:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2009/11/07 16:21:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2009/11/07 16:08:45 | 00,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll

[2009/11/07 16:08:45 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll

[2009/11/07 16:08:45 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll

[2009/11/07 16:08:45 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll

[2009/11/07 16:08:45 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll

[2009/11/07 16:08:45 | 00,031,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys

[2009/11/07 16:08:45 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll

[2009/11/07 16:08:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll

[2009/11/07 16:08:44 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll

[2009/11/07 16:08:44 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll

[2009/11/07 16:08:44 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll

[2009/11/07 16:08:43 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll

[2009/11/07 16:08:43 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys

[2009/11/07 16:08:43 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys

[2009/11/07 16:08:43 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe

[2009/11/07 16:08:42 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll

[2009/11/07 16:08:42 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys

[2009/11/07 16:08:41 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll

[2009/11/07 16:08:41 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll

[2009/11/07 16:08:41 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll

[2009/11/07 16:08:41 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll

[2009/11/07 16:08:40 | 00,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll

[2009/11/07 16:08:40 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll

[2009/11/07 16:08:40 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll

[2009/11/07 16:08:40 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll

[2009/11/07 16:08:40 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll

[2009/11/07 16:08:40 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe

[2009/11/07 16:08:40 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll

[2009/11/07 16:08:40 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe

[2009/11/07 16:08:40 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll

[2009/11/07 16:08:40 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll

[2009/11/07 16:08:39 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe

[2009/11/07 16:08:39 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll

[2009/11/07 16:08:39 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll

[2009/11/07 16:08:39 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll

[2009/11/07 16:08:39 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll

[2009/11/07 16:08:39 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll

[2009/11/07 16:08:39 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll

[2009/11/07 16:08:39 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll

[2009/11/07 16:08:39 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll

[2009/11/07 16:08:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll

[2009/11/07 16:08:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll

[2009/11/07 16:08:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll

[2009/11/07 16:08:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll

[2009/11/07 16:08:39 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll

[2009/11/07 16:08:39 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll

[2009/11/07 16:08:39 | 00,012,800 | ---- | C] (Microsoft Corporation

) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll

[2009/11/07 16:08:39 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll

[2009/11/07 16:08:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll

[2009/11/07 16:08:39 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll

[2009/11/07 16:08:38 | 00,435,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\class_ss.dll

[2009/11/07 16:08:38 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll

[2009/11/07 16:08:34 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll

[2009/11/07 16:08:34 | 00,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2009/11/07 16:08:34 | 00,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2009/11/07 16:08:34 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll

[2009/11/07 16:08:34 | 00,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll

[2009/11/07 16:08:34 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll

[2009/11/07 16:08:34 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll

[2009/11/07 16:08:33 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll

[2009/11/07 16:08:33 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe

[2009/11/07 16:08:33 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe

[2009/11/07 16:08:33 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll

[2009/11/07 16:08:32 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys

[2009/11/07 16:08:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe

[2009/11/07 16:08:32 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe

[2009/11/07 16:08:32 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll

[2009/11/07 16:08:31 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll

[2009/11/07 16:08:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll

[2009/11/07 16:08:31 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll

[2009/11/07 16:08:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll

[2009/11/07 16:08:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll

[2009/11/07 16:08:30 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll

[2009/11/07 16:08:30 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll

[2009/11/07 16:08:30 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll

[2009/11/07 16:08:29 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe

[2009/11/07 16:08:27 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe

[2009/11/07 16:08:23 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe

[2009/11/07 16:08:22 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys

[2009/11/07 16:08:22 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll

[2009/11/07 16:08:22 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll

[2009/11/07 16:08:22 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll

[2009/11/07 16:08:22 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll

[2009/11/07 16:08:22 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll

[2009/11/07 16:08:22 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll

[2009/11/07 16:08:22 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll

[2009/11/07 16:08:22 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll

[2009/11/07 16:08:22 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll

[2009/11/07 16:08:21 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll

[2009/11/07 16:08:20 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll

[2009/11/07 16:08:20 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll

[2009/11/07 16:08:20 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll

[2009/11/07 16:08:20 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll

[2009/11/07 16:08:20 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll

[2009/11/07 16:08:19 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe

[2009/11/07 16:08:19 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll

[2009/11/07 16:08:19 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll

[2009/11/07 16:08:19 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll

[2009/11/07 16:08:19 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe

[2009/11/07 16:08:19 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll

[2009/11/07 16:08:18 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll

[2009/11/07 16:08:18 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll

[2009/11/07 16:08:18 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll

[2009/11/07 16:08:18 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll

[2009/11/07 16:08:18 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll

[2009/11/07 16:08:18 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll

[2009/11/07 16:08:18 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll

[2009/11/07 16:08:18 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll

[2009/11/07 16:08:18 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll

[2009/11/07 16:08:18 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe

[2009/11/07 16:08:18 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll

[2009/11/07 16:08:17 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll

[2009/11/07 16:08:17 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll

[2009/11/07 16:08:16 | 00,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll

[2009/11/07 16:08:16 | 00,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll

[2009/11/07 16:08:16 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll

[2009/11/07 16:08:16 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe

[2009/11/07 16:08:16 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll

[2009/11/07 16:08:16 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll

[2009/11/07 16:08:16 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll

[2009/11/07 16:08:16 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll

[2009/11/07 16:08:16 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll

[2009/11/07 16:08:16 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe

[2009/11/07 16:08:16 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll

[2009/11/07 16:08:16 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll

[2009/11/07 16:08:15 | 00,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll

[2009/11/07 16:08:15 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll

[2009/11/07 16:08:15 | 00,234,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe

[2009/11/07 16:08:15 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe

[2009/11/07 16:08:15 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll

[2009/11/07 16:08:15 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll

[2009/11/07 16:08:15 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll

[2009/11/07 16:08:15 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll

[2009/11/07 16:08:15 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll

[2009/11/07 16:08:15 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll

[2009/11/07 16:08:15 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll

[2009/11/07 16:08:15 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll

[2009/11/07 16:08:15 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll

[2009/11/07 16:08:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll

[2009/11/07 16:08:14 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll

[2009/11/07 16:08:14 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll

[2009/11/07 16:08:14 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe

[2009/11/07 16:08:14 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll

[2009/11/07 16:08:14 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe

[2009/11/07 16:08:14 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe

[2009/11/07 16:08:14 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe

[2009/11/07 16:08:14 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll

[2009/11/07 16:08:13 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll

[2009/11/07 16:08:13 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll

[2009/11/07 16:08:13 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll

[2009/11/07 16:08:13 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll

[2009/11/07 16:08:13 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys

[2009/11/07 16:08:11 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe

[2009/11/07 16:08:10 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe

[2009/11/07 16:08:10 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll

[2009/11/07 16:08:10 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll

[2009/11/07 16:08:10 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll

[2009/11/07 16:08:10 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe

[2009/11/07 16:08:09 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys

[2009/11/07 16:08:09 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe

[2009/11/07 16:08:09 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe

[2009/11/07 16:08:09 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe

[2009/11/07 16:08:09 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe

[2009/11/07 16:08:05 | 00,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll

[2009/11/07 16:08:05 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll

[2009/11/07 16:08:05 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll

[2009/11/07 16:08:05 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll

[2009/11/07 16:08:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll

[2009/11/07 16:08:04 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll

[2009/11/07 16:08:04 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll

[2009/11/07 16:08:04 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll

[2009/11/07 16:08:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll

[2009/11/07 16:08:03 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll

[2009/11/07 16:08:03 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll

[2009/11/07 16:08:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll

[2009/11/07 16:08:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll

[2009/11/07 16:08:01 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll

[2009/11/07 16:08:01 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll

[2009/11/07 16:08:01 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe

[2009/11/07 16:08:01 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll

[2009/11/07 16:08:01 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe

[2009/11/07 16:08:01 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll

[2009/11/07 16:08:01 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll

[2009/11/07 16:07:59 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx

[2009/11/07 16:07:59 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll

[2009/11/07 16:07:59 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll

[2009/11/07 16:07:59 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll

[2009/11/07 16:07:59 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe

[2009/11/07 16:07:58 | 00,837,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll

[2009/11/07 16:07:58 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll

[2009/11/07 16:07:58 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll

[2009/11/07 16:07:58 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll

[2009/11/07 16:07:58 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll

[2009/11/07 16:07:58 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe

[2009/11/07 16:07:58 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe

[2009/11/07 16:07:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll

[2009/11/07 16:07:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll

[2009/11/07 16:07:57 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll

[2009/11/07 16:07:57 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll

[2009/11/07 16:07:57 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe

[2009/11/07 16:07:57 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe

[2009/11/07 16:07:57 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll

[2009/11/07 16:07:57 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe

[2009/11/07 16:07:56 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll

[2009/11/07 16:07:56 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll

[2009/11/07 16:07:56 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll

[2009/11/07 16:07:56 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll

[2009/11/07 16:07:56 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll

[2009/11/07 16:07:56 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll

[2009/11/07 16:07:56 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll

[2009/11/07 16:07:56 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll

[2009/11/07 16:07:56 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll

[2009/11/07 16:07:56 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe

[2009/11/07 16:07:55 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll

[2009/11/07 16:07:55 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx

[2009/11/07 16:07:55 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe

[2009/11/07 16:07:55 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx

[2009/11/07 16:07:55 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx

[2009/11/07 16:07:55 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll

[2009/11/07 16:07:55 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll

[2009/11/07 16:07:55 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll

[2009/11/07 16:07:55 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe

[2009/11/07 16:07:54 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll

[2009/11/07 16:07:54 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe

[2009/11/07 16:07:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

[2009/11/07 16:07:53 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\xerox

[2009/11/07 16:07:53 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Sidebar

[2009/11/07 16:07:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst

[2009/11/07 16:07:53 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\speechengines

[2009/11/07 16:07:53 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\netmeeting

[2009/11/07 16:07:53 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\msn gaming zone

[2009/11/07 16:07:53 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\microsoft frontpage

[2009/11/07 16:07:47 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe

[2009/11/07 16:07:46 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

[2009/11/07 16:07:42 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Alky for Applications

[2009/11/07 16:06:37 | 00,674,010 | ---- | C] (www.coozone.com) -- C:\WINDOWS\System32\BTSe7en2009.scr

[2009/11/07 16:06:36 | 00,000,000 | ---D | C] -- C:\PFiles

[2009/11/07 16:06:34 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\CCleaner

[2009/11/07 16:06:32 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll

[2009/11/07 16:05:47 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly

[2009/11/07 16:05:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp

[2009/11/07 16:05:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET

[2009/11/07 16:05:30 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll

[2009/11/07 16:05:30 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll

[2009/11/07 16:05:30 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll

[2009/11/07 16:05:30 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll

[2009/11/07 16:05:29 | 00,860,160 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm

[2009/11/07 16:05:29 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll

[2009/11/07 16:05:29 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm

[2009/11/07 16:05:29 | 00,081,920 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll

[2009/11/07 16:05:28 | 00,683,520 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll

[2009/11/07 16:05:28 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll

[2009/11/07 16:05:28 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll

[2009/11/07 16:05:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Real

[2009/11/07 16:05:28 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\K-Lite Codec Pack

[2009/11/07 16:05:17 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\WinRAR

[2009/11/07 16:05:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE

[2009/11/07 16:04:46 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft

[2009/11/07 16:04:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

[2009/11/07 16:04:32 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat

[2009/11/07 16:04:32 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll

[2009/11/07 16:04:32 | 01,282,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui

[2009/11/07 16:04:32 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll

[2009/11/07 16:04:32 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe

[2009/11/07 16:04:31 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll

[2009/11/07 16:04:31 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll

[2009/11/07 16:04:31 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll

[2009/11/07 16:04:30 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll

[2009/11/07 16:04:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$

[2009/11/07 16:04:21 | 00,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2009/11/07 16:03:58 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll

[2009/11/07 16:03:27 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM

[2009/11/07 16:03:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Minhas imagens

[2009/11/07 16:03:15 | 00,000,000 | -H-D | C] -- C:\Arquivos de programas\WindowsUpdate

[2009/11/07 16:03:12 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Serviços on-line

[2009/11/07 16:03:03 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe

[2009/11/07 16:03:03 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe

[2009/11/07 16:03:03 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll

[2009/11/07 16:03:03 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll

[2009/11/07 16:03:03 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll

[2009/11/07 16:03:03 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll

[2009/11/07 16:03:02 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll

[2009/11/07 16:03:02 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll

[2009/11/07 16:03:02 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe

[2009/11/07 16:03:02 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe

[2009/11/07 16:03:01 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Serviços

[2009/11/07 16:02:59 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll

[2009/11/07 16:02:59 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll

[2009/11/07 16:02:59 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll

[2009/11/07 16:02:59 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks

[2009/11/07 16:02:58 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll

[2009/11/07 16:02:58 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe

[2009/11/07 16:02:58 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll

[2009/11/07 16:02:58 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll

[2009/11/07 16:02:58 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll

[2009/11/07 16:02:58 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe

[2009/11/07 16:02:58 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\MSSoap

[2009/11/07 16:02:57 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx

[2009/11/07 16:02:56 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll

[2009/11/07 16:02:56 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll

[2009/11/07 16:02:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed

[2009/11/07 16:02:55 | 01,674,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe

[2009/11/07 16:02:55 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe

[2009/11/07 16:02:55 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll

[2009/11/07 16:02:55 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll

[2009/11/07 16:02:55 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll

[2009/11/07 16:02:54 | 01,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll

[2009/11/07 16:02:54 | 01,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll

[2009/11/07 16:02:54 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll

[2009/11/07 16:02:54 | 00,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll

[2009/11/07 16:02:54 | 00,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll

[2009/11/07 16:02:54 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll

[2009/11/07 16:02:54 | 00,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl

[2009/11/07 16:02:54 | 00,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl

[2009/11/07 16:02:54 | 00,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll

[2009/11/07 16:02:54 | 00,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll

[2009/11/07 16:02:54 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll

[2009/11/07 16:02:54 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll

[2009/11/07 16:02:54 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe

[2009/11/07 16:02:54 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe

[2009/11/07 16:02:54 | 00,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe

[2009/11/07 16:02:54 | 00,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe

[2009/11/07 16:02:54 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll

[2009/11/07 16:02:54 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll

[2009/11/07 16:02:54 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll

[2009/11/07 16:02:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll

[2009/11/07 16:02:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll

[2009/11/07 16:02:54 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe

[2009/11/07 16:02:53 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll

[2009/11/07 16:02:53 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll

[2009/11/07 16:02:53 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll

[2009/11/07 16:02:53 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll

[2009/11/07 16:02:53 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll

[2009/11/07 16:02:53 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll

[2009/11/07 16:02:53 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll

[2009/11/07 16:02:53 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll

[2009/11/07 16:02:53 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll

[2009/11/07 16:02:53 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll

[2009/11/07 16:02:53 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll

[2009/11/07 16:02:53 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll

[2009/11/07 16:02:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll

[2009/11/07 16:02:52 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll

[2009/11/07 16:02:51 | 04,274,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll

[2009/11/07 16:02:51 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll

[2009/11/07 16:02:51 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll

[2009/11/07 16:02:51 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll

[2009/11/07 16:02:51 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll

[2009/11/07 16:02:51 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll

[2009/11/07 16:02:50 | 03,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe

[2009/11/07 16:02:50 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Movie Maker

[2009/11/07 16:02:38 | 00,566,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll

[2009/11/07 16:02:38 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll

[2009/11/07 16:02:38 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe

[2009/11/07 16:02:38 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll

[2009/11/07 16:02:38 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe

[2009/11/07 16:02:38 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll

[2009/11/07 16:02:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll

[2009/11/07 16:02:36 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe

[2009/11/07 16:02:35 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll

[2009/11/07 16:02:35 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll

[2009/11/07 16:02:35 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll

[2009/11/07 16:02:35 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll

[2009/11/07 16:02:35 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll

[2009/11/07 16:02:35 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll

[2009/11/07 16:02:35 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll

[2009/11/07 16:02:35 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll

[2009/11/07 16:02:35 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll

[2009/11/07 16:02:35 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll

[2009/11/07 16:02:34 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe

[2009/11/07 16:02:34 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe

[2009/11/07 16:02:33 | 00,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe

[2009/11/07 16:02:33 | 00,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe

[2009/11/07 16:02:32 | 00,382,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe

[2009/11/07 16:02:32 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll

[2009/11/07 16:02:32 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll

[2009/11/07 16:02:32 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll

[2009/11/07 16:02:32 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll

[2009/11/07 16:02:32 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys

[2009/11/07 16:02:32 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys

[2009/11/07 16:02:32 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys

[2009/11/07 16:02:32 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys

[2009/11/07 16:02:32 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll

[2009/11/07 16:02:32 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll

[2009/11/07 16:02:32 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe

[2009/11/07 16:02:32 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe

[2009/11/07 16:02:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll

[2009/11/07 16:02:32 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll

[2009/11/07 16:02:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore

[2009/11/07 16:02:31 | 00,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll

[2009/11/07 16:02:31 | 00,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll

[2009/11/07 16:02:31 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll

[2009/11/07 16:02:31 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll

[2009/11/07 16:02:31 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll

[2009/11/07 16:02:31 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll

[2009/11/07 16:02:31 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll

[2009/11/07 16:02:31 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll

[2009/11/07 16:02:31 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe

[2009/11/07 16:02:31 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll

[2009/11/07 16:02:31 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe

[2009/11/07 16:02:30 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll

[2009/11/07 16:02:30 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll

[2009/11/07 16:02:30 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll

[2009/11/07 16:02:30 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll

[2009/11/07 16:02:30 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe

[2009/11/07 16:02:30 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll

[2009/11/07 16:02:30 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll

[2009/11/07 16:02:29 | 02,512,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll

[2009/11/07 16:02:29 | 00,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll

[2009/11/07 16:02:29 | 00,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll

[2009/11/07 16:02:29 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll

[2009/11/07 16:02:29 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll

[2009/11/07 16:02:29 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe

[DaniieL™ 0]

OTL.Txt PT 2

 

-----------------------------------------------------------------------------------------------------------------

 

[2009/11/07 16:02:29 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe

[2009/11/07 16:02:29 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll

[2009/11/07 16:02:29 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe

[2009/11/07 16:02:29 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe

[2009/11/07 16:02:29 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Outlook Express

[2009/11/07 16:02:28 | 00,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll

[2009/11/07 16:02:28 | 00,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll

[2009/11/07 16:02:28 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll

[2009/11/07 16:02:28 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll

[2009/11/07 16:02:28 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll

[2009/11/07 16:02:28 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll

[2009/11/07 16:02:28 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll

[2009/11/07 16:02:28 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll

[2009/11/07 16:02:27 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe

[2009/11/07 16:02:27 | 00,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll

[2009/11/07 16:02:27 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe

[2009/11/07 16:02:27 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll

[2009/11/07 16:02:27 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll

[2009/11/07 16:02:27 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll

[2009/11/07 16:02:27 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe

[2009/11/07 16:02:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe

[2009/11/07 16:02:26 | 00,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll

[2009/11/07 16:02:26 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll

[2009/11/07 16:02:26 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll

[2009/11/07 16:02:26 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll

[2009/11/07 16:02:26 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll

[2009/11/07 16:02:26 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll

[2009/11/07 16:02:26 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll

[2009/11/07 16:02:25 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll

[2009/11/07 16:02:25 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll

[2009/11/07 16:02:25 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll

[2009/11/07 16:02:25 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll

[2009/11/07 16:02:25 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll

[2009/11/07 16:02:25 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll

[2009/11/07 16:02:25 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb

[2009/11/07 16:02:25 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb

[2009/11/07 16:02:25 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb

[2009/11/07 16:02:25 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb

[2009/11/07 16:02:25 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb

[2009/11/07 16:02:25 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll

[2009/11/07 16:02:25 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll

[2009/11/07 16:02:25 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll

[2009/11/07 16:02:25 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll

[2009/11/07 16:02:25 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll

[2009/11/07 16:02:25 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll

[2009/11/07 16:02:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll

[2009/11/07 16:02:25 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll

[2009/11/07 16:02:25 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll

[2009/11/07 16:02:25 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll

[2009/11/07 16:02:25 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll

[2009/11/07 16:02:25 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll

[2009/11/07 16:02:24 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll

[2009/11/07 16:02:24 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll

[2009/11/07 16:02:24 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll

[2009/11/07 16:02:24 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll

[2009/11/07 16:02:24 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll

[2009/11/07 16:02:24 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll

[2009/11/07 16:02:24 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll

[2009/11/07 16:02:24 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll

[2009/11/07 16:02:24 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll

[2009/11/07 16:02:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll

[2009/11/07 16:02:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll

[2009/11/07 16:02:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll

[2009/11/07 16:02:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll

[2009/11/07 16:02:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll

[2009/11/07 16:02:23 | 00,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe

[2009/11/07 16:02:23 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll

[2009/11/07 16:02:23 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx

[2009/11/07 16:02:23 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe

[2009/11/07 16:02:23 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll

[2009/11/07 16:02:23 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\System

[2009/11/07 16:02:23 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

[2009/11/07 16:02:22 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Internet Explorer

[2009/11/07 16:01:56 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\ComPlus Applications

[2009/11/07 16:01:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration

[2009/11/07 16:01:36 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Media Connect 2

[2009/11/07 16:01:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe

[2009/11/07 16:01:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe

[2009/11/07 16:01:35 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Media Player

[2009/11/07 16:01:29 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe

[2009/11/07 16:01:29 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe

[2009/11/07 16:01:29 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll

[2009/11/07 16:01:29 | 00,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll

[2009/11/07 16:01:28 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll

[2009/11/07 16:01:28 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll

[2009/11/07 16:01:28 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll

[2009/11/07 16:01:28 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll

[2009/11/07 16:01:28 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe

[2009/11/07 16:01:28 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe

[2009/11/07 16:01:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll

[2009/11/07 16:01:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll

[2009/11/07 16:01:23 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll

[2009/11/07 16:01:23 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll

[2009/11/07 16:01:23 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe

[2009/11/07 16:01:23 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe

[2009/11/07 16:01:23 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe

[2009/11/07 16:01:23 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe

[2009/11/07 16:01:23 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe

[2009/11/07 16:01:23 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe

[2009/11/07 16:01:23 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe

[2009/11/07 16:01:23 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe

[2009/11/07 16:01:22 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe

[2009/11/07 16:01:22 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe

[2009/11/07 16:01:22 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe

[2009/11/07 16:01:22 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe

[2009/11/07 16:01:22 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe

[2009/11/07 16:01:22 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe

[2009/11/07 16:01:22 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe

[2009/11/07 16:01:22 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe

[2009/11/07 16:01:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe

[2009/11/07 16:01:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe

[2009/11/07 16:01:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe

[2009/11/07 16:01:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe

[2009/11/07 16:01:22 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe

[2009/11/07 16:01:22 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe

[2009/11/07 16:01:22 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe

[2009/11/07 16:01:22 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe

[2009/11/07 16:01:22 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe

[2009/11/07 16:01:22 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe

[2009/11/07 16:01:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe

[2009/11/07 16:01:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe

[2009/11/07 16:01:22 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll

[2009/11/07 16:01:22 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll

[2009/11/07 16:01:21 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe

[2009/11/07 16:01:21 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe

[2009/11/07 16:01:21 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe

[2009/11/07 16:01:21 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe

[2009/11/07 16:01:21 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb

[2009/11/07 16:01:21 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe

[2009/11/07 16:01:21 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe

[2009/11/07 16:01:21 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe

[2009/11/07 16:01:21 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe

[2009/11/07 16:01:21 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll

[2009/11/07 16:01:21 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll

[2009/11/07 16:01:20 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll

[2009/11/07 16:01:18 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll

[2009/11/07 16:01:18 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll

[2009/11/07 16:01:18 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb

[2009/11/07 16:01:18 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll

[2009/11/07 16:01:18 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll

[2009/11/07 16:01:18 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe

[2009/11/07 16:01:17 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll

[2009/11/07 16:01:17 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll

[2009/11/07 16:01:17 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll

[2009/11/07 16:01:17 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll

[2009/11/07 16:01:17 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll

[2009/11/07 16:01:17 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll

[2009/11/07 16:01:17 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll

[2009/11/07 16:01:17 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb

[2009/11/07 16:01:17 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe

[2009/11/07 16:01:17 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll

[2009/11/07 16:01:16 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe

[2009/11/07 16:01:16 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe

[2009/11/07 16:01:16 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe

[2009/11/07 16:01:16 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe

[2009/11/07 16:01:16 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe

[2009/11/07 16:01:16 | 00,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe

[2009/11/07 16:01:16 | 00,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe

[2009/11/07 16:01:16 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl

[2009/11/07 16:01:16 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl

[2009/11/07 16:01:15 | 00,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe

[2009/11/07 16:01:15 | 00,352,768 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll

[2009/11/07 16:01:15 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe

[2009/11/07 16:01:15 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe

[2009/11/07 16:01:15 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe

[2009/11/07 16:01:15 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe

[2009/11/07 16:01:15 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Windows NT

[2009/11/07 16:01:14 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe

[2009/11/07 16:01:14 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe

[2009/11/07 16:01:14 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys

[2009/11/07 16:01:14 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys

[2009/11/07 16:01:14 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll

[2009/11/07 16:01:14 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll

[2009/11/07 16:01:14 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll

[2009/11/07 16:01:14 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll

[2009/11/07 16:01:14 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys

[2009/11/07 16:01:14 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys

[2009/11/07 16:01:14 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys

[2009/11/07 16:01:14 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys

[2009/11/07 16:01:13 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll

[2009/11/07 16:01:13 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll

[2009/11/07 16:01:13 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe

[2009/11/07 16:01:13 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe

[2009/11/07 16:01:13 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll

[2009/11/07 16:01:13 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll

[2009/11/07 16:01:13 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll

[2009/11/07 16:01:13 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll

[2009/11/07 16:01:13 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll

[2009/11/07 16:01:13 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll

[2009/11/07 16:01:13 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe

[2009/11/07 16:01:13 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe

[2009/11/07 16:01:12 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll

[2009/11/07 16:01:12 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll

[2009/11/07 16:01:12 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll

[2009/11/07 16:01:12 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll

[2009/11/07 16:01:12 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll

[2009/11/07 16:01:12 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll

[2009/11/07 16:01:12 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe

[2009/11/07 16:01:12 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe

[2009/11/07 16:01:12 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll

[2009/11/07 16:01:12 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll

[2009/11/07 16:01:12 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe

[2009/11/07 16:01:12 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe

[2009/11/07 16:01:12 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe

[2009/11/07 16:01:12 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe

[2009/11/07 16:01:12 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll

[2009/11/07 16:01:12 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll

[2009/11/07 16:01:12 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe

[2009/11/07 16:01:12 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe

[2009/11/07 16:01:12 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll

[2009/11/07 16:01:12 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll

[2009/11/07 16:01:12 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll

[2009/11/07 16:01:12 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll

[2009/11/07 16:01:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc

[2009/11/07 16:01:11 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll

[2009/11/07 16:01:11 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll

[2009/11/07 16:01:11 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll

[2009/11/07 16:01:11 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll

[2009/11/07 16:01:11 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll

[2009/11/07 16:01:11 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll

[2009/11/07 16:01:11 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll

[2009/11/07 16:01:11 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll

[2009/11/07 16:01:11 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll

[2009/11/07 16:01:11 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll

[2009/11/07 16:01:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe

[2009/11/07 16:01:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe

[2009/11/07 16:01:10 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll

[2009/11/07 16:01:10 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll

[2009/11/07 16:01:10 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll

[2009/11/07 16:01:10 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll

[2009/11/07 16:01:10 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll

[2009/11/07 16:01:10 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll

[2009/11/07 16:01:10 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll

[2009/11/07 16:01:10 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll

[2009/11/07 16:01:10 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll

[2009/11/07 16:01:10 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll

[2009/11/07 16:01:10 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll

[2009/11/07 16:01:10 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll

[2009/11/07 16:01:10 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll

[2009/11/07 16:01:10 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll

[2009/11/07 16:01:10 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll

[2009/11/07 16:01:10 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe

[2009/11/07 16:01:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe

[2009/11/07 16:01:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe

[2009/11/07 16:01:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe

[2009/11/07 16:01:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll

[2009/11/07 16:01:10 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll

[2009/11/07 16:01:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com

[2009/11/07 16:01:09 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll

[2009/11/07 16:01:09 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll

[2009/11/07 16:01:09 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll

[2009/11/07 16:01:09 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll

[2009/11/07 16:01:09 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll

[2009/11/07 16:01:09 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll

[2009/11/07 16:01:09 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll

[2009/11/07 16:01:09 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll

[2009/11/07 16:01:09 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll

[2009/11/07 16:01:09 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll

[2009/11/07 16:01:09 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll

[2009/11/07 16:01:09 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll

[2009/11/07 16:01:08 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll

[2009/11/07 16:01:08 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll

[2009/11/07 16:01:07 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll

[2009/11/07 16:01:07 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe

[2009/11/07 16:01:07 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll

[2009/11/07 16:01:07 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll

[2009/11/07 16:01:07 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll

[2009/11/07 16:01:07 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll

[2009/11/07 16:01:07 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll

[2009/11/07 16:01:07 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll

[2009/11/07 16:01:07 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll

[2009/11/07 16:01:07 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll

[2009/11/07 16:01:06 | 00,531,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll

[2009/11/07 16:01:06 | 00,365,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe

[2009/11/07 16:01:06 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll

[2009/11/07 16:01:06 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll

[2009/11/07 16:01:06 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll

[2009/11/07 16:01:06 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll

[2009/11/07 16:01:06 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe

[2009/11/07 16:01:06 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll

[2009/11/07 16:01:06 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll

[2009/11/07 16:01:06 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll

[2009/11/07 16:01:06 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe

[2009/11/07 16:01:06 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe

[2009/11/07 16:01:06 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll

[2009/11/07 16:01:06 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll

[2009/11/07 16:01:06 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll

[2009/11/07 16:01:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll

[2009/11/07 16:01:06 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll

[2009/11/07 16:01:06 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll

[2009/11/07 16:01:05 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll

[2009/11/07 16:01:05 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll

[2009/11/07 16:01:05 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll

[2009/11/07 16:01:05 | 00,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll

[2009/11/07 16:01:05 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll

[2009/11/07 16:01:05 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll

[2009/11/07 16:01:05 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll

[2009/11/07 16:01:05 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe

[2009/11/07 16:01:05 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll

[2009/11/07 16:01:05 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe

[2009/11/07 16:01:04 | 01,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll

[2009/11/07 16:01:04 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll

[2009/11/07 16:01:04 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll

[2009/11/07 16:01:04 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll

[2009/11/07 16:01:04 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll

[2009/11/07 16:01:04 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll

[2009/11/07 16:01:03 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll

[2009/11/07 16:01:03 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll

[2009/11/07 16:01:03 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll

[2009/11/07 16:01:03 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll

[2009/11/07 16:01:03 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll

[2009/11/07 16:01:03 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll

[2009/11/07 16:00:59 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys

[2009/11/07 16:00:59 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys

[2009/11/07 16:00:58 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Meus vídeos

[2009/11/07 11:00:14 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys

[2009/11/07 10:59:46 | 00,058,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys

[2009/11/07 10:59:03 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll

[2009/11/07 10:57:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos\Minhas músicas

[2009/11/07 10:57:45 | 00,000,000 | R--D | C] -- C:\Arquivos de programas

[2009/11/07 10:57:45 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer

[2009/11/07 10:57:45 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\ODBC

[2009/11/07 10:57:45 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns

[2009/11/07 10:57:41 | 00,036,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dosapp.fon

[2009/11/07 10:57:38 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll

[2009/11/07 10:57:38 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll

[2009/11/07 10:57:38 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll

[2009/11/07 10:57:38 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll

[2009/11/07 10:57:38 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll

[2009/11/07 10:57:38 | 00,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll

[2009/11/07 10:57:38 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll

[2009/11/07 10:57:38 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll

[2009/11/07 10:57:38 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV

[2009/11/07 10:57:38 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll

[2009/11/07 10:57:38 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll

[2009/11/07 10:57:38 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV

[2009/11/07 10:57:37 | 00,127,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL

[2009/11/07 10:57:37 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL

[2009/11/07 10:57:37 | 00,073,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV

[2009/11/07 10:57:37 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV

[2009/11/07 10:57:37 | 00,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV

[2009/11/07 10:57:37 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL

[2009/11/07 10:57:37 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL

[2009/11/07 10:57:37 | 00,009,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL

[2009/11/07 10:57:37 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL

[2009/11/07 10:57:37 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV

[2009/11/07 10:57:37 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV

[2009/11/07 10:57:37 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV

[2009/11/07 10:57:37 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV

[2009/11/07 10:57:37 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV

[2009/11/07 10:57:37 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK

[2009/11/07 10:57:36 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV

[2009/11/07 10:57:36 | 00,109,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL

[2009/11/07 10:57:36 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL

[2009/11/07 10:57:36 | 00,033,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL

[2009/11/07 10:57:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE

[2009/11/07 10:57:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe

[2009/11/07 10:57:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys

[2009/11/07 10:57:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys

[2009/11/07 10:57:36 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL

[2009/11/07 10:57:36 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll

[2009/11/07 10:57:36 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll

[2009/11/07 10:57:35 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll

[2009/11/07 10:57:35 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE

[2009/11/07 10:57:35 | 00,070,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL

[2009/11/07 10:57:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Iniciar

[2009/11/07 10:57:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documentos

[2009/11/07 10:57:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modelos

[2009/11/07 10:57:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoritos

[2009/11/07 10:57:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop

[2009/11/07 10:57:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2

[2009/11/07 10:57:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot

[2009/11/07 10:57:14 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

[2009/11/07 10:57:14 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos

[2009/11/07 10:57:01 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\devcon.exe

[2009/11/07 10:56:42 | 00,117,888 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys

[2009/11/07 10:56:41 | 00,009,728 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\RtNicProp32.dll

[2009/11/07 10:56:36 | 00,000,000 | ---D | C] -- C:\D

[2009/11/07 10:56:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings

[2009/11/07 10:56:28 | 00,000,000 | -HSD | C] -- C:\System Volume Information

[2009/11/07 10:53:26 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files

[2009/11/07 10:53:26 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts

[2009/11/07 10:53:26 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache

[2009/11/07 10:53:26 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web

[2009/11/07 10:53:26 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\system

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\security

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\NLDRV

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\java

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1046

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028

[2009/11/07 10:53:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

[2009/11/07 05:15:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos

[2009/11/07 05:07:22 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Messenger Plus! Live

[2009/11/07 04:39:00 | 02,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe

[2009/11/07 04:39:00 | 02,149,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe

[2009/11/07 04:39:00 | 02,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe

[2009/11/07 04:34:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Tracing

[2009/11/07 04:32:34 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll

[2009/11/07 04:30:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\microsoft

[2009/11/07 04:30:50 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Windows Live SkyDrive

[2009/11/07 04:12:07 | 00,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll

[2009/11/07 04:12:07 | 00,215,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll

[2009/11/07 04:12:07 | 00,017,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui

[16 C:\Documents and Settings\Administrador\*.tmp files -> C:\Documents and Settings\Administrador\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2009/11/25 15:49:22 | 00,531,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Desktop\OTL.exe

[2009/11/25 15:32:08 | 00,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009/11/25 15:31:48 | 00,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Orbit.lnk

[2009/11/25 15:31:43 | 00,182,441 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2009/11/25 15:31:40 | 00,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2009/11/25 15:31:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009/11/25 15:31:33 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009/11/25 15:04:00 | 00,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2009/11/25 12:43:20 | 04,763,984 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009/11/25 12:43:19 | 60,326,3008 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/11/25 12:42:55 | 00,000,210 | -HS- | M] () -- C:\Documents and Settings\Administrador\ntuser.ini

[2009/11/25 12:42:54 | 05,218,304 | ---- | M] () -- C:\Documents and Settings\Administrador\ntuser.dat

[2009/11/24 23:43:55 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2009/11/23 22:50:27 | 00,001,910 | ---- | M] () -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-NG786.lnk

[2009/11/23 22:41:35 | 00,254,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009/11/23 21:42:01 | 00,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2009/11/23 19:13:44 | 00,118,526 | ---- | M] () -- C:\WINDOWS\hpoins11.dat

[2009/11/23 19:13:42 | 00,000,698 | ---- | M] () -- C:\WINDOWS\win.ini

[2009/11/23 19:08:46 | 04,190,872 | -H-- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\IconCache.db

[2009/11/23 16:06:41 | 00,007,168 | -H-- | M] () -- C:\Documents and Settings\Administrador\Desktop\photothumb.db

[2009/11/23 15:31:29 | 00,000,769 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2009/11/21 13:07:56 | 01,077,652 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/11/21 13:07:56 | 00,474,016 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat

[2009/11/21 13:07:56 | 00,438,614 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009/11/21 13:07:56 | 00,081,198 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat

[2009/11/21 13:07:56 | 00,069,790 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009/11/19 16:52:03 | 00,066,304 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT

[2009/11/18 02:56:41 | 00,055,208 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys

[2009/11/18 02:56:39 | 00,070,408 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys

[2009/11/18 02:56:12 | 00,207,792 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2009/11/18 00:37:50 | 00,002,100 | ---- | M] () -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-DNHML.lnk

[2009/11/17 13:17:22 | 04,710,400 | ---- | M] () -- C:\Documents and Settings\Administrador\s-1-5-21-1390067357-796845957-682003330-500.rrr

[2009/11/16 00:50:47 | 00,000,468 | ---- | M] () -- C:\WINDOWS\System32\BIN_STRSBW.SPT

[2009/11/14 21:00:12 | 00,217,718 | ---- | M] () -- C:\WINDOWS\System32\reboot.exe

[2009/11/14 19:53:08 | 00,012,288 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_prot.sys

[2009/11/13 16:43:40 | 00,002,100 | ---- | M] () -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-U4SAE.lnk

[2009/11/13 01:05:44 | 00,072,774 | ---- | M] (Jordan Russell) -- C:\WINDOWS\unins000.exe

[2009/11/13 01:05:44 | 00,001,099 | ---- | M] () -- C:\WINDOWS\unins000.dat

[2009/11/11 06:59:50 | 00,001,871 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\WinDoWs LiVe MeSSenGeR.lnk

[2009/11/11 06:11:05 | 00,000,977 | ---- | M] () -- C:\Documents and Settings\Administrador\Meus documentos\As Minhas Pastas Partilhadas.lnk

[2009/11/09 17:05:50 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav

[2009/11/09 17:05:50 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav

[2009/11/09 15:08:26 | 00,055,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2009/11/09 15:08:26 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2009/11/08 11:57:31 | 00,118,954 | ---- | M] () -- C:\WINDOWS\hpoins11.dat.temp

[2009/11/08 11:56:52 | 00,000,773 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP PhoTosMarT eSSenTiaL.lnk

[2009/11/08 11:52:38 | 00,001,848 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk

[2009/11/08 11:51:52 | 00,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP PhoTosMarT eXpReSS.lnk

[2009/11/08 10:19:37 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/11/07 22:43:22 | 00,008,576 | ---- | M] (Panda Software International) -- C:\WINDOWS\System32\drivers\luxxgtwyefvc.sys

[2009/11/07 22:23:28 | 00,000,969 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\ReaLpLaYeR SP.lnk

[2009/11/07 22:23:22 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll

[2009/11/07 22:23:08 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll

[2009/11/07 22:23:08 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll

[2009/11/07 22:22:36 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll

[2009/11/07 22:22:36 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll

[2009/11/07 22:22:36 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll

[2009/11/07 22:05:17 | 00,093,360 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys

[2009/11/07 21:21:47 | 00,011,264 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/11/07 20:52:18 | 00,000,843 | ---- | M] () -- C:\Documents and Settings\Administrador\Desktop\InTeRneT eXpLoReR.lnk

[2009/11/07 19:41:38 | 00,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat

[2009/11/07 19:37:04 | 00,041,996 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

[2009/11/07 19:28:54 | 00,000,552 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GeoTeCneT.lnk

[2009/11/07 19:21:08 | 00,000,245 | -HS- | M] () -- C:\boot.ini

[2009/11/07 19:16:47 | 00,001,024 | ---- | M] () -- C:\Documents and Settings\Administrador\.rnd

[2009/11/07 19:16:33 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini

[2009/11/07 19:09:25 | 00,000,127 | ---- | M] () -- C:\Documents and Settings\Administrador\default.pls

[2009/11/07 17:31:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat

[2009/11/07 17:31:15 | 00,001,674 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MoZiLLa FiReFoX.lnk

[2009/11/07 16:09:37 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD

[2009/11/07 16:09:03 | 00,000,982 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2009/11/07 16:04:10 | 00,002,969 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2009/11/07 16:04:10 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2009/11/07 16:04:10 | 00,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/11/07 16:04:10 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini

[2009/11/07 16:04:10 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2009/11/07 16:04:10 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2009/11/07 16:04:06 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2009/11/07 16:04:06 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2009/11/07 16:04:05 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2009/11/07 16:03:58 | 00,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2009/11/07 16:03:21 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2009/11/07 16:03:21 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2009/11/07 16:02:04 | 00,021,844 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009/11/07 16:01:54 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini

[2009/11/07 16:01:54 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini

[2009/11/07 10:57:49 | 00,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF

[2009/11/07 10:57:43 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini

[2009/11/07 04:32:02 | 00,000,977 | ---- | M] () -- C:\Documents and Settings\Administrador\Meus documentos\Minhas Pastas de Compartilhamento.lnk

[2009/11/05 15:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009/10/30 14:11:00 | 00,233,136 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2009/10/28 13:07:15 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe

[16 C:\Documents and Settings\Administrador\*.tmp files -> C:\Documents and Settings\Administrador\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2009/11/24 23:43:54 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2009/11/23 22:50:27 | 00,001,910 | ---- | C] () -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-NG786.lnk

[2009/11/23 18:22:09 | 00,118,954 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp

[2009/11/23 18:22:08 | 00,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp

[2009/11/23 15:55:15 | 05,218,304 | ---- | C] () -- C:\Documents and Settings\Administrador\ntuser.dat

[2009/11/17 20:38:10 | 00,002,100 | ---- | C] () -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-DNHML.lnk

[2009/11/17 13:17:21 | 04,710,400 | ---- | C] () -- C:\Documents and Settings\Administrador\s-1-5-21-1390067357-796845957-682003330-500.rrr

[2009/11/15 00:12:37 | 00,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Orbit.lnk

[2009/11/15 00:09:50 | 00,000,468 | ---- | C] () -- C:\WINDOWS\System32\BIN_STRSBW.SPT

[2009/11/14 21:00:12 | 00,217,718 | ---- | C] () -- C:\WINDOWS\System32\reboot.exe

[2009/11/14 19:53:08 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_prot.sys

[2009/11/14 00:29:04 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat

[2009/11/14 00:29:04 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat

[2009/11/14 00:29:03 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat

[2009/11/14 00:28:47 | 00,007,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.cat

[2009/11/14 00:28:47 | 00,007,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-DNS.cat

[2009/11/14 00:28:45 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplfw.cat

[2009/11/13 01:06:30 | 14,393,344 | ---- | C] () -- C:\WINDOWS\NVIDIA Logo.scr

[2009/11/13 01:05:43 | 00,001,099 | ---- | C] () -- C:\WINDOWS\unins000.dat

[2009/11/11 19:17:50 | 00,002,100 | ---- | C] () -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-U4SAE.lnk

[2009/11/11 19:17:39 | 60,326,3008 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/11/11 19:17:39 | 04,763,984 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009/11/11 06:59:50 | 00,001,871 | ---- | C] () -- C:\Documents and Settings\Administrador\Desktop\WinDoWs LiVe MeSSenGeR.lnk

[2009/11/11 06:11:05 | 00,000,977 | ---- | C] () -- C:\Documents and Settings\Administrador\Meus documentos\As Minhas Pastas Partilhadas.lnk

[2009/11/09 17:05:50 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav

[2009/11/09 17:05:49 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav

[2009/11/09 17:00:47 | 00,182,441 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml

[2009/11/09 17:00:47 | 00,059,261 | R--- | C] () -- C:\WINDOWS\System32\nvmobcht.chm

[2009/11/09 17:00:46 | 00,213,493 | R--- | C] () -- C:\WINDOWS\System32\nvdspcht.chm

[2009/11/09 17:00:46 | 00,139,792 | R--- | C] () -- C:\WINDOWS\System32\nv3dcht.chm

[2009/11/09 17:00:45 | 00,124,817 | R--- | C] () -- C:\WINDOWS\System32\nvcplcht.chm

[2009/11/09 17:00:44 | 00,134,133 | R--- | C] () -- C:\WINDOWS\System32\nv3dchs.chm

[2009/11/09 17:00:44 | 00,058,607 | R--- | C] () -- C:\WINDOWS\System32\nvmobchs.chm

[2009/11/09 17:00:43 | 00,219,669 | R--- | C] () -- C:\WINDOWS\System32\nvdspchs.chm

[2009/11/09 17:00:43 | 00,124,229 | R--- | C] () -- C:\WINDOWS\System32\nvcplchs.chm

[2009/11/09 17:00:42 | 00,057,450 | R--- | C] () -- C:\WINDOWS\System32\nvmobtrk.chm

[2009/11/09 17:00:41 | 00,210,720 | R--- | C] () -- C:\WINDOWS\System32\nvdsptrk.chm

[2009/11/09 17:00:41 | 00,133,761 | R--- | C] () -- C:\WINDOWS\System32\nv3dtrk.chm

[2009/11/09 17:00:40 | 00,126,892 | R--- | C] () -- C:\WINDOWS\System32\nvcpltrk.chm

[2009/11/09 17:00:39 | 00,137,045 | R--- | C] () -- C:\WINDOWS\System32\nv3dtha.chm

[2009/11/09 17:00:39 | 00,059,225 | R--- | C] () -- C:\WINDOWS\System32\nvmobtha.chm

[2009/11/09 17:00:38 | 00,220,312 | R--- | C] () -- C:\WINDOWS\System32\nvdsptha.chm

[2009/11/09 17:00:38 | 00,128,148 | R--- | C] () -- C:\WINDOWS\System32\nvcpltha.chm

[2009/11/09 17:00:37 | 00,055,693 | R--- | C] () -- C:\WINDOWS\System32\nvmobsve.chm

[2009/11/09 17:00:36 | 00,195,910 | R--- | C] () -- C:\WINDOWS\System32\nvdspsve.chm

[2009/11/09 17:00:36 | 00,118,734 | R--- | C] () -- C:\WINDOWS\System32\nv3dsve.chm

[2009/11/09 17:00:35 | 00,122,675 | R--- | C] () -- C:\WINDOWS\System32\nvcplsve.chm

[2009/11/09 17:00:34 | 00,128,913 | R--- | C] () -- C:\WINDOWS\System32\nv3dslv.chm

[2009/11/09 17:00:34 | 00,057,380 | R--- | C] () -- C:\WINDOWS\System32\nvmobslv.chm

[2009/11/09 17:00:33 | 00,206,105 | R--- | C] () -- C:\WINDOWS\System32\nvdspslv.chm

[2009/11/09 17:00:33 | 00,124,964 | R--- | C] () -- C:\WINDOWS\System32\nvcplslv.chm

[2009/11/09 17:00:32 | 00,057,545 | R--- | C] () -- C:\WINDOWS\System32\nvmobsky.chm

[2009/11/09 17:00:31 | 00,217,076 | R--- | C] () -- C:\WINDOWS\System32\nvdspsky.chm

[2009/11/09 17:00:31 | 00,129,499 | R--- | C] () -- C:\WINDOWS\System32\nv3dsky.chm

[2009/11/09 17:00:30 | 00,126,105 | R--- | C] () -- C:\WINDOWS\System32\nvcplsky.chm

[2009/11/09 17:00:29 | 00,126,976 | R--- | C] () -- C:\WINDOWS\System32\nv3drus.chm

[2009/11/09 17:00:29 | 00,057,339 | R--- | C] () -- C:\WINDOWS\System32\nvmobrus.chm

[2009/11/09 17:00:28 | 00,214,210 | R--- | C] () -- C:\WINDOWS\System32\nvdsprus.chm

[2009/11/09 17:00:28 | 00,125,181 | R--- | C] () -- C:\WINDOWS\System32\nvcplrus.chm

[2009/11/09 17:00:26 | 00,189,104 | R--- | C] () -- C:\WINDOWS\System32\nvdspptb.chm

[2009/11/09 17:00:26 | 00,118,410 | R--- | C] () -- C:\WINDOWS\System32\nv3dptb.chm

[2009/11/09 17:00:26 | 00,055,946 | R--- | C] () -- C:\WINDOWS\System32\nvmobptb.chm

[2009/11/09 17:00:25 | 00,124,078 | R--- | C] () -- C:\WINDOWS\System32\nvcplptb.chm

[2009/11/09 17:00:24 | 00,129,550 | R--- | C] () -- C:\WINDOWS\System32\nv3dptg.chm

[2009/11/09 17:00:24 | 00,055,845 | R--- | C] () -- C:\WINDOWS\System32\nvmobptg.chm

[2009/11/09 17:00:23 | 00,194,380 | R--- | C] () -- C:\WINDOWS\System32\nvdspptg.chm

[2009/11/09 17:00:23 | 00,124,044 | R--- | C] () -- C:\WINDOWS\System32\nvcplptg.chm

[2009/11/09 17:00:21 | 00,130,245 | R--- | C] () -- C:\WINDOWS\System32\nv3dplk.chm

[2009/11/09 17:00:21 | 00,057,376 | R--- | C] () -- C:\WINDOWS\System32\nvmobplk.chm

[2009/11/09 17:00:20 | 00,205,816 | R--- | C] () -- C:\WINDOWS\System32\nvdspplk.chm

[2009/11/09 17:00:20 | 00,124,019 | R--- | C] () -- C:\WINDOWS\System32\nvcplplk.chm

[2009/11/09 17:00:19 | 00,119,706 | R--- | C] () -- C:\WINDOWS\System32\nv3dnor.chm

[2009/11/09 17:00:19 | 00,055,525 | R--- | C] () -- C:\WINDOWS\System32\nvmobnor.chm

[2009/11/09 17:00:18 | 00,189,041 | R--- | C] () -- C:\WINDOWS\System32\nvdspnor.chm

[2009/11/09 17:00:18 | 00,120,026 | R--- | C] () -- C:\WINDOWS\System32\nvcplnor.chm

[2009/11/09 17:00:16 | 00,189,364 | R--- | C] () -- C:\WINDOWS\System32\nvdspnld.chm

[2009/11/09 17:00:16 | 00,118,401 | R--- | C] () -- C:\WINDOWS\System32\nv3dnld.chm

[2009/11/09 17:00:16 | 00,055,475 | R--- | C] () -- C:\WINDOWS\System32\nvmobnld.chm

[2009/11/09 17:00:15 | 00,122,809 | R--- | C] () -- C:\WINDOWS\System32\nvcplnld.chm

[2009/11/09 17:00:14 | 00,132,251 | R--- | C] () -- C:\WINDOWS\System32\nv3dkor.chm

[2009/11/09 17:00:14 | 00,059,061 | R--- | C] () -- C:\WINDOWS\System32\nvmobkor.chm

[2009/11/09 17:00:13 | 00,224,281 | R--- | C] () -- C:\WINDOWS\System32\nvdspkor.chm

[2009/11/09 17:00:12 | 00,124,741 | R--- | C] () -- C:\WINDOWS\System32\nvcplkor.chm

[2009/11/09 17:00:11 | 00,144,421 | R--- | C] () -- C:\WINDOWS\System32\nv3djpn.chm

[2009/11/09 17:00:11 | 00,060,357 | R--- | C] () -- C:\WINDOWS\System32\nvmobjpn.chm

[2009/11/09 17:00:10 | 00,251,599 | R--- | C] () -- C:\WINDOWS\System32\nvdspjpn.chm

[2009/11/09 17:00:10 | 00,129,704 | R--- | C] () -- C:\WINDOWS\System32\nvcpljpn.chm

[2009/11/09 17:00:09 | 00,056,175 | R--- | C] () -- C:\WINDOWS\System32\nvmobita.chm

[2009/11/09 17:00:08 | 00,201,378 | R--- | C] () -- C:\WINDOWS\System32\nvdspita.chm

[2009/11/09 17:00:08 | 00,121,053 | R--- | C] () -- C:\WINDOWS\System32\nv3dita.chm

[2009/11/09 17:00:07 | 00,124,148 | R--- | C] () -- C:\WINDOWS\System32\nvcplita.chm

[2009/11/09 17:00:06 | 00,131,070 | R--- | C] () -- C:\WINDOWS\System32\nv3dhun.chm

[2009/11/09 17:00:06 | 00,057,512 | R--- | C] () -- C:\WINDOWS\System32\nvmobhun.chm

[2009/11/09 17:00:05 | 00,203,902 | R--- | C] () -- C:\WINDOWS\System32\nvdsphun.chm

[2009/11/09 17:00:05 | 00,125,552 | R--- | C] () -- C:\WINDOWS\System32\nvcplhun.chm

[2009/11/09 17:00:04 | 00,058,340 | R--- | C] () -- C:\WINDOWS\System32\nvmobheb.chm

[2009/11/09 17:00:03 | 00,207,116 | R--- | C] () -- C:\WINDOWS\System32\nvdspheb.chm

[2009/11/09 17:00:03 | 00,132,088 | R--- | C] () -- C:\WINDOWS\System32\nv3dheb.chm

[2009/11/09 17:00:02 | 00,126,196 | R--- | C] () -- C:\WINDOWS\System32\nvcplheb.chm

[2009/11/09 17:00:01 | 00,119,315 | R--- | C] () -- C:\WINDOWS\System32\nv3dfra.chm

[2009/11/09 17:00:01 | 00,056,087 | R--- | C] () -- C:\WINDOWS\System32\nvmobfra.chm

[2009/11/09 17:00:00 | 00,189,184 | R--- | C] () -- C:\WINDOWS\System32\nvdspfra.chm

[2009/11/09 17:00:00 | 00,122,227 | R--- | C] () -- C:\WINDOWS\System32\nvcplfra.chm

[2009/11/09 16:59:59 | 00,056,934 | R--- | C] () -- C:\WINDOWS\System32\nvmobfin.chm

[2009/11/09 16:59:58 | 00,195,677 | R--- | C] () -- C:\WINDOWS\System32\nvdspfin.chm

[2009/11/09 16:59:58 | 00,124,278 | R--- | C] () -- C:\WINDOWS\System32\nv3dfin.chm

[2009/11/09 16:59:57 | 00,124,544 | R--- | C] () -- C:\WINDOWS\System32\nvcplfin.chm

[2009/11/09 16:59:56 | 00,118,608 | R--- | C] () -- C:\WINDOWS\System32\nv3desm.chm

[2009/11/09 16:59:56 | 00,055,992 | R--- | C] () -- C:\WINDOWS\System32\nvmobesm.chm

[2009/11/09 16:59:55 | 00,197,555 | R--- | C] () -- C:\WINDOWS\System32\nvdspesm.chm

[2009/11/09 16:59:55 | 00,124,138 | R--- | C] () -- C:\WINDOWS\System32\nvcplesm.chm

[2009/11/09 16:59:53 | 00,196,421 | R--- | C] () -- C:\WINDOWS\System32\nvdspesn.chm

[2009/11/09 16:59:53 | 00,117,909 | R--- | C] () -- C:\WINDOWS\System32\nv3desn.chm

[2009/11/09 16:59:53 | 00,055,669 | R--- | C] () -- C:\WINDOWS\System32\nvmobesn.chm

[2009/11/09 16:59:52 | 00,124,084 | R--- | C] () -- C:\WINDOWS\System32\nvcplesn.chm

[2009/11/09 16:59:51 | 00,117,083 | R--- | C] () -- C:\WINDOWS\System32\nv3deng.chm

[2009/11/09 16:59:51 | 00,055,103 | R--- | C] () -- C:\WINDOWS\System32\nvmobeng.chm

[2009/11/09 16:59:50 | 00,182,024 | R--- | C] () -- C:\WINDOWS\System32\nvdspeng.chm

[2009/11/09 16:59:50 | 00,121,758 | R--- | C] () -- C:\WINDOWS\System32\nvcpleng.chm

[2009/11/09 16:59:49 | 00,059,100 | R--- | C] () -- C:\WINDOWS\System32\nvmobell.chm

[2009/11/09 16:59:48 | 00,220,768 | R--- | C] () -- C:\WINDOWS\System32\nvdspell.chm

[2009/11/09 16:59:48 | 00,131,422 | R--- | C] () -- C:\WINDOWS\System32\nv3dell.chm

[2009/11/09 16:59:47 | 00,126,670 | R--- | C] () -- C:\WINDOWS\System32\nvcplell.chm

[2009/11/09 16:59:46 | 00,123,526 | R--- | C] () -- C:\WINDOWS\System32\nv3ddeu.chm

[2009/11/09 16:59:46 | 00,056,087 | R--- | C] () -- C:\WINDOWS\System32\nvmobdeu.chm

[2009/11/09 16:59:45 | 00,197,544 | R--- | C] () -- C:\WINDOWS\System32\nvdspdeu.chm

[2009/11/09 16:59:45 | 00,124,590 | R--- | C] () -- C:\WINDOWS\System32\nvcpldeu.chm

[2009/11/09 16:59:43 | 00,188,707 | R--- | C] () -- C:\WINDOWS\System32\nvdspdan.chm

[2009/11/09 16:59:43 | 00,118,926 | R--- | C] () -- C:\WINDOWS\System32\nv3ddan.chm

[2009/11/09 16:59:43 | 00,055,622 | R--- | C] () -- C:\WINDOWS\System32\nvmobdan.chm

[2009/11/09 16:59:42 | 00,120,933 | R--- | C] () -- C:\WINDOWS\System32\nvcpldan.chm

[2009/11/09 16:59:41 | 00,128,958 | R--- | C] () -- C:\WINDOWS\System32\nv3dcsy.chm

[2009/11/09 16:59:41 | 00,057,387 | R--- | C] () -- C:\WINDOWS\System32\nvmobcsy.chm

[2009/11/09 16:59:40 | 00,219,156 | R--- | C] () -- C:\WINDOWS\System32\nvdspcsy.chm

[2009/11/09 16:59:40 | 00,124,067 | R--- | C] () -- C:\WINDOWS\System32\nvcplcsy.chm

[2009/11/09 16:59:38 | 00,128,544 | R--- | C] () -- C:\WINDOWS\System32\nv3dara.chm

[2009/11/09 16:59:38 | 00,057,328 | R--- | C] () -- C:\WINDOWS\System32\nvmobara.chm

[2009/11/09 16:59:37 | 00,200,405 | R--- | C] () -- C:\WINDOWS\System32\nvdspara.chm

[2009/11/09 16:59:37 | 00,125,735 | R--- | C] () -- C:\WINDOWS\System32\nvcplara.chm

[2009/11/09 16:59:36 | 00,116,384 | R--- | C] () -- C:\WINDOWS\System32\nv3d.chm

[2009/11/09 16:59:36 | 00,054,988 | R--- | C] () -- C:\WINDOWS\System32\nvmob.chm

[2009/11/09 16:59:35 | 00,181,895 | R--- | C] () -- C:\WINDOWS\System32\nvdsp.chm

[2009/11/09 16:59:35 | 00,121,529 | R--- | C] () -- C:\WINDOWS\System32\nvcpl.chm

[2009/11/09 16:59:28 | 00,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu

[2009/11/08 11:56:52 | 00,000,773 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP PhoTosMarT eSSenTiaL.lnk

[2009/11/08 11:52:38 | 00,001,848 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk

[2009/11/08 11:51:52 | 00,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP PhoTosMarT eXpReSS.lnk

[2009/11/08 11:41:10 | 00,001,654 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\hpzinstall.log

[2009/11/08 11:40:59 | 00,118,526 | ---- | C] () -- C:\WINDOWS\hpoins11.dat

[2009/11/08 00:20:12 | 00,007,168 | -H-- | C] () -- C:\Documents and Settings\Administrador\Desktop\photothumb.db

[2009/11/07 22:32:22 | 04,190,872 | -H-- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\IconCache.db

[2009/11/07 22:23:28 | 00,000,969 | ---- | C] () -- C:\Documents and Settings\Administrador\Desktop\ReaLpLaYeR SP.lnk

[2009/11/07 21:46:54 | 00,774,144 | ---- | C] () -- C:\WINDOWS\System32\NEROINSTAEC43759.DB

[2009/11/07 20:57:45 | 00,000,843 | ---- | C] () -- C:\Documents and Settings\Administrador\Desktop\InTeRneT eXpLoReR.lnk

[2009/11/07 19:59:01 | 00,001,048 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2009/11/07 19:59:01 | 00,001,044 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2009/11/07 19:41:38 | 00,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat

[2009/11/07 19:37:04 | 00,041,996 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009/11/07 19:28:54 | 00,000,552 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GeoTeCneT.lnk

[2009/11/07 19:16:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini

[2009/11/07 19:08:53 | 00,000,127 | ---- | C] () -- C:\Documents and Settings\Administrador\default.pls

[2009/11/07 18:08:18 | 00,000,300 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2009/11/07 18:03:38 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/11/07 18:00:35 | 00,011,264 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/11/07 18:00:13 | 00,038,162 | ---- | C] () -- C:\Documents and Settings\Administrador\Meus documentos\AcCoUnTs.rtf

[2009/11/07 18:00:13 | 00,020,428 | ---- | C] () -- C:\Documents and Settings\Administrador\Meus documentos\ChEaTs PkStD.docx

[2009/11/07 18:00:13 | 00,009,992 | ---- | C] () -- C:\Documents and Settings\Administrador\Meus documentos\WeB LiNk Of SeCuRiTy.docx

[2009/11/07 18:00:13 | 00,001,125 | ---- | C] () -- C:\Documents and Settings\Administrador\Meus documentos\sLimMiNg TiPs.rtf

[2009/11/07 17:31:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2009/11/07 17:31:15 | 00,001,674 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MoZiLLa FiReFoX.lnk

[2009/11/07 16:40:02 | 00,001,024 | ---- | C] () -- C:\Documents and Settings\Administrador\.rnd

[2009/11/07 16:24:44 | 00,066,304 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT

[2009/11/07 16:22:05 | 00,000,210 | -HS- | C] () -- C:\Documents and Settings\Administrador\ntuser.ini

[2009/11/07 16:21:58 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\desktop.ini

[2009/11/07 16:21:50 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT

[2009/11/07 16:09:37 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD

[2009/11/07 16:08:58 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2009/11/07 16:08:50 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls

[2009/11/07 16:08:32 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls

[2009/11/07 16:08:32 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls

[2009/11/07 16:08:20 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls

[2009/11/07 16:08:15 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll

[2009/11/07 16:08:08 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls

[2009/11/07 16:08:08 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls

[2009/11/07 16:08:08 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls

[2009/11/07 16:08:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls

[2009/11/07 16:08:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls

[2009/11/07 16:08:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls

[2009/11/07 16:08:08 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls

[2009/11/07 16:08:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls

[2009/11/07 16:08:07 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls

[2009/11/07 16:08:07 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls

[2009/11/07 16:08:07 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls

[2009/11/07 16:08:07 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls

[2009/11/07 16:08:07 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls

[2009/11/07 16:08:07 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls

[2009/11/07 16:08:07 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls

[2009/11/07 16:08:07 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls

[2009/11/07 16:08:06 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls

[2009/11/07 16:08:06 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls

[2009/11/07 16:08:06 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls

[2009/11/07 16:08:06 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls

[2009/11/07 16:08:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls

[2009/11/07 16:08:05 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls

[2009/11/07 16:08:05 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls

[2009/11/07 16:07:40 | 00,107,597 | ---- | C] () -- C:\Arquivos de programas\Settings.exe

[2009/11/07 16:06:41 | 01,222,144 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\VistaBTSe7en.exe

[2009/11/07 16:06:41 | 00,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Atalho para tclock.lnk

[2009/11/07 16:05:30 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2009/11/07 16:05:29 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2009/11/07 16:05:29 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009/11/07 16:05:29 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009/11/07 16:05:29 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml

[2009/11/07 16:05:28 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2009/11/07 16:05:28 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2009/11/07 16:04:10 | 00,002,969 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT

[2009/11/07 16:04:10 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2009/11/07 16:04:10 | 00,000,000 | RHS- | C] () -- C:\IO.SYS

[2009/11/07 16:04:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini

[2009/11/07 16:04:10 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS

[2009/11/07 16:04:10 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT

[2009/11/07 16:04:06 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2009/11/07 16:04:06 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2009/11/07 16:04:05 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx

[2009/11/07 16:03:21 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2009/11/07 16:03:21 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2009/11/07 16:03:19 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2009/11/07 16:03:02 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf

[2009/11/07 16:02:34 | 00,381,440 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll

[2009/11/07 16:02:04 | 00,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009/11/07 16:01:54 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini

[2009/11/07 16:01:54 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini

[2009/11/07 16:01:24 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce

[2009/11/07 16:01:24 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce

[2009/11/07 16:01:24 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce

[2009/11/07 16:01:24 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce

[2009/11/07 16:01:24 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce

[2009/11/07 16:01:24 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce

[2009/11/07 16:01:23 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce

[2009/11/07 16:01:23 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce

[2009/11/07 16:01:22 | 00,026,931 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini

[2009/11/07 16:01:22 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h

[2009/11/07 16:01:22 | 00,001,221 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd

[2009/11/07 16:01:21 | 00,003,828 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini

[2009/11/07 16:01:21 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h

[2009/11/07 16:01:16 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[2009/11/07 10:57:48 | 00,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF

[2009/11/07 10:57:45 | 01,077,652 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/11/07 10:57:45 | 00,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2009/11/07 10:57:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls

[2009/11/07 10:57:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls

[2009/11/07 10:57:42 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls

[2009/11/07 10:57:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls

[2009/11/07 10:57:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls

[2009/11/07 10:57:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls

[2009/11/07 10:57:36 | 00,000,515 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2009/11/07 10:57:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

[2009/11/07 10:57:28 | 00,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat

[2009/11/07 10:57:28 | 00,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat

[2009/11/07 10:57:28 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT

[2009/11/07 10:57:28 | 00,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat

[2009/11/07 10:57:28 | 00,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT

[2009/11/07 10:57:28 | 00,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT

[2009/11/07 10:57:28 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT

[2009/11/07 10:57:28 | 00,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT

[2009/11/07 10:57:28 | 00,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT

[2009/11/07 10:57:28 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2009/11/07 10:57:28 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2009/11/07 10:57:28 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat

[2009/11/07 10:57:27 | 02,038,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT

[2009/11/07 10:57:27 | 01,233,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT

[2009/11/07 10:57:27 | 01,089,883 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat

[2009/11/07 10:57:27 | 00,809,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2009/11/07 10:57:27 | 00,634,592 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT

[2009/11/07 10:57:27 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2009/11/07 10:57:01 | 00,291,071 | ---- | C] () -- C:\DPsFnshr.exe

[2009/11/07 10:57:01 | 00,249,451 | ---- | C] () -- C:\DSPdsblr.exe

[2009/11/07 10:57:01 | 00,240,251 | ---- | C] () -- C:\pmtimer.exe

[2009/11/07 10:57:01 | 00,020,992 | ---- | C] () -- C:\makePNF.exe

[2009/11/07 10:57:01 | 00,000,632 | ---- | C] () -- C:\DPsFnshr.ini

[2009/11/07 10:56:42 | 00,075,188 | ---- | C] () -- C:\DriverPack_MassStorage_wnt5_x86-32.ini

[2009/11/07 10:56:36 | 00,000,776 | ---- | C] () -- C:\DriverPack_LAN_wnt5_x86-32.ini

[2009/11/07 10:56:28 | 00,254,272 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009/11/07 10:56:01 | 00,000,245 | -HS- | C] () -- C:\boot.ini

[2009/11/07 10:55:58 | 00,000,982 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

[2009/11/07 04:49:49 | 00,000,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn

[2009/11/07 04:32:02 | 00,000,977 | ---- | C] () -- C:\Documents and Settings\Administrador\Meus documentos\Minhas Pastas de Compartilhamento.lnk

[2009/01/05 18:44:10 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

[2008/05/03 01:16:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2008/05/03 01:16:00 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2008/05/03 01:16:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2008/05/03 01:16:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2008/05/03 01:16:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2008/04/13 11:50:42 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll

[2008/04/13 11:50:34 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll

[2008/04/13 11:50:28 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll

[2008/04/13 11:50:26 | 00,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll

[2008/04/13 11:50:24 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll

[2008/04/13 02:51:34 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll

[2008/04/13 02:20:56 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys

[2008/04/13 02:19:48 | 00,033,984 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys

[2008/04/13 02:19:44 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys

[2008/04/13 02:19:44 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys

[2008/04/13 02:19:42 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys

[2008/04/13 02:19:40 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys

[2007/04/02 03:04:28 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini

[2006/06/29 17:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

[2006/06/29 17:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont

[2006/04/18 18:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont

[2006/04/18 18:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont

[2006/01/04 07:12:04 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll

[2001/09/28 01:30:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini

[2001/09/28 01:30:00 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll

[2001/09/28 01:30:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll

[2001/09/28 01:30:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll

[2001/09/28 01:30:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys

[2001/09/28 01:30:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys

[2001/09/28 01:30:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys

[2001/09/28 01:30:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys

[2001/09/28 01:30:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys

[2001/09/28 01:30:00 | 00,027,900 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys

[2001/09/28 01:30:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys

[2001/09/28 01:30:00 | 00,021,111 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini

[2001/09/28 01:30:00 | 00,015,799 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini

[2001/09/28 01:30:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll

[2001/09/28 01:30:00 | 00,013,712 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini

[2001/09/28 01:30:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[2001/09/28 01:30:00 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll

[2001/09/28 01:30:00 | 00,009,032 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys

[2001/09/28 01:30:00 | 00,006,107 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini

[2001/09/28 01:30:00 | 00,004,896 | ---- | C] () -- C:\WINDOWS\System32\himem.sys

[2001/09/28 01:30:00 | 00,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv

[2001/09/28 01:30:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini

[2001/09/28 01:30:00 | 00,000,698 | ---- | C] () -- C:\WINDOWS\win.ini

[2001/09/28 01:30:00 | 00,000,361 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini

[2001/09/28 01:30:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

[2001/09/05 17:20:20 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll

[2001/07/07 06:00:02 | 00,003,277 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 165 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:C31F31E6

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A8ADE5D8

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D1B5B4F1

< End of report >

[DigRam 144]

Boa Tarde! w.storm

 

<@> Abra a pasta Virus Removal Tool,que encontra-se no desktop.

<@> Duplo-clique sobre o arquivo: unins000.exe <--

<@> Clique em OK duas vezes.

<@> O computador será reiniciado.

<><><><><><><><><><><>

<@> Execute o OTL.exe.

<@> Copie estas informações que estão no Quote,para o campo clipboard da ferramenta. ( Custom Scans/Fixes )

 

:OTL

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)

O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found

O33 - MountPoints2\{4e6308b1-cd6c-11de-a88b-001966c66d75}\Shell - "" = AutoRun

O33 - MountPoints2\{4e6308b4-cd6c-11de-a88b-001966c66d75}\Shell - "" = AutoRun

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\AutoRun\command - "" = knupkb.com

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\explore\Command - "" = knupkb.com

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\open\Command - "" = knupkb.com

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (*) - File not found

:Files

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:C31F31E6

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A8ADE5D8

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D1B5B4F1

:Commands

[resethosts]

[emptytemp]

[start explorer]

[Reboot]

<@> Clique no botão Run Fix --> Aguarde a conclusão!

<@> Terminando,vá até a pasta: C:\_OTL\MovedFiles\*.log <-- Poste!

<><><><><><><><><><><>

<@> Execute o OTL Quick Scan,onde teremos um rápido escaneamento da ferramenta.

<@> Duplo-clique em: < >

<@> Clique em "Scan All Users" --> --> Aguarde!

<@> Copie e poste o relatório. ( OTL.txt )

 

Abraços!

[DaniieL™ 0]

<@> Execute o OTL.exe.

<@> Copie estas informações que estão no Quote,para o campo clipboard da ferramenta. ( Custom Scans/Fixes )

 

Quote

:OTL

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)

O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found

O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found

O33 - MountPoints2\{4e6308b1-cd6c-11de-a88b-001966c66d75}\Shell - "" = AutoRun

O33 - MountPoints2\{4e6308b4-cd6c-11de-a88b-001966c66d75}\Shell - "" = AutoRun

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\AutoRun\command - "" = knupkb.com

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\explore\Command - "" = knupkb.com

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\open\Command - "" = knupkb.com

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (*) - File not found

:Files

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:C31F31E6

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A8ADE5D8

@C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D1B5B4F1

:Commands

[resethosts]

[emptytemp]

[start explorer]

[Reboot]

 

Boa Tarde! DigRam

 

Olhe acima no Quote o procedimento que pediu que eu fizesse

Não foi possível ... Porque aconteceu o seguinte.

Eu copiei as informações e copiei no campo ( Custom Scans/Fixes )

Cliquei na Opção RunFix e então ...

enquanto eu aguardava a conclusão aconteceu algo Frustrante e Inesperado :blink:

apareceu uma tela Azul escrito umas coisas e o pc reiniciou automaticamente

Veja na screen abaixo:

 

OBS.: A screen não está muito clara porque, tirei foto com meu celular

porque a imagem passou muito rápido ...

 

 

<!> Pode me explicar isso ?

 

Abraços!

[DigRam 144]

Boa Tarde! w.storm

 

<!> Verifique se na pasta C:\_OTL\MovedFiles\*.log,existe o relatório.

 

Abraços!

[DaniieL™ 0]

Boa Tarde! w.storm

 

<!> Verifique se na pasta C:\_OTL\MovedFiles\*.log,existe o relatório.

Abraços!

 

Bom Dia! DigRam

 

É o seguinte, eu verifiquei na pasta C:\_OTL\MovedFiles\*.log

existem duas pasta mas, ambas estão vazias... veja:

 

 

<!> E agora?

[DigRam 144]

Bom Dia! w.storm

 

<!> Ps: Verificarei se houve alguma mudança no log.

<><><><><><><><><><>

<@> Execute: OTL Quick Scan --> Poste: OTL.txt

 

Abraços!

[DaniieL™ 0]

Bom Dia! w.storm

 

<!> Ps: Verificarei se houve alguma mudança no log.

<><><><><><><><><><>

<@> Execute: OTL Quick Scan --> Poste: OTL.txt

 

Abraços!

 

Boa Noite! DigRam

 

:seta: Eis o relatório OTL.txt

 

<><><><><><><><><><><><><><><><><><><><><><><><><>

 

OTL logfile created on: 27/11/2009 21:36:00 - Run 2

OTL by OldTimer - Version 3.1.10.1 Folder = C:\Documents and Settings\Administrador\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

2,00 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 66,74% Memory free

3,85 Gb Paging File | 2,99 Gb Available in Paging File | 77,67% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 97,65 Gb Total Space | 74,75 Gb Free Space | 76,55% Space Free | Partition Type: NTFS

Drive D: | 200,43 Gb Total Space | 200,32 Gb Free Space | 99,95% Space Free | Partition Type: NTFS

Drive E: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: XPPROBT2009

Current User Name: Administrador

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Minimal

Quick Scan

 

========== Processes (SafeList) ==========

 

PRC - C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

PRC - C:\Documents and Settings\Administrador\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe (PC Tools)

PRC - C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

PRC - C:\Arquivos de programas\System Protect\SysProtect_Tray.exe (Xacti Corporation)

PRC - C:\Arquivos de programas\System Protect\SysProtect_srv.exe (Xacti Corporation)

PRC - c:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

PRC - C:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Arquivos de programas\iTunes\iTunesHelper.exe (Apple Inc.)

PRC - C:\Arquivos de programas\iPod\bin\iPodService.exe (Apple Inc.)

PRC - C:\Arquivos de programas\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)

PRC - C:\Arquivos de programas\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

PRC - C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\ThreatFire\TFTray.exe (PC Tools)

PRC - C:\Arquivos de programas\ThreatFire\TFService.exe (PC Tools)

PRC - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)

PRC - C:\Documents and Settings\Administrador\Bluebirds\BlueBirds.exe (LG Electronics)

PRC - C:\WINDOWS\system32\WgaTray.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)

PRC - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)

PRC - C:\Arquivos de programas\Spyware Doctor\pctsTray.exe (PC Tools)

PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Development Company, L.P.)

PRC - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)

PRC - C:\Arquivos de programas\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.)

PRC - C:\WINDOWS\system32\oobe\sample\tclock.exe (Kazubon)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\Administrador\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (PCToolsFirewallPlus) -- C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe (PC Tools)

SRV - (SP_Service) -- C:\Arquivos de programas\System Protect\SysProtect_srv.exe (Xacti Corporation)

SRV - (McAfee SiteAdvisor Service) -- c:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (AntiVirService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirSchedulerService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (gupdate1ca5ff389694b52) Google Update Service (gupdate1ca5ff389694b52) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe (Google Inc.)

SRV - (iPod Service) -- C:\Arquivos de programas\iPod\bin\iPodService.exe (Apple Inc.)

SRV - (JavaQuickStarterService) -- C:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

SRV - (ThreatFire) -- C:\Arquivos de programas\ThreatFire\TFService.exe (PC Tools)

SRV - (Apple Mobile Device) -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (sdCoreService) -- C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)

SRV - (FontCache3.0.0.0) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)

SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)

SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)

SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)

SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)

SRV - (Microsoft Office Groove Audit Service) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)

SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (WMPNetworkSvc) -- C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60075

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60075

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com.br/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 69 B6 AF FD 5F CA 01 [binary data]

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Secure Search"

FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "www.google.com.br"

FF - prefs.js..extensions.enabledItems: {561A5FBE-9761-4eb3-9182-892D82532414}:1.0

FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1

FF - prefs.js..extensions.enabledItems: {39379F86-9CCB-4724-AE33-4278DE266C88}:1.0.1

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - prefs.js..keyword.enabled: false

 

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff [2009/11/07 18:19:13 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Arquivos de programas\Real\RealPlayer\browserrecord\firefox\ext [2009/11/07 22:23:27 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/11 04:31:14 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Arquivos de programas\Crawler\Toolbar\firefox\ [2009/11/23 19:09:26 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Arquivos de programas\McAfee\SiteAdvisor [2009/11/25 15:12:53 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2009/11/20 02:37:51 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2009/11/20 02:37:51 | 00,000,000 | ---D | M]

 

[2009/11/07 17:31:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Extensions

[2009/11/07 17:31:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009/11/27 13:01:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\extensions

[2009/11/11 04:44:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009/11/25 15:06:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\extensions\{561A5FBE-9761-4eb3-9182-892D82532414}

[2009/11/07 04:44:53 | 00,002,171 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\searchplugins\bing.xml

[2009/11/08 05:33:28 | 00,002,139 | ---- | M] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\lc27mcx0.default\searchplugins\MyStart Search.xml

[2009/11/27 13:01:37 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions

[2009/11/07 05:10:00 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009/11/07 17:37:58 | 00,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

[2009/11/07 05:09:53 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\Mozilla Firefox\components\browserdirprovider.dll

[2009/11/07 05:09:53 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\Mozilla Firefox\components\brwsrcmp.dll

[2009/10/11 07:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npdeploytk.dll

[2009/11/07 05:09:56 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npnul32.dll

[2009/11/07 22:23:22 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\nppl3260.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin2.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin3.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin4.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin5.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin6.dll

[2009/11/20 02:37:51 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin7.dll

[2009/11/07 22:23:31 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\nprjplug.dll

[2009/11/07 22:23:10 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\nprpjplug.dll

[2009/11/07 05:09:57 | 00,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml

[2009/09/21 15:24:16 | 00,001,329 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\crawlersrch.xml

[2009/11/07 05:09:57 | 00,002,371 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\google.xml

[2009/11/15 22:37:59 | 00,002,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

[2009/11/07 05:09:57 | 00,001,135 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2009/11/07 05:09:57 | 00,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2009/11/07 05:09:57 | 00,000,648 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml

 

O1 HOSTS File: (769 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Barra de ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Barra de ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll ()

O4 - HKLM..\Run: [00PCTFW] C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [GrooveMonitor] C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [iSTray] C:\Arquivos de programas\Spyware Doctor\pctsTray.exe (PC Tools)

O4 - HKLM..\Run: [iTunesHelper] C:\Arquivos de programas\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [QuickTime Task] C:\Arquivos de programas\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [systemProtect] C:\Arquivos de programas\System Protect\SysProtect_Tray.exe (Xacti Corporation)

O4 - HKLM..\Run: [ThreatFire] C:\Arquivos de programas\ThreatFire\TFTray.exe (PC Tools)

O4 - HKLM..\Run: [TkBellExe] C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [bluebirds] C:\Documents and Settings\Administrador\Bluebirds\BlueBirds.exe (LG Electronics)

O4 - HKCU..\Run: [DriverMax] File not found

O4 - HKCU..\Run: [DriverMax_RESTART] File not found

O4 - HKCU..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKCU..\Run: [msnmsgr] C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O4 - Startup: C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-DNHML.lnk = C:\Arquivos de programas\Virus Removal Tool\is-DNHML\startup.exe ()

O4 - Startup: C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-U4SAE.lnk = C:\Arquivos de programas\Virus Removal Tool\is-U4SAE\startup.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Atalho para tclock.lnk = C:\WINDOWS\system32\oobe\sample\tclock.exe (Kazubon)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Download by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Crawler Search - File not found

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 189.77.70.10 200.184.26.9

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Arquivos de programas\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Arquivos de programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Arquivos de programas\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/11/07 16:04:10 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009/04/29 07:02:01 | 00,000,055 | R--- | M] () - E:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{4e6308b1-cd6c-11de-a88b-001966c66d75}\Shell - "" = AutoRun

O33 - MountPoints2\{4e6308b4-cd6c-11de-a88b-001966c66d75}\Shell - "" = AutoRun

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\AutoRun\command - "" = knupkb.com

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\explore\Command - "" = knupkb.com

O33 - MountPoints2\{c8297afd-cbca-11de-a869-001966c66d75}\Shell\open\Command - "" = knupkb.com

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

O35 - comfile [open] -- "%1" %* File not found

O35 - exefile [open] -- "%1" %* File not found

 

========== Files/Folders - Created Within 14 Days ==========

 

[2009/11/26 14:08:37 | 00,000,000 | ---D | C] -- C:\_OTL

[2009/11/26 02:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\My Drivers

[2009/11/26 02:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Innovative Solutions

[2009/11/26 02:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Innovative Solutions

[2009/11/26 02:08:07 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Innovative Solutions

[2009/11/25 22:28:52 | 00,027,672 | R--- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\Entech.sys

[2009/11/25 22:28:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark

[2009/11/25 22:28:51 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Futuremark Shared

[2009/11/25 16:31:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss

[2009/11/25 15:49:10 | 00,531,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Desktop\OTL.exe

[2009/11/24 23:01:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Downloaded Installations

[2009/11/23 22:56:25 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrador\Recent

[2009/11/23 22:44:55 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\38708115.sys

[2009/11/23 21:18:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Netscape

[2009/11/23 21:18:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Netscape

[2009/11/23 21:17:59 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Netscape

[2009/11/23 21:13:41 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll

[2009/11/23 21:13:41 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys

[2009/11/23 19:12:18 | 00,038,400 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpz3l054.dll

[2009/11/23 19:09:25 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Crawler

[2009/11/23 18:46:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2009/11/23 18:33:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\HP

[2009/11/23 18:27:26 | 00,000,000 | -HSD | C] -- C:\Config.Msi

[2009/11/23 15:55:26 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\iPod

[2009/11/23 15:55:23 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\iTunes

[2009/11/23 15:31:12 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Enigma Software Group

[2009/11/22 22:47:58 | 00,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys

[2009/11/22 22:45:09 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Panda Security

[2009/11/22 17:10:06 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\47366308.sys

[2009/11/20 01:17:41 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\69758565.sys

[2009/11/18 00:39:49 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\65810298.sys

[2009/11/17 22:04:01 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\mupen64 0.5

[2009/11/17 20:37:49 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\30124835.sys

[2009/11/17 15:27:47 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\VS Revo Group

[2009/11/17 14:01:46 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Sophos

[2009/11/17 13:36:30 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys

[2009/11/17 13:36:24 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Spyware Doctor

[2009/11/17 13:36:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\PC Tools

[2009/11/17 13:11:17 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Registry Mechanic

[2009/11/17 11:09:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Meus documentos\Meus Google Gadgets

[2009/11/17 11:03:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\.earth3d

[2009/11/15 22:37:12 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\McAfee

[2009/11/15 22:36:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\McAfee

[2009/11/15 22:36:52 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\McAfee

[2009/11/15 15:21:13 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\34034646.sys

[2009/11/15 00:39:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com

[2009/11/15 00:37:36 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

[2009/11/14 19:52:59 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\System Protect

[2009/11/14 14:22:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Desktop\FoLdeR TesTs

[2009/11/14 00:33:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrador\Dados de aplicativos\PCToolsFirewallPlus

[2009/11/14 00:29:04 | 00,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2009/11/14 00:29:04 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2009/11/14 00:29:03 | 00,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2009/11/14 00:28:47 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys

[2009/11/14 00:28:47 | 00,055,208 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys

[2009/11/14 00:28:47 | 00,032,552 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys

[2009/11/14 00:28:47 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\PC Tools

[2009/11/14 00:28:45 | 00,115,216 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys

[2009/11/14 00:28:43 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\PC Tools Firewall Plus

[2009/11/13 22:26:46 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Auslogics

[16 C:\Documents and Settings\Administrador\*.tmp files -> C:\Documents and Settings\Administrador\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 14 Days ==========

 

[2009/11/27 21:04:00 | 00,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2009/11/27 20:55:17 | 00,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009/11/27 20:54:49 | 00,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Orbit.lnk

[2009/11/27 20:54:45 | 00,182,441 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2009/11/27 20:54:43 | 00,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2009/11/27 20:54:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009/11/27 20:54:39 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009/11/27 15:48:09 | 60,326,3008 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009/11/27 15:48:09 | 04,817,432 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009/11/27 15:47:45 | 05,218,304 | ---- | M] () -- C:\Documents and Settings\Administrador\ntuser.dat

[2009/11/27 15:47:45 | 00,000,210 | -HS- | M] () -- C:\Documents and Settings\Administrador\ntuser.ini

[2009/11/27 11:35:28 | 00,014,705 | ---- | M] () -- C:\Documents and Settings\Administrador\Meus documentos\SXTM.docx

[2009/11/27 11:12:25 | 00,006,144 | -H-- | M] () -- C:\Documents and Settings\Administrador\Desktop\photothumb.db

[2009/11/25 16:15:11 | 00,064,224 | ---- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT

[2009/11/25 15:49:22 | 00,531,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrador\Desktop\OTL.exe

[2009/11/24 23:43:55 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2009/11/23 22:41:35 | 00,254,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009/11/23 21:42:01 | 00,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2009/11/23 19:13:44 | 00,118,526 | ---- | M] () -- C:\WINDOWS\hpoins11.dat

[2009/11/23 19:13:42 | 00,000,698 | ---- | M] () -- C:\WINDOWS\win.ini

[2009/11/23 19:08:46 | 04,190,872 | -H-- | M] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\IconCache.db

[2009/11/21 13:07:56 | 01,077,652 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/11/21 13:07:56 | 00,474,016 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat

[2009/11/21 13:07:56 | 00,438,614 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009/11/21 13:07:56 | 00,081,198 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat

[2009/11/21 13:07:56 | 00,069,790 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009/11/18 02:56:41 | 00,055,208 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys

[2009/11/18 02:56:39 | 00,070,408 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys

[2009/11/18 02:56:12 | 00,207,792 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2009/11/18 00:37:50 | 00,002,100 | ---- | M] () -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-DNHML.lnk

[2009/11/17 13:17:22 | 04,710,400 | ---- | M] () -- C:\Documents and Settings\Administrador\s-1-5-21-1390067357-796845957-682003330-500.rrr

[2009/11/16 00:50:47 | 00,000,468 | ---- | M] () -- C:\WINDOWS\System32\BIN_STRSBW.SPT

[2009/11/14 21:00:12 | 00,217,718 | ---- | M] () -- C:\WINDOWS\System32\reboot.exe

[2009/11/14 19:53:08 | 00,012,288 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_prot.sys

[16 C:\Documents and Settings\Administrador\*.tmp files -> C:\Documents and Settings\Administrador\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2009/11/27 11:35:28 | 00,014,705 | ---- | C] () -- C:\Documents and Settings\Administrador\Meus documentos\SXTM.docx

[2009/11/24 23:43:54 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2009/11/23 18:22:09 | 00,118,954 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp

[2009/11/23 18:22:08 | 00,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp

[2009/11/23 15:55:15 | 05,218,304 | ---- | C] () -- C:\Documents and Settings\Administrador\ntuser.dat

[2009/11/17 20:38:10 | 00,002,100 | ---- | C] () -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\is-DNHML.lnk

[2009/11/17 13:17:21 | 04,710,400 | ---- | C] () -- C:\Documents and Settings\Administrador\s-1-5-21-1390067357-796845957-682003330-500.rrr

[2009/11/15 00:12:37 | 00,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Orbit.lnk

[2009/11/15 00:09:50 | 00,000,468 | ---- | C] () -- C:\WINDOWS\System32\BIN_STRSBW.SPT

[2009/11/14 21:00:12 | 00,217,718 | ---- | C] () -- C:\WINDOWS\System32\reboot.exe

[2009/11/14 19:53:08 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_prot.sys

[2009/11/14 00:29:04 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat

[2009/11/14 00:29:04 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat

[2009/11/14 00:29:03 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat

[2009/11/14 00:28:47 | 00,007,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.cat

[2009/11/14 00:28:47 | 00,007,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-DNS.cat

[2009/11/14 00:28:45 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplfw.cat

[2009/11/08 11:41:10 | 00,001,654 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\hpzinstall.log

[2009/11/07 22:32:22 | 04,190,872 | -H-- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\IconCache.db

[2009/11/07 19:16:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini

[2009/11/07 18:00:35 | 00,011,264 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/11/07 16:24:44 | 00,064,224 | ---- | C] () -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT

[2009/11/07 16:21:58 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrador\Dados de aplicativos\desktop.ini

[2009/11/07 16:07:40 | 00,107,597 | ---- | C] () -- C:\Arquivos de programas\Settings.exe

[2009/11/07 16:05:30 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2009/11/07 16:05:29 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2009/11/07 16:05:29 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009/11/07 16:05:29 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009/11/07 16:05:28 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2009/11/07 16:05:28 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2009/11/07 16:04:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini

[2009/11/07 16:01:54 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini

[2009/11/07 16:01:54 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini

[2009/11/07 16:01:22 | 00,026,931 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini

[2009/11/07 16:01:21 | 00,003,828 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini

[2009/11/07 10:57:45 | 01,077,652 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/11/07 10:57:45 | 00,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2009/11/07 10:57:29 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

[2009/01/05 18:44:10 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

[2008/05/03 01:16:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2008/05/03 01:16:00 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2008/05/03 01:16:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2008/05/03 01:16:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2008/05/03 01:16:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2008/04/13 11:50:42 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll

[2008/04/13 11:50:34 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll

[2008/04/13 11:50:28 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll

[2008/04/13 11:50:26 | 00,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll

[2008/04/13 11:50:24 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll

[2008/04/13 02:51:34 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll

[2008/04/13 02:20:56 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys

[2008/04/13 02:19:48 | 00,033,984 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys

[2008/04/13 02:19:44 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys

[2008/04/13 02:19:44 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys

[2008/04/13 02:19:42 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys

[2008/04/13 02:19:40 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys

[2007/04/02 03:04:28 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini

[2006/06/29 17:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

[2006/06/29 17:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont

[2006/04/18 18:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont

[2006/04/18 18:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont

[2006/01/04 07:12:04 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll

[2001/09/28 01:30:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini

[2001/09/28 01:30:00 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll

[2001/09/28 01:30:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll

[2001/09/28 01:30:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll

[2001/09/28 01:30:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys

[2001/09/28 01:30:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys

[2001/09/28 01:30:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys

[2001/09/28 01:30:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys

[2001/09/28 01:30:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys

[2001/09/28 01:30:00 | 00,027,900 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys

[2001/09/28 01:30:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys

[2001/09/28 01:30:00 | 00,021,111 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini

[2001/09/28 01:30:00 | 00,015,799 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini

[2001/09/28 01:30:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll

[2001/09/28 01:30:00 | 00,013,712 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini

[2001/09/28 01:30:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[2001/09/28 01:30:00 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll

[2001/09/28 01:30:00 | 00,009,032 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys

[2001/09/28 01:30:00 | 00,006,107 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini

[2001/09/28 01:30:00 | 00,004,896 | ---- | C] () -- C:\WINDOWS\System32\himem.sys

[2001/09/28 01:30:00 | 00,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv

[2001/09/28 01:30:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini

[2001/09/28 01:30:00 | 00,000,698 | ---- | C] () -- C:\WINDOWS\win.ini

[2001/09/28 01:30:00 | 00,000,361 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini

[2001/09/28 01:30:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

[2001/09/05 17:20:20 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll

[2001/07/07 06:00:02 | 00,003,277 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

 

========== LOP Check ==========

 

[2009/11/07 17:33:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Adobe

[2009/11/20 02:39:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Apple Computer

[2009/11/17 15:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Auslogics

[2009/11/17 11:14:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Google

[2009/11/07 23:50:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\GrabPro

[2009/11/23 18:44:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\HP

[2009/11/07 16:24:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Identities

[2009/11/07 17:33:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Macromedia

[2009/11/07 21:27:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Malwarebytes

[2009/11/08 06:18:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Media Player Classic

[2009/11/15 00:39:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Microsoft

[2009/11/07 17:31:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla

[2009/11/07 16:41:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Nero

[2009/11/23 21:18:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Netscape

[2009/11/07 18:09:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Opera

[2009/11/27 20:55:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Orbit

[2009/11/17 13:36:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\PC Tools

[2009/11/14 00:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\PCToolsFirewallPlus

[2009/11/07 22:27:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Real

[2009/11/07 18:34:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\SoundSpectrum

[2009/11/07 16:06:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Sun

[2009/11/10 16:06:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\SUPERAntiSpyware.com

[2009/11/07 19:06:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\WinRAR

[2009/11/07 18:08:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Apple

[2009/11/07 21:35:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Apple Computer

[2009/11/07 18:21:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Avira

[2009/11/08 11:57:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\HP

[2009/11/26 02:08:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Innovative Solutions

[2009/11/15 00:10:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lavasoft

[2009/11/07 21:27:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes

[2009/11/15 22:37:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\McAfee

[2009/11/11 06:33:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

[2009/11/20 04:17:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

[2009/11/23 22:29:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

[2009/11/17 13:36:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PC Tools

[2009/11/07 22:26:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Real

[2009/11/15 00:39:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\SUPERAntiSpyware.com

[2009/11/27 21:17:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2009/11/07 16:04:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

[2009/11/07 21:36:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/11/23 21:42:01 | 00,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

[2001/09/28 01:30:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009/11/27 20:54:43 | 00,001,044 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

[2009/11/27 21:04:00 | 00,001,048 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

[2009/11/27 20:54:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:C31F31E6

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A8ADE5D8

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D1B5B4F1

< End of report >

[DigRam 144]

Boa Noite! w.storm

 

<@> Baixe: < UsbFix > ( ...par Chiquitine29 et Chimay8 )

<@> Salve-a em Arquivos de programas!

<@> Desabilite seu antivírus!

<@> Instale e execute a ferramenta,com um duplo-clique em: < >

<@> Nas opções da língua,escolha "PT-BR" --> Enter.

<@> Escolha a opção 2: 2. Suppression des fichiers infectieux --> Aperte Enter.

 

< >

 

<@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... )

<@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok.

 

< >

 

<@> O computador irá reiniciar. <-- Aguarde!

<@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta.

<@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante!

<@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter.

<@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado.

 

Abraços!

[DaniieL™ 0]

Bom Dia! DigRam

 

Eu estava seguindo o procedimento que pediu mas,

assim que eu dei um Duplo Clique no UsbFix.exe

minha proteção ThreaTFire alertou isso veja abaixo:

 

 

<!> O que faço ?

 

Abraços!

[DigRam 144]

Bom Dia! w.storm

 

<!> Ps: Como trata-se de um falso positivo,permita a execução!

°°°°°°°°°°°°°°°°°°°°°°

°°°°°°°°°°°°°°°°°°°°°°

<!> No programa,marque: "Permitir que esse processo continue" --> Prosseguir.

 

Abraços!

[DaniieL™ 0]

Bom Dia! DigRam

 

Consegui ...

Eis os Relatórios:

 

UsbFix.Txt

############################## | UsbFix V6.058 |

 

User : Administrador (Administradores) # XPPROBT2009

Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8

Start at: 10:31:15 | 28/11/2009

Website : http://pagesperso-orange.fr/NosTools/index.html

Contact : FindyKill.Contact@gmail.com

 

Processador Intel Pentium III Xeon

Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3

Internet Explorer 8.0.6001.18702

Windows Firewall Status : Enabled

AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

FW : PC Tools Firewall Plus[ Enabled ]6.0.0

 

C:\ -> Disco fixo local # 97,65 Go (74,74 Go free) # NTFS

D:\ -> Disco fixo local # 200,43 Go (200,32 Go free) # NTFS

E:\ -> Disco CD-ROM # 0,38 Mo (0 Mo free) [bluebirds] # CDFS

F:\ -> Disco removível # 3,72 Go (190,22 Mo free) [KINGSTON] # FAT32

 

############################## | Processos activos |

 

C:\WINDOWS\System32\smss.exe 872

C:\WINDOWS\system32\csrss.exe 972

C:\WINDOWS\system32\winlogon.exe 996

C:\WINDOWS\system32\services.exe 1040

C:\WINDOWS\system32\lsass.exe 1052

C:\WINDOWS\system32\svchost.exe 1236

C:\WINDOWS\system32\svchost.exe 1336

C:\WINDOWS\System32\svchost.exe 1460

C:\WINDOWS\system32\svchost.exe 1568

C:\WINDOWS\system32\svchost.exe 1724

C:\WINDOWS\system32\spoolsv.exe 1912

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe 1964

C:\WINDOWS\system32\svchost.exe 184

C:\WINDOWS\system32\WgaTray.exe 320

C:\WINDOWS\Explorer.EXE 464

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe 800

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 812

C:\Arquivos de programas\Google\Update\GoogleUpdate.exe 844

C:\Arquivos de programas\Java\jre6\bin\jqs.exe 940

c:\ARQUIV~1\mcafee\SITEAD~1\mcsacore.exe 1392

C:\WINDOWS\system32\nvsvc32.exe 1704

C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe 1756

C:\WINDOWS\system32\HPZipm12.exe 1848

C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe 1952

C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe 276

C:\Arquivos de programas\System Protect\SysProtect_srv.exe 2052

C:\Arquivos de programas\Spyware Doctor\pctsTray.exe 2096

C:\WINDOWS\system32\svchost.exe 2144

C:\Arquivos de programas\ThreatFire\TFService.exe 2180

C:\WINDOWS\system32\wuauclt.exe 2336

C:\WINDOWS\system32\wbem\wmiprvse.exe 2784

C:\WINDOWS\System32\alg.exe 3352

 

################## | Ficheiros # pastas infeciosos |

 

Supprimido ! C:\devcon.exe

Supprimido ! C:\DPsFnshr.exe

Supprimido ! C:\makePNF.exe

Supprimido ! C:\pmtimer.exe

Não supprimido ! E:\autorun.inf

Não supprimido ! E:\BlueBirds.exe

Não supprimido ! E:\S e t u p.exe

F:\autorun.inf -> ficheiro chamado : "F:\knupkb.com" ( Ausente ! )

F:\autorun.inf -> ficheiro chamado : "F:\knupkb.com" ( Ausente ! )

Supprimido ! F:\autorun.inf

Supprimido ! C:\System Volume Information\_restore{40B8523C-FD36-46B2-AC54-5E7023A2C5E8}\RP24\A0004504.dll

Supprimido ! C:\System Volume Information\_restore{40B8523C-FD36-46B2-AC54-5E7023A2C5E8}\RP24\A0004505.dll

Supprimido ! C:\System Volume Information\_restore{40B8523C-FD36-46B2-AC54-5E7023A2C5E8}\RP24\A0004566.dll

Supprimido ! C:\System Volume Information\_restore{40B8523C-FD36-46B2-AC54-5E7023A2C5E8}\RP24\A0004567.dll

Supprimido ! C:\System Volume Information\_restore{40B8523C-FD36-46B2-AC54-5E7023A2C5E8}\RP25\A0004707.dll

Supprimido ! C:\System Volume Information\_restore{40B8523C-FD36-46B2-AC54-5E7023A2C5E8}\RP25\A0004708.dll

Supprimido ! C:\System Volume Information\_restore{40B8523C-FD36-46B2-AC54-5E7023A2C5E8}\RP79\A0033892.dll

Supprimido ! C:\System Volume Information\_restore{40B8523C-FD36-46B2-AC54-5E7023A2C5E8}\RP79\A0033893.dll

 

################## | Registro # Chaves infectieuses |

 

 

################## | Registro # Mountpoints2 |

 

Supprimido ! HKCU\...\Explorer\MountPoints2\{4e6308b1-cd6c-11de-a88b-001966c66d75}\Shell\AutoRun\Command

Supprimido ! HKCU\...\Explorer\MountPoints2\{4e6308b4-cd6c-11de-a88b-001966c66d75}\Shell\AutoRun\Command

 

################## | Listing |

 

[14/11/2009 19:50|--a------|15676] C:\aaw7boot.log

[07/11/2009 16:04|--a------|0] C:\AUTOEXEC.BAT

[07/11/2009 19:21|--ahs----|245] C:\boot.ini

[28/09/2001 01:30|-rahs----|4952] C:\Bootfont.bin

[07/11/2009 16:04|--a------|0] C:\CONFIG.SYS

[13/01/2009 04:04|--a------|632] C:\DPsFnshr.ini

[28/12/2008 16:46|--a------|776] C:\DriverPack_LAN_wnt5_x86-32.ini

[01/06/2008 00:02|--a------|75188] C:\DriverPack_MassStorage_wnt5_x86-32.ini

[03/01/2009 12:57|--a------|249451] C:\DSPdsblr.exe

[09/08/2009 11:45|--a------|401720] C:\HiJackThis.exe

[25/11/2009 07:42|--a------|13858] C:\hijackthis.log

[07/11/2009 16:04|-rahs----|0] C:\IO.SYS

[07/11/2009 16:04|-rahs----|0] C:\MSDOS.SYS

[13/04/2008 02:13|-rahs----|47564] C:\NTDETECT.COM

[13/04/2008 04:01|-rahs----|251696] C:\ntldr

[?|?|?] C:\pagefile.sys

[28/11/2009 10:49|--a------|4903] C:\UsbFix.txt

[29/04/2009 07:02|-r-------|55] E:\autorun.inf

[29/04/2009 07:02|-r-------|270336] E:\BlueBirds.exe

[29/04/2009 07:02|-r-------|270336] E:\S e t u p.exe

[29/04/2009 07:02|-r-------|81920] E:\Drag&Burn.exe

 

################## | Vaccinação |

 

# C:\autorun.inf -> Folder criado por UsbFix.

# D:\autorun.inf -> Folder criado por UsbFix.

# F:\autorun.inf -> Folder criado por UsbFix.

 

################## | Suspeito | http://www.virustotal.com |

 

 

################## | Cracks / Keygens / Serials |

 

"C:\Documents and Settings\Administrador\7zS7F9.tmp\crack.exe"

20/05/2008 14:23 |Size 512561 |Crc32 876dbda6 |Md5 3c4269aa3c9ee2269533fc4b96eaadd9

 

"C:\Documents and Settings\Default User\7zS7F9.tmp\crack.exe"

20/05/2008 14:23 |Size 512561 |Crc32 876dbda6 |Md5 3c4269aa3c9ee2269533fc4b96eaadd9

 

 

################## | Upload |

 

Favor enviar o arquivo : C:\DOCUME~1\ADMINI~1\Desktop\UsbFix_Upload_Me_XPPROBT2009.zip : http://chiquitine.changelog.fr/Sample/Upload.php

Obrigado pela sua contribuição .

 

################## | ! Fim do relatório # UsbFix V6.058 ! |

 

 

HiJackThis.txt

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:02:21, on 28/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

c:\ARQUIV~1\mcafee\SITEAD~1\mcsacore.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

C:\Arquivos de programas\System Protect\SysProtect_srv.exe

C:\Arquivos de programas\Spyware Doctor\pctsTray.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\ThreatFire\TFService.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\HiJackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60075

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60075

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60075

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60075

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60075

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\ARQUIV~1\Crawler\Toolbar\ctbr.dll

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\ARQUIV~1\Crawler\Toolbar\ctbr.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Barra de ferramentas &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\ARQUIV~1\Crawler\Toolbar\ctbr.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [ThreatFire] C:\Arquivos de programas\ThreatFire\TFTray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [00PCTFW] "C:\Arquivos de programas\PC Tools Firewall Plus\FirewallGUI.exe" -s

O4 - HKLM\..\Run: [systemProtect] C:\Arquivos de programas\System Protect\SysProtect_Tray.exe

O4 - HKLM\..\Run: [iSTray] "C:\Arquivos de programas\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bluebirds] C:\Documents and Settings\Administrador\Bluebirds\BlueBirds.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O4 - Startup: is-DNHML.lnk = C:\Arquivos de programas\Virus Removal Tool\is-DNHML\startup.exe

O4 - Startup: is-U4SAE.lnk = C:\Arquivos de programas\Virus Removal Tool\is-U4SAE\startup.exe

O4 - Global Startup: Atalho para tclock.lnk = C:\WINDOWS\system32\oobe\sample\tclock.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Crawler Search - tbr:iemenu

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{B9E3C1E1-5D68-4A93-97CC-B3B5897C9527}: NameServer = 200.184.26.9 200.184.26.14

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\ARQUIV~1\Crawler\Toolbar\ctbr.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Google Update Service (gupdate1ca5ff389694b52) (gupdate1ca5ff389694b52) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\ARQUIV~1\mcafee\SITEAD~1\mcsacore.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Arquivos de programas\PC Tools Firewall Plus\FWService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

O23 - Service: System Protect Deletion Prevention Service (SP_Service) - Xacti Corporation - C:\Arquivos de programas\System Protect\SysProtect_srv.exe

O23 - Service: ThreatFire - PC Tools - C:\Arquivos de programas\ThreatFire\TFService.exe

 

--

End of file - 12337 bytes

 

Abraços!

[DigRam 144]

Bom Dia! w.storm

 

Favor enviar o arquivo : C:\DOCUME~1\ADMINI~1\Desktop\UsbFix_Upload_Me_XPPROBT2009.zip : http://chiquitine.changelog.fr/Sample/Upload.php

Obrigado pela sua contribuição .

<!> Envie o ficheiro pedido. ( Upload )

<><><><><><><><><><><>

<@> Baixe: < Runscanner v. 1.9.0.9 >

 

<1> < Download zip file > <-- Descompacte-o!

 

<2> < Download executable >

 

<@> Salve-o no Disco local(C) ou desktop.

<@> Descompacte-o e reserve o executável. ( RunScanner.exe )

<@> Abra o programa e,com o botão Expert mode já marcado,clique Ok.

<@> Feche todas as janelas/programas,antes de executar este utilitário.

<@> Rode-o,clicando em Scan computer. --> Aguarde!

<@> Terminando,clique no menu: "Online analysis" <-- Esteja conectado!

<@> Abrirá a página: "online malware analysis report"

<@> Copie o resultado desta análise;Report Url:,para o seu computador. ( report.aspx )

<@> Coloque-o em um zip,dispondo-o no Desktop.

<@> Mantenha a extenção ( .aspx ),ao copiá-lo!

<@> Não desejando a verificação OnLine,salve-o como Arquivo RUN.

<@> Execute-o e,ao terminar,clique em "Save Run File" --> Coloque-o em um zip,dispondo-o na área de trabalho.

<@> Vá,agora,à este endereço: < Badongo >

<@> Faça upload do report.aspx.zip ou runscanner.run,que estão no desktop,para esse servidor. <-- Badongo!

<@> Copie o(s) endereço(s),que lhe serão fornecidos,para este Tópico. ( Report Url: ) ou ( Arquivo RUN )

 

Abraços!

[DaniieL™ 0]

Boa Tarde! DigRam

 

Eis o endereço: http://www.badongo.com/file/18695221'>http://www.badongo.com/file/18695221"]http://www.badongo.com/file/18695221

OBS.: DigRam é o seguinte ...

esse procedimento foi bastante puxado e complicado pra mim ...

não sei se fiz certo, peço desculpas.

 

Abraços!

[DigRam 144]

Boa Tarde! DigRam

 

Eis o endereço: http://www.badongo.com/file/18695221'>http://www.badongo.com/file/18695221"]http://www.badongo.com/file/18695221

OBS.: DigRam é o seguinte ...

esse procedimento foi bastante puxado e complicado pra mim ...

não sei se fiz certo, peço desculpas.

 

Abraços!

<><><><><><><><>

Boa Tarde! w.storm

 

<!> Infelizmente,voçê postou runscanner.exe...e não runscanner.run.

 

<@> Execute-o e,ao terminar,clique em "Save Run File" --> Coloque-o em um zip...

<!> Nessa operação,teremos o arquivo runscanner.run que deverá ser compactado e upado pelo meio que possa dispor: e-mail,hostingfile,attachfile...menos pombo-correio! rsrs..

<!> Tente enviar,por qualquer meio,o arquivo RUN,zipado ou não...

 

Abraços!

[DaniieL™ 0]

Boa Noite! DigRam

 

Acho que dessa vez consegui :blush:

Eis o endereço -> http://www.badongo.com/file/18700446'>http://www.badongo.com/file/18700446"]http://www.badongo.com/file/18700446

 

Abraços!