Xullippa 0 Denunciar post Postado Junho 14, 2010 As pastas do meu computador estão como um arquivo do tipo protetor de tela, além de estarem como se fossem arquivo morto, acontece que eu não tenho a menor ideia do porquê delas estarem assim. Quando eu clico em cima delas com o o botão direito do mouse, em vez de abrir, tenho TESTAR, e logo embaixo, tenho CONFIGURAR e depois INSTALAR. O que é será? Segue Log para análise: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:44:11, on 14/6/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe C:\Arquivos de programas\Styler\Styler.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ciee.org.br/portal/index.asp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe O4 - HKLM\..\Run: [C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe] C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [VisualTaskTips] "C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe" noTrayIcon O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8655 bytes Obrigado. Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 15, 2010 Bom Dia! Xullippa <@> Baixe: < > ( ...by sUBs ) <!> Link-2 --> < ForoSpyware > <!> Link-3 --> < GeeksToGo > <@> Salve-o no desktop! <@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! ) <@> Feche todas as janelas e execute a ferramenta! <@> Ps: A execução,por comando,também é possível: <@> Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\Combofix.exe" /killall <@> Clique em Ok. <@> Na janela: "Contrato de garantia de software" --> Clique em Sim! <@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo! <@> Terminando,clique Sim ou Yes. --> Aguarde! XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX <!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta ComboFix.exe e faça,novamente,seu download. <!> Salve-a no desktop,renomeada como: Kombo.exe <!> Ps: Nomeie durante o salvamento,e não após salvá-la! <!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em "Modo de Segurança". <-- Link! <!> Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação: <!> Ps: Anote essas detecções,e dê o OK. <!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde! <!> Ps: Evite executar,voluntariamente,esta ferramenta! <!> Ps: Para evitar problemas,siga todas as recomendações propostas. <!> Ps: ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão profissional. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX <@> Abrir-se-á a janela Auto Scan. --> Aguarde! <@> Para finalizar remoções,o ComboFix poderá reiniciar o computador. <@> Se houver necessidade,digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão! <@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante! <@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter! <@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 15, 2010 Boa noite! Fiz tudo e agora? Segue os relatórios: HIJACKTHIS: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:00:54, on 15/6/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe C:\Arquivos de programas\Styler\Styler.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ciee.org.br/portal/index.asp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [VisualTaskTips] "C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe" noTrayIcon O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8123 bytes COMBOFIX: ComboFix 10-06-15.02 - Douglas Nobre 15/06/2010 19:54:42.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.991.642 [GMT -3:00] Executando de: c:\documents and settings\Douglas Nobre\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Dados de aplicativos\dkwork.ini c:\documents and settings\All Users\Dados de aplicativos\UpApp32.dll c:\documents and settings\Douglas Nobre\count.exe c:\windows\apsou.vbs c:\windows\msvrc20.dll c:\windows\system32\1025 .scr c:\windows\system32\1028 .scr c:\windows\system32\1031 .scr c:\windows\system32\1033 .scr c:\windows\system32\1037 .scr c:\windows\system32\1041 .scr c:\windows\system32\1042 .scr c:\windows\system32\1046 .scr c:\windows\system32\1054 .scr c:\windows\system32\2052 .scr c:\windows\system32\3076 .scr . (((((((((((((((( Arquivos/Ficheiros criados de 2010-05-15 to 2010-06-15 )))))))))))))))))))))))))))) . 2010-06-15 22:24 . 2010-06-15 22:24 -------- d-----w- c:\windows\LastGood 2010-06-15 22:05 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-06-15 22:05 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-06-15 22:04 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-06-15 22:04 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll 2010-06-15 01:09 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-06-15 01:06 . 2008-06-14 17:34 272384 -c----w- c:\windows\system32\dllcache\bthport.sys 2010-06-15 00:54 . 2010-02-17 17:07 2194176 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2010-06-15 00:54 . 2010-02-16 19:07 2150400 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2010-06-15 00:54 . 2010-02-16 19:07 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2010-06-15 00:26 . 2010-04-09 21:24 214528 ----a-w- c:\windows\LastGood.Tmp .scr 2010-06-15 00:26 . 2010-04-09 21:24 214528 ----a-w- c:\windows\LastGood .scr 2010-06-15 00:15 . 2008-04-13 21:20 45056 -c--a-w- c:\windows\system32\dllcache\nsepm.dll 2010-06-15 00:14 . 2008-04-13 21:20 42496 -c--a-w- c:\windows\system32\dllcache\davcdata.exe 2010-06-15 00:11 . 2001-10-28 17:06 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe 2010-06-14 21:43 . 2001-10-28 17:07 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2010-06-14 21:43 . 2001-10-28 17:07 24661 ----a-w- c:\windows\system32\spxcoins.dll 2010-06-14 21:43 . 2001-10-28 17:06 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2010-06-14 21:43 . 2001-10-28 17:06 13312 ----a-w- c:\windows\system32\irclass.dll 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\de-DE .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\da-DK .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\config .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\Com .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\ChCfg.exe .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\CatRoot2 .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\CatRoot .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\ar-SA .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\alsndmgr.wav .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\alsndmgr.cpl .scr 2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\3com_dmi .scr 2010-06-07 23:13 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Orban 2010-06-07 23:11 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Megacubo 2010-05-27 22:57 . 2008-04-13 14:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys 2010-05-27 22:57 . 2008-04-13 14:46 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys 2010-05-27 22:57 . 2008-04-13 14:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys 2010-05-27 22:57 . 2008-04-13 14:46 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys 2010-05-27 22:57 . 2008-04-13 14:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys 2010-05-27 22:57 . 2004-07-09 07:27 230400 ----a-w- c:\windows\system32\dplayx.dll 2010-05-27 22:56 . 2008-01-14 19:58 19840 ----a-w- c:\windows\system32\drivers\StMp3Rec.sys 2010-05-27 22:55 . 2010-05-27 22:56 -------- d-----w- c:\arquivos de programas\Philips 2010-05-27 22:55 . 2010-05-27 22:55 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\InstallShield 2010-05-24 03:33 . 2010-05-24 03:33 503808 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcp71.dll 2010-05-24 03:33 . 2010-05-24 03:33 499712 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\jmc.dll 2010-05-24 03:33 . 2010-05-24 03:33 348160 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcr71.dll 2010-05-24 03:32 . 2010-05-24 03:32 61440 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-sse.dll 2010-05-24 03:32 . 2010-05-24 03:32 12800 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-d3d.dll 2010-05-19 01:14 . 2010-05-19 01:35 -------- d-----w- c:\arquivos de programas\Valve 2010-05-18 02:01 . 2010-05-18 02:01 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Styler 2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VisualTaskTips 2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VistaDriveIcon 2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Styler 2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Blaero Start Orb 2010-05-18 01:46 . 2010-05-18 01:56 -------- d--h--w- c:\windows\VistaMizer . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-15 22:13 . 2010-03-12 13:24 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Free Download Manager 2010-06-15 00:19 . 2001-10-28 17:07 49804 ----a-w- c:\windows\system32\perfc016.dat 2010-06-15 00:19 . 2001-10-28 17:07 347648 ----a-w- c:\windows\system32\perfh016.dat 2010-06-15 00:12 . 2009-12-20 04:54 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços 2010-06-15 00:10 . 2009-12-20 04:53 22964 ----a-w- c:\windows\system32\emptyregdb.dat 2010-06-10 01:33 . 2009-12-23 20:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help 2010-05-30 19:40 . 2009-12-20 21:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus! 2010-05-27 22:56 . 2009-12-20 05:10 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2010-05-20 23:25 . 2009-12-23 01:49 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Any Video Converter 2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf 2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf 2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\PC Suite 2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Nokia 2010-05-12 01:29 . 2010-05-12 01:20 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Suite 2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Nokia 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\DIFX 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution 2010-05-12 01:17 . 2010-05-12 01:17 95232 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe 2010-05-12 01:17 . 2010-05-12 01:17 61440 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe 2010-05-12 01:17 . 2010-05-12 01:17 8192 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe 2010-05-12 01:17 . 2010-05-12 01:17 10240 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe 2010-05-12 01:16 . 2010-05-12 01:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Installations 2010-05-12 00:46 . 2010-05-12 01:17 34555528 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_por_br_web(2).exe 2010-05-06 10:34 . 2008-05-17 02:10 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 08:08 . 2008-04-13 20:54 1851392 ----a-w- c:\windows\system32\win32k.sys 2010-04-23 22:42 . 2010-04-23 22:42 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java 2010-04-23 22:42 . 2010-04-23 22:42 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-23 22:42 . 2010-04-23 22:42 -------- d-----w- c:\arquivos de programas\Java 2010-04-20 05:31 . 2008-04-13 21:18 285696 ----a-w- c:\windows\system32\atmfd.dll . ------- Sigcheck ------- [-] 2008-05-17 . 1D01C384F3BA123EB6F09769DEA005AC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-12-23 135664] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264] "VisualTaskTips"="c:\arquivos de programas\VisualTaskTips\VisualTaskTips.exe" [2008-03-09 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VTTimer"="VTTimer.exe" [2006-08-03 53248] "VTTrayp"="VTtrayp.exe" [2006-08-30 180224] "Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640] "GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "NeroFilterCheck"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040] "DrvIcon"="c:\arquivos de programas\VistaDriveIcon\DrvIcon.exe" [2008-04-13 49152] "SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] c:\documents and settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\ Blaero Start Orb.lnk - c:\arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe [2006-7-30 521216] Recorte de tela e Iniciador do OneNote 2007.lnk - c:\arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Styler.lnk - c:\arquivos de programas\Styler\Styler.exe [2007-4-15 307200] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Arquivos de programas\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"= "c:\\Arquivos de programas\\Megacubo\\megacubo.exe"= "c:\\WINDOWS\\system32\\ftp.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/5/2009 15:47 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14/5/2009 15:49 94360] R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [14/5/2009 15:47 731840] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28/12/2009 20:23 715248] S3 D301bus;GW01 USB WMC Bus Driver (WDM);c:\windows\system32\drivers\D301bus.sys [8/5/2010 12:44 83328] S3 D301mdfl;GW01 USB WMC Modem Filter;c:\windows\system32\drivers\D301mdfl.sys [8/5/2010 12:44 14976] S3 D301mdm;GW01 USB WMC Modem Driver;c:\windows\system32\drivers\D301mdm.sys [8/5/2010 12:44 109824] S3 D301mgmt;GW01 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\D301mgmt.sys [8/5/2010 12:45 103808] S3 d301nd5;GW01 USB WMC Ethernet GW (NDIS);c:\windows\system32\drivers\d301nd5.sys [8/5/2010 12:45 24832] S3 D301obex;GW01 USB WMC OBEX Interface;c:\windows\system32\drivers\D301obex.sys [8/5/2010 12:44 99840] S3 d301unic;GW01 USB WMC Ethernet GW (WDM);c:\windows\system32\drivers\d301unic.sys [8/5/2010 12:45 105728] S3 ddsxeiservice;ddsxeiservice2;c:\arquivos de programas\sXe Injected\ddsxei.sys [1/2/2010 20:48 93056] S3 XDva297;XDva297;\??\c:\windows\system32\XDva297.sys --> c:\windows\system32\XDva297.sys [?] S3 XDva315;XDva315;\??\c:\windows\system32\XDva315.sys --> c:\windows\system32\XDva315.sys [?] S3 XDva321;XDva321;\??\c:\windows\system32\XDva321.sys --> c:\windows\system32\XDva321.sys [?] . Conteúdo da pasta 'Tarefas Agendadas' 2010-06-13 c:\windows\Tasks\Advanced WindowsCare V2 Pro.job - c:\arquivos de programas\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe [2009-12-21 20:49] 2010-06-13 c:\windows\Tasks\AwcProUpdate.job - c:\arquivos de programas\IObit\Advanced WindowsCare V2 Pro\AutoUpdate.exe [2009-12-21 00:03] 2010-06-15 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.ciee.org.br/portal/index.asp IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm IE: E&xportar para o Microsoft Excel - c:\arquiv~1\Microsoft Office\Office12\EXCEL.EXE/3000 . - - - - ORFÃOS REMOVIDOS - - - - HKLM-Run-c:\docume~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe - c:\docume~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe HKU-Default-RunOnce-tscuninstall - c:\windows\system32\tscupgrd.exe MSConfigStartUp-MsnMsgr - c:\arquivos de programas\MSN Messenger\MsnMsgr.Exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-06-15 19:57 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . Tempo para conclusão: 2010-06-15 19:59:09 ComboFix-quarantined-files.txt 2010-06-15 22:59 Pré-execução: 6.034.743.296 bytes disponíveis Pós execução: 6.785.626.112 bytes disponíveis WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 5329018444D91EBFFD471491048C12B9 Obrigado! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 16, 2010 Bom Dia! Xullippa <@> Baixe: < Malwarebytes' Anti-Malware > <@> Link - 2: < > <@> Ps: Salve ou imprima estas instruções: - Dê um duplo-clique no mbam-setup.exe;escolha a linguagem e,na instalação,aceite todas as opções padrão.- Verifique se as caixas: "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware" estão marcadas. - Clique,à seguir,em Concluir. - Ps: Se houver atualizações a serem feitas,serão baixadas e instaladas. - Ao final da atualização,com o programa aberto, marque: Verificação Rápida - Clique no botão Verificar. - Começará então o exame. -> Aguarde,pois pode demorar! - Concluindo,clique em OK e depois no botão "Mostrar Resultados",para dispormos do relatório. - Ps: Se houver ítens encontrados,marque-os e clique no botão "Remover". - Ps: Ao final da desinfecção,abrir-se-á o Bloco de notas contendo o relatório. - Ps: O log será armazenado,automáticamente,pela ferramenta. - Ps: Obtenha-o clicando na aba "Logs" na janela principal do Programa. <@> Ps: Caso o MBAM encontre arquivos que não consiga remover,poderá ter de reiniciar o PC. Talvez mais de uma vez! <@> Ps: Faça isso imediatamente,ao ser perguntado se quer reiniciar. 0000000000000000000 <!> Selecione, copie e cole o conteúdo do log do MBAM,na sua próxima resposta. <!> Poste,também,HijackThis atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 18, 2010 Boa noite, Segue os Logs: MBAM: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Versão da Base de Dados: 4207 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 18/6/2010 18:02:58 mbam-log-2010-06-18 (18-02-58).txt Tipo de Verificação: Verificação Rápida Objetos escaneados: 133323 Tempo decorrido: 5 minuto(s), 38 segundo(s) Processos de Memória Infectados: 0 Módulos de Memória Infectados: 0 Chaves de Registro Infectadas: 0 Valores de Registro Infectados: 0 Itens de Dados no Registro Infectados: 0 Pastas Infectadas: 0 Arquivos Infectados: 0 Processos de Memória Infectados: (Não foram detectados ítens maliciosos) Módulos de Memória Infectados: (Não foram detectados ítens maliciosos) Chaves de Registro Infectadas: (Não foram detectados ítens maliciosos) Valores de Registro Infectados: (Não foram detectados ítens maliciosos) Itens de Dados no Registro Infectados: (Não foram detectados ítens maliciosos) Pastas Infectadas: (Não foram detectados ítens maliciosos) Arquivos Infectados: (Não foram detectados ítens maliciosos) HIJACKTHIS: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:05:11, on 18/6/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe C:\WINDOWS\SOUNDMAN.EXE C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe C:\Arquivos de programas\Styler\Styler.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ciee.org.br/portal/index.asp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe] C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [VisualTaskTips] "C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe" noTrayIcon O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8169 bytes Obrigado! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 19, 2010 Boa Noite! Xullippa <@> Abra o HijackThis :seta: Clique: Do a system scan only O4 - HKLM\..\Run: [C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe] C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe <@> Marque,àcima,esta entrada! <-- Caso à encontre! <@> Clique em Fix checked --> Sim! --> Reinicie! 000000000000000000 oooooooooooooooooo <@> Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas. <@> Salve-o,no Desktop,com o nome: CFScript.txt File::C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe RESTORE:: c:\windows\system32\sfcfiles.dll Driver:: "XDva297" "XDva315" "XDva321" <@> Ps: É recomendável que esteja desconectado,ao rodar o script. <@> Ps: Desabilite,temporariamente,seu antivírus. <@> Ps: Não utilizem este script em outra máquina! <@> Arraste,o CFScript.txt para o ícone/interior do ComboFix. <@> Veja a demonstração! <@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix. <@> Ps: Faça o arraste,até surgir essa solicitação! ( janela ) <@> Terminando,poste: C:\ComboFix.txt <-- 000000000000000000 oooooooooooooooooo <@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 ) <@> Salve-a em Arquivos de programas! <@> Desabilite seu antivírus! <@> Instale e execute a ferramenta,com um duplo-clique em: < > <@> Nas opções da língua,escolha "PT-BR" --> Enter. <@> Escolha a opção 2: 2. Suppression des fichiers infectieux --> Aperte Enter. <@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... ) <@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok. <@> O computador irá reiniciar. <-- Aguarde! <@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta. <@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante! <@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter. <@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado. Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 19, 2010 Bom dia, Segue os Logs: USBFIX: ############################## | UsbFix 7.011 | [supressão] Usuário: Douglas Nobre (Administrador) # HOME-97DEF26A7C [ ] Atualizado em 17/06/2010 por El Desaparecido / C_XX Começou em 12:34:34 | 19/06/2010 Site: http://pagesperso-orange.fr/NosTools/index.html Contato: FindyKill.Contact@gmail.com CPU: Intel® Celeron® CPU 420 @ 1.60GHz Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall: Habilitado Antivirus: ESET NOD32 Antivirus 4.0 4.0 [(!) Disabled | Updated] RAM -> 991 Mb C:\ (%systemdrive%) -> Disco fixo # 20 Gb (6 Mb livre - 30%) [] # NTFS D:\ -> Disco fixo # 35 Gb (15 Mb livre - 42%) [Diversos] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> Disco fixo # 20 Gb (7 Mb livre - 36%) [instalações] # NTFS H:\ -> Disco removível # 489 Mb (74 Mb livre - 15%) [DOUG] # FAT ################## | Ficheiros # pastas infeciosos | Supprimido ! C:\Recycler\S-1-5-21-2000478354-492894223-1417001333-1003 Supprimido ! D:\Recycler\S-1-5-21-2000478354-492894223-1417001333-1003 Supprimido ! G:\Recycler\S-1-5-21-2000478354-492894223-1417001333-1003 ################## | Registro | ################## | Mountpoints2 | ################## | Listing | [19/06/2010 - 12:19:16 | RD ] C:\Arquivos de programas [20/12/2009 - 01:56:23 | A | 0] C:\AUTOEXEC.BAT [19/06/2010 - 12:28:20 | RASHD ] C:\Autorun.inf [14/06/2010 - 21:08:05 | A | 211] C:\Boot.bak [15/06/2010 - 19:54:12 | RASH | 281] C:\boot.ini [28/10/2001 - 14:06:10 | RASH | 4952] C:\Bootfont.bin [15/06/2010 - 19:54:12 | RASHD ] C:\cmdcons [03/08/2004 - 23:00:16 | A | 261856] C:\cmldr [19/06/2010 - 12:12:14 | A | 41628] C:\ComboFix.txt [09/06/2010 - 22:51:12 | D ] C:\Config.Msi [20/12/2009 - 01:56:23 | A | 0] C:\CONFIG.SYS [22/12/2009 - 21:42:05 | D ] C:\Documents and Settings [16/03/2010 - 21:12:02 | D ] C:\Downloads [23/05/2010 - 02:14:33 | A | 34355200] C:\dump_dvd.vob [19/06/2010 - 11:52:30 | D ] C:\HijackThis [20/12/2009 - 01:56:23 | RASH | 0] C:\IO.SYS [20/12/2009 - 01:56:23 | RASH | 0] C:\MSDOS.SYS [23/12/2009 - 17:54:33 | RD ] C:\MSOCache [13/04/2008 - 08:43:04 | RASH | 47564] C:\NTDETECT.COM [13/04/2008 - 10:31:44 | RASH | 251696] C:\ntldr [19/06/2010 - 12:17:19 | ASH | 1560281088] C:\pagefile.sys [19/06/2010 - 12:11:39 | D ] C:\Qoobox [19/06/2010 - 12:35:17 | SHD ] C:\RECYCLER [20/12/2009 - 02:40:56 | AH | 268] C:\sqmdata00.sqm [20/12/2009 - 18:22:15 | AH | 268] C:\sqmdata01.sqm [21/12/2009 - 20:32:17 | AH | 268] C:\sqmdata02.sqm [21/12/2009 - 21:19:41 | AH | 232] C:\sqmdata03.sqm [20/12/2009 - 02:40:56 | AH | 244] C:\sqmnoopt00.sqm [20/12/2009 - 18:22:15 | AH | 244] C:\sqmnoopt01.sqm [21/12/2009 - 20:32:17 | AH | 244] C:\sqmnoopt02.sqm [21/12/2009 - 21:19:41 | AH | 244] C:\sqmnoopt03.sqm [14/06/2010 - 21:20:37 | SHD ] C:\System Volume Information [19/06/2010 - 12:35:17 | D ] C:\UsbFix [19/06/2010 - 12:35:20 | A | 1180] C:\UsbFix.txt [19/06/2010 - 12:28:35 | A | 46779256] C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip [19/06/2010 - 12:28:01 | D ] C:\WINDOWS [29/12/2009 - 23:20:50 | D ] C:\WinSetupFromUSB [09/08/2009 - 10:04:23 | D ] D:\1dd3e7261f85c2d50108af8ede64 [05/10/2009 - 00:37:46 | D ] D:\81280e612ed7c301fbdf [19/01/2008 - 01:46:52 | D ] D:\aa60f4aeb9fc3b134b9cef [15/12/2009 - 19:12:17 | D ] D:\AMANDA [01/08/2008 - 20:36:07 | D ] D:\Aplicativos Tiago [19/06/2010 - 12:28:20 | RASHD ] D:\Autorun.inf [27/10/2009 - 22:28:04 | D ] D:\CASA [19/06/2010 - 12:28:02 | D ] D:\DESKTOP [19/06/2010 - 12:28:02 | D ] D:\Diversos [20/12/2009 - 01:10:01 | D ] D:\Downloads [22/12/2009 - 22:48:31 | D ] D:\fa53d55b336416aab3045b [16/03/2008 - 11:39:35 | A | 4460163] D:\Fotos - Formatura.rar [02/01/2010 - 12:31:33 | D ] D:\Imagens [19/06/2010 - 12:28:02 | D ] D:\Meus Doc [13/01/2010 - 23:46:06 | D ] D:\Meus videos [19/06/2010 - 12:28:05 | D ] D:\Minhas Músicas [05/05/2009 - 00:14:49 | RD ] D:\MSOCache [19/06/2010 - 12:35:17 | SHD ] D:\RECYCLER [01/06/2009 - 22:15:38 | A | 66] D:\Senha Wireless.txt [10/06/2008 - 00:20:52 | AH | 268] D:\sqmdata00.sqm [03/05/2009 - 02:33:12 | AH | 268] D:\sqmdata01.sqm [20/12/2009 - 02:45:35 | AH | 268] D:\sqmdata02.sqm [10/06/2008 - 00:20:52 | AH | 244] D:\sqmnoopt00.sqm [03/05/2009 - 02:33:12 | AH | 244] D:\sqmnoopt01.sqm [20/12/2009 - 02:45:35 | AH | 244] D:\sqmnoopt02.sqm [14/06/2010 - 21:20:37 | SHD ] D:\System Volume Information [03/01/2008 - 12:34:07 | AH | 162] D:\~$rriculo Douglas.doc [05/03/2010 - 10:02:28 | A | 148995] G:\1118-1336-1-PB.pdf [26/04/2010 - 14:06:36 | D ] G:\ALTO NIVEL - FAZENDA DO MIMI - 25.04.2010 - MAILSON DO ZOIANDO [19/06/2010 - 12:28:20 | RASHD ] G:\Autorun.inf [16/04/2010 - 16:27:32 | D ] G:\Cd Pancadão Altomotivo Vol 3 (Dj Ricardo & G7som) [19/03/2010 - 17:29:25 | D ] G:\Chimarruts - Ao Vivo 2007 [26/04/2010 - 13:59:36 | A | 420089] G:\edital petrobrás.pdf [16/03/2010 - 23:23:29 | AH | 0] G:\F.Paris.Leg.by.rick.86.rmvb [28/01/2010 - 10:47:07 | D ] G:\Filmes & Vídeos [19/04/2010 - 22:44:46 | D ] G:\FORRO DO MUIDO PROMOCIONAL MAIO 2010 - BY LEO CD MORAL [24/11/2009 - 21:50:50 | D ] G:\FORRÓ BOCA A BOCA AO VIVO NO FORRÓ NO SITIO 21.11.09 MAIS UMA EXCLUSIVA BY LUAN GRAVACOES [16/03/2010 - 22:52:57 | AH | 0] G:\From.Paris.w.LR5.Leg-by-B4rm4n.www.clubwarez.ws(1).rmvb [16/03/2010 - 22:52:35 | AH | 0] G:\From.Paris.w.LR5.Leg-by-B4rm4n.www.clubwarez.ws.rmvb [22/04/2010 - 16:40:44 | AH | 335493835] G:\Furia.de.Tita.mkv [18/04/2010 - 21:52:26 | D ] G:\GRUPO ALTO NIVEL - VOL 06 - CRISTIANO CD'S DE TIANGUÁ [20/05/2010 - 20:26:11 | D ] G:\MOBILE_MP4 [16/03/2010 - 11:04:49 | AH | 0] G:\peter.and.vandy.2009.limited.dvdrip.xvid_nodlabs(1).rmvb [16/03/2010 - 11:05:12 | AH | 0] G:\peter.and.vandy.2009.limited.dvdrip.xvid_nodlabs(2).rmvb [19/06/2010 - 12:35:17 | SHD ] G:\RECYCLER [14/06/2010 - 21:20:37 | SHD ] G:\System Volume Information [22/04/2010 - 20:50:43 | AH | 428922183] G:\[www.TELONA.org_LUANEGRA.rmvb [23/03/2010 - 16:22:13 | AH | 346129125] G:\[www.TioDosFilmes.com]DEF3ND0R_LeG_.rmvb ################## | Vaccin | C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) ################## | Upload | Favor enviar o arquivo: C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip http://chiquitine.changelog.fr/Sample/Upload.php Obrigado pela sua contribuição. ################## | E.O.F | HIJACKTHIS: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:37:29, on 19/6/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [VisualTaskTips] "C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe" noTrayIcon O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- End of file - 7192 bytes Obrigado! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 20, 2010 Boa Noite! Xullippa <@> Baixe: < OTL > ( ...by OldTimer Tools ) <@> Salve-o no desktop! <@> Clique duplo em: < > <@> Ps: Sigamos,agora,com sua configuração! <!> 1 - Em "Saída",deixe marcado o botão "Resumida". <!> 2 - Marque as caixas: Verificar All Users e Incluir Verificação 64bit <-- Ps: Caso o SO seja 64 bit! <!> 3 - Processos: Usar SafeList <-- Marque! <!> 4 - Módulos: Usar SafeList <-- Marque! <!> 5 - Serviços: Usar SafeList <-- Marque! <!> 6 - Drivers: Usar SafeList <-- Marque! <!> 7 - Exame Padrão do Registro: Usar SafeList <-- Marque! <!> 8 - Exame Extra do Registro: Usar SafeList <-- Marque! <!> 9 - Verificação de Arquivos: <!> Data de Criação >> Escolha: 14 dias <!> Marque: Usar WhiteList para Nomes de Companhias <!> Marque: Ignorar Arquivos Microsoft <!> 10 - Arquivos Criados Desde: <!> Marque: Data de Criação <!> 11 - Arquivos Modificados Desde: <!> Marque: Data de Criação <!> Marque as caixas: [] Verificar Lop [] Verificar Purity <@> Ps: Sugiro que imprima estas orientações,para posterior leitura. netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%SYSTEMDRIVE%\*.exe%SYSTEMDRIVE%\eventlog.dll /s /md5%SYSTEMDRIVE%\scecli.dll /s /md5%SYSTEMDRIVE%\sfcfiles.dll /s /md5%SYSTEMDRIVE%\netlogon.dll /s /md5%SYSTEMDRIVE%\atapi.sys /s /md5CREATERESTOREPOINT <@> Ps: Copie e cole estas informações,que estão no Code,para o campo abaixo de: Exames Personalizados/Correções <@> Clique em: Verificar --> Aguarde! <@> Concluindo,poste: <!> <1> OTL.txt <-- <!> <2> Extras.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 20, 2010 Bom dia! Segue Logs: OTL.txt: OTL logfile created on: 20/6/2010 01:24:52 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Douglas Nobre\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 991,00 Mb Total Physical Memory | 541,00 Mb Available Physical Memory | 55,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): c:\pagefile.sys 1488 2976 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 19,53 Gb Total Space | 5,61 Gb Free Space | 28,70% Space Free | Partition Type: NTFS Drive D: | 35,46 Gb Total Space | 15,01 Gb Free Space | 42,33% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 19,53 Gb Total Space | 7,09 Gb Free Space | 36,33% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HOME-97DEF26A7C Current User Name: Douglas Nobre Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Douglas Nobre\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) PRC - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe (ESET) PRC - C:\Arquivos de programas\Free Download Manager\fdm.exe (FreeDownloadManager.ORG) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe (artArmin) PRC - C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) PRC - C:\Arquivos de programas\Styler\Styler.exe (ta2027) PRC - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\WINDOWS\system32\VTTrayp.exe (S3 Graphics Co., Ltd.) PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.) PRC - C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe () PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Douglas Nobre\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\mfc42.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\Arquivos de programas\VisualTaskTips\VttHooks.dll () MOD - C:\Arquivos de programas\Styler\StylerHelper.dll (ta2027) MOD - C:\WINDOWS\system32\mfc42loc.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (ServiceLayer) -- C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (EhttpSrv) -- C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET) SRV - (ekrn) -- C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (ddsxeiservice) -- C:\Arquivos de programas\sXe Injected\ddsxei.sys () DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET) DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET) DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (StMp3Rec) -- C:\WINDOWS\system32\drivers\StMp3Rec.sys (Generic) DRV - (d301unic) GW01 USB WMC Ethernet GW (WDM) -- C:\WINDOWS\system32\drivers\d301unic.sys (MCCI Corporation) DRV - (D301mgmt) GW01 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\D301mgmt.sys (MCCI Corporation) DRV - (D301obex) -- C:\WINDOWS\system32\drivers\D301obex.sys (MCCI Corporation) DRV - (d301nd5) GW01 USB WMC Ethernet GW (NDIS) -- C:\WINDOWS\system32\drivers\d301nd5.sys (MCCI Corporation) DRV - (D301mdm) -- C:\WINDOWS\system32\drivers\D301mdm.sys (MCCI Corporation) DRV - (D301bus) GW01 USB WMC Bus Driver (WDM) -- C:\WINDOWS\system32\drivers\D301bus.sys (MCCI Corporation) DRV - (D301mdfl) -- C:\WINDOWS\system32\drivers\D301mdfl.sys (MCCI Corporation) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.) DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc) DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/12/20 02:29:12 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010/06/19 12:09:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL File not found O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Programa Auxiliar de Início de Sessão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll () O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll (StyleFantasist) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe (artArmin) O4 - HKLM..\Run: [egui] C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.) O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.) O4 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003..\Run: [VisualTaskTips] C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - Startup: C:\Documents and Settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe () O4 - Startup: C:\Documents and Settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe (ta2027) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8 - Extra context menu item: Baixar com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dllink.htm () O8 - Extra context menu item: Baixar tudo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlall.htm () O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Download selecionado pelo Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlselected.htm () O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/12/20 01:56:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/06/19 12:35:22 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/06/19 12:35:22 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/06/19 12:35:22 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/06/14 21:13:19 | 000,000,000 | -H-D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Processamento de gráficos vetoriais (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Ligação de dados de HTML dinâmico para Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Cancelar inscrição ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Criação avançada ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes DirectAnimation para Java ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Agendador de tarefas ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msacm.voxacm160 - vct3216.acm File not found Drivers32: MSVideo - vfwwdm32.dll File not found Drivers32: MSVideo8 - VfWWDM32.dll File not found Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.DRAW - DVIDEO.DLL File not found Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: VIDC.FPS1 - frapsvid.dll File not found Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.mp42 - MPG4C32.dll File not found Drivers32: VIDC.MSUD - msulvc05.dll File not found Drivers32: VIDC.VP40 - vp4vfw.dll File not found Drivers32: vidc.VP60 - vp6vfw.dll File not found Drivers32: vidc.VP61 - vp6vfw.dll File not found Drivers32: vidc.VP62 - vp6vfw.dll File not found Drivers32: vidc.VP70 - vp7vfw.dll File not found Drivers32: VIDC.WMV3 - wmv9vcm.dll File not found Drivers32: vidc.X264 - x264vfw.dll File not found Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17183528496136192) ========== Files/Folders - Created Within 14 Days ========== [2010/06/20 01:21:05 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Douglas Nobre\Desktop\OTL.exe [2010/06/19 12:35:22 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2010/06/19 12:28:06 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010/06/19 12:20:22 | 000,000,000 | ---D | C] -- C:\UsbFix [2010/06/19 12:14:59 | 001,225,123 | ---- | C] (C_XX & El Desaparecido) -- C:\Arquivos de programas\UsbFix.exe [2010/06/16 23:11:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/06/16 23:11:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/06/16 23:07:28 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Douglas Nobre\Desktop\mbam-setup-1.46.exe [2010/06/15 19:54:08 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010/06/15 19:49:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010/06/15 19:49:33 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010/06/15 19:49:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010/06/15 19:49:33 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010/06/15 19:49:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ERDNT [2010/06/15 19:49:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/06/14 21:19:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/06/14 21:16:13 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010/06/14 21:16:12 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010/06/14 21:16:12 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2010/06/14 21:14:46 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/06/11 20:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Douglas Nobre\Desktop\Matisyahu-Youth-2006-RNS [2010/06/11 17:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Douglas Nobre\Desktop\ Ponto_de_Equilibrio_Abre_a_Janela [2010/06/09 22:32:22 | 000,000,000 | ---D | C] -- C:\Config.Msi [2010/06/07 20:13:47 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Orban [2010/06/07 20:11:50 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Megacubo [2010/06/07 19:48:52 | 007,627,139 | ---- | C] (www.megacubo.net ) -- C:\Documents and Settings\Douglas Nobre\Desktop\51761_megacubo_737.exe [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 14 Days ========== [2010/06/20 01:21:29 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Douglas Nobre\Desktop\OTL.exe [2010/06/20 01:18:30 | 000,002,284 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/06/20 01:18:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job [2010/06/20 01:18:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/06/20 01:18:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/06/19 16:21:42 | 005,242,880 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\ntuser.dat [2010/06/19 16:21:42 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\Douglas Nobre\ntuser.ini [2010/06/19 16:21:37 | 010,706,212 | -H-- | M] () -- C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\IconCache.db [2010/06/19 15:38:54 | 307,583,865 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\www.Telona.org.Dm..rmvb [2010/06/19 12:35:36 | 046,777,415 | ---- | M] () -- C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip [2010/06/19 12:21:58 | 000,347,648 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat [2010/06/19 12:21:58 | 000,314,644 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/06/19 12:21:58 | 000,049,804 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat [2010/06/19 12:21:58 | 000,040,972 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/06/19 12:21:57 | 000,759,962 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/06/19 12:19:48 | 001,225,123 | ---- | M] (C_XX & El Desaparecido) -- C:\Arquivos de programas\UsbFix.exe [2010/06/19 12:09:45 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/06/19 12:09:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/06/18 00:22:02 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/06/18 00:22:02 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/06/16 23:10:49 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Douglas Nobre\Desktop\mbam-setup-1.46.exe [2010/06/15 21:45:35 | 000,069,776 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT [2010/06/15 20:39:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/06/15 19:54:12 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010/06/15 18:54:22 | 003,712,146 | R--- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\ComboFix.exe [2010/06/15 18:46:47 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/06/14 21:17:23 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/06/14 21:13:58 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/06/14 21:13:46 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/06/14 21:12:50 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/06/14 21:12:50 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/06/14 21:12:35 | 000,000,687 | ---- | M] () -- C:\WINDOWS\win.ini [2010/06/14 21:10:07 | 000,022,964 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/06/14 21:08:05 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010/06/13 16:30:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Advanced WindowsCare V2 Pro.job [2010/06/12 14:47:38 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/12 12:14:29 | 001,494,781 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\lava_rapido.pdf [2010/06/11 03:21:41 | 394,608,178 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\Ac.www.therebels.biz.HyperX.rmvb [2010/06/10 19:30:42 | 000,765,345 | ---- | M] () -- C:\WINDOWS\setupapi.old [2010/06/07 20:02:49 | 007,627,139 | ---- | M] (www.megacubo.net ) -- C:\Documents and Settings\Douglas Nobre\Desktop\51761_megacubo_737.exe [2010/06/07 14:01:47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/06/07 13:45:24 | 000,122,368 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\CalculadoraHP12C.doc [2010/06/06 16:50:04 | 000,098,976 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\TUDO JUNTO.rtf [2010/06/06 14:34:18 | 001,094,144 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\Apresentaçao dos assentamentos.ppt [2010/06/06 05:45:54 | 394,003,667 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\www.Telona.org.L-.rmvb [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/06/19 12:43:31 | 307,583,865 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\www.Telona.org.Dm..rmvb [2010/06/19 12:28:27 | 046,777,415 | ---- | C] () -- C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip [2010/06/15 19:54:12 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010/06/15 19:54:10 | 000,261,856 | ---- | C] () -- C:\cmldr [2010/06/15 19:49:33 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/06/15 19:49:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010/06/15 19:49:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010/06/15 19:49:33 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010/06/15 19:49:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010/06/15 18:52:11 | 003,712,146 | R--- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\ComboFix.exe [2010/06/14 21:16:48 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010/06/14 21:16:05 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010/06/14 21:16:05 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010/06/14 21:16:04 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010/06/14 21:15:33 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010/06/14 21:15:32 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010/06/14 21:15:25 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/06/14 21:15:24 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010/06/14 21:15:22 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010/06/14 21:15:12 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010/06/14 21:15:08 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010/06/14 21:15:03 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2010/06/14 21:14:49 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/06/14 21:14:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/06/14 21:14:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/06/14 21:14:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/06/14 21:14:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/06/14 21:14:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/06/14 21:14:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/06/14 21:14:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/06/14 21:14:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010/06/14 21:14:44 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010/06/14 21:14:44 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010/06/14 21:14:44 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/06/14 21:14:43 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/06/14 21:14:43 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/06/14 21:14:43 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/06/14 21:14:43 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/06/14 21:14:42 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010/06/14 21:14:42 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/06/14 21:14:42 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/06/14 21:14:41 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010/06/14 21:14:41 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/06/14 21:14:40 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010/06/14 21:14:40 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010/06/14 21:14:40 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010/06/14 21:14:39 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010/06/14 21:12:50 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/06/14 18:43:00 | 001,233,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2010/06/14 18:43:00 | 000,809,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/06/14 18:43:00 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/06/14 18:43:00 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2010/06/14 18:43:00 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2010/06/14 18:43:00 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/06/14 18:43:00 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2010/06/14 18:43:00 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2010/06/14 18:43:00 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2010/06/14 18:43:00 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/06/14 18:43:00 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2010/06/14 18:43:00 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2010/06/14 18:43:00 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/06/14 18:43:00 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010/06/14 18:42:59 | 002,038,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2010/06/14 18:42:59 | 000,634,592 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2010/06/12 12:13:27 | 001,494,781 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\lava_rapido.pdf [2010/06/10 23:03:52 | 394,608,178 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\Ac.www.therebels.biz.HyperX.rmvb [2010/06/07 13:45:23 | 000,122,368 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\CalculadoraHP12C.doc [2010/06/06 15:05:03 | 000,098,976 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\TUDO JUNTO.rtf [2010/06/06 11:52:34 | 001,094,144 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\Apresentaçao dos assentamentos.ppt [2010/06/06 02:21:36 | 394,003,667 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\www.Telona.org.L-.rmvb [2010/03/16 19:21:13 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2010/02/10 10:47:45 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010/02/10 10:47:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010/02/10 10:47:34 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010/02/10 10:47:34 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010/02/10 10:47:30 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010/02/10 10:47:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010/02/10 10:47:18 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010/01/11 19:27:27 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010/01/02 12:20:20 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009/12/21 21:53:41 | 000,000,033 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI [2009/12/20 02:19:19 | 000,135,168 | -H-- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009/12/20 02:19:11 | 000,000,164 | -H-- | C] () -- C:\WINDOWS\avrack.ini [2009/12/20 02:18:30 | 000,061,440 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2008/04/13 16:20:38 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2007/12/19 11:53:30 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007/08/29 09:34:46 | 000,041,053 | ---- | C] () -- C:\WINDOWS\cam1690.ini [2007/03/09 19:17:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\cam1690m.dll ========== LOP Check ========== [2009/12/20 02:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ESET [2010/03/12 10:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FreeDownloadManager.ORG [2010/05/11 22:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Installations [2010/05/30 16:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus! [2010/05/11 22:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite [2010/02/22 12:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\SpeedBit [2010/05/20 20:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Any Video Converter [2009/12/29 20:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\DAEMON Tools [2010/06/20 01:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Free Download Manager [2010/05/11 22:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Nokia [2010/03/12 10:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Orbit [2010/05/11 22:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\PC Suite [2010/05/17 23:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Styler [2010/06/13 16:30:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\Advanced WindowsCare V2 Pro.job [2010/06/20 01:18:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\eventlog.dll /s /md5 > [2008/04/13 18:20:28 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008/04/13 18:20:28 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\eventlog.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [2008/04/13 18:20:28 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\dllcache\eventlog.dll < %SYSTEMDRIVE%\scecli.dll /s /md5 > [2008/04/13 18:20:42 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\ERDNT\cache\scecli.dll [2008/04/13 18:20:42 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\scecli.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [2008/04/13 18:20:42 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\dllcache\scecli.dll < %SYSTEMDRIVE%\sfcfiles.dll /s /md5 > [2008/05/16 23:11:08 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=1D01C384F3BA123EB6F09769DEA005AC -- C:\WINDOWS\system32\sfcfiles.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %SYSTEMDRIVE%\netlogon.dll /s /md5 > [2008/04/13 18:20:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008/04/13 18:20:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\netlogon.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [2008/04/13 18:20:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\dllcache\netlogon.dll < %SYSTEMDRIVE%\atapi.sys /s /md5 > [2008/04/13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008/04/13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys < End of report > Extras.txt: OTL Extras logfile created on: 20/6/2010 01:24:52 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Douglas Nobre\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 991,00 Mb Total Physical Memory | 541,00 Mb Available Physical Memory | 55,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): c:\pagefile.sys 1488 2976 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 19,53 Gb Total Space | 5,61 Gb Free Space | 28,70% Space Free | Partition Type: NTFS Drive D: | 35,46 Gb Total Space | 15,01 Gb Free Space | 42,33% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 19,53 Gb Total Space | 7,09 Gb Free Space | 36,33% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HOME-97DEF26A7C Current User Name: Douglas Nobre Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [mega] -- "C:\Arquivos de programas\Megacubo\megacubo.exe" "%1" (www.megacubo.net ) Directory [OneNote.Open] -- C:\ARQUIV~1\Microsoft Office\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015 "1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016 "500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015 "1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016 "500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Arquivos de programas\MSN Messenger\livecall.exe" = C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found "C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\Arquivos de programas\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Arquivos de programas\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero AG) "C:\Arquivos de programas\Megacubo\megacubo.exe" = C:\Arquivos de programas\Megacubo\megacubo.exe:*:Enabled:MegaCubo -- (www.megacubo.net ) "C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Enabled:Windows Update -- (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{110E8E90-1F9A-4804-9221-1DA0D0379C90}" = SA30xx Media Converter "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live "{20B05668-C9F0-4469-AEF4-14DF41D6ACB6}" = Windows Live Messenger "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager "{28DA1AA2-07F2-4451-A28B-A6A01A9CE8E9}" = Assistente de Início de Sessão do Windows Live "{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{418001D0-F48E-4910-966C-0DCCC996A87A}" = Windows Live Call "{4908C75E-E5E2-43F7-B1DF-023CBA831046}" = Nero 7 Premium "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50CEA963-2745-46A8-BE71-767F2B36FEF2}" = Windows Live Essentials "{5DC09527-BE89-4FD0-AF67-73FBA5EEB8BC}" = SA30xx Media Converter "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution "{8527C3D5-BA1D-46E9-88D2-AF25544311A3}" = JPEG Camera v1.02 "{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12 "{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007 "{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 "{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 "{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 "{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 "{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007 "{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007 "{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 "{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 "{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 "{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 "{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12 "{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 "{E31D543D-1EF2-41B8-8DC0-AC7DCB1D6F4C}" = ESET NOD32 Antivirus "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pacote de Driver do Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pacote de Driver do Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Advanced WindowsCare V2 Pro_is1" = Advanced WindowsCare 2.01 Professional "Any Video Converter_is1" = Any Video Converter 2.7.5 "DVD Decrypter" = DVD Decrypter (Remove Only) "ENTERPRISE" = Microsoft Office Enterprise 2007 "Free Download Manager_is1" = Free Download Manager 3.0 "HijackThis" = HijackThis 2.0.2 "ie8" = Windows Internet Explorer 8 "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.7.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Megacubo_is1" = Megacubo 7.3.7 "Messenger Plus! Live" = Messenger Plus! Live "Nokia PC Suite" = Nokia PC Suite "Seven Remix XP" = Seven Remix XP 2.31 "sXe Injected" = sXe Injected "Usbfix" = Usbfix By C_XX & El Desaparecido "VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0331 "VistaMizer" = VistaMizer 2.5.1.0 "Visual Task Tips" = Visual Task Tips 3.2 "VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter "WinAVI Video Converter 9.09.0" = WinAVI Video Converter 9.0 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = Arquivo do WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "WinSetupFromUSB" = WinSetupFromUSB ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 17/5/2010 16:09:28 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 17/5/2010 21:07:14 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 17/5/2010 22:07:14 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 19/5/2010 12:07:14 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 5/6/2010 09:07:14 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 10/6/2010 18:07:22 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 10/6/2010 19:07:23 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 16/6/2010 21:26:06 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 19/6/2010 03:56:30 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = Error - 19/6/2010 10:06:22 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20 Description = [ System Events ] Error - 19/6/2010 11:17:37 | Computer Name = HOME-97DEF26A7C | Source = sptd | ID = 262148 Description = O driver detectou um erro interno nas estruturas de dados para . Error - 19/6/2010 11:17:40 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7026 Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: sptd Error - 19/6/2010 11:21:16 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7034 Description = O serviço Spooler de impressão foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error - 19/6/2010 11:21:16 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7034 Description = O serviço Serviço 'Gateway de camada de aplicativo' foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error - 19/6/2010 11:21:16 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7034 Description = O serviço Adaptador de desempenho WMI foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error - 19/6/2010 11:21:16 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7034 Description = O serviço Java Quick Starter foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error - 19/6/2010 15:16:08 | Computer Name = HOME-97DEF26A7C | Source = sptd | ID = 262148 Description = O driver detectou um erro interno nas estruturas de dados para . Error - 19/6/2010 15:16:13 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7026 Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: sptd Error - 20/6/2010 00:18:27 | Computer Name = HOME-97DEF26A7C | Source = sptd | ID = 262148 Description = O driver detectou um erro interno nas estruturas de dados para . Error - 20/6/2010 00:18:29 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7026 Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: sptd < End of report > Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 20, 2010 Bom Dia! Xullippa <!> Execute,novamente,o procedimento CFScript que está no Post #6. <!> Poste,ao concluir: ComboFix.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 20, 2010 Boa tarde! Segue Log: COMBOFIX: ComboFix 10-06-15.02 - Douglas Nobre 20/06/2010 13:47:29.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.991.632 [GMT -3:00] Executando de: c:\documents and settings\Douglas Nobre\Desktop\ComboFix.exe Comandos utilizados :: c:\documents and settings\Douglas Nobre\Desktop\CFScript.txt AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FILE :: "c:\docume~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe" . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\sfcfiles.dll . . . está infectado!! . (((((((((((((((( Arquivos/Ficheiros criados de 2010-05-20 to 2010-06-20 )))))))))))))))))))))))))))) . 2010-06-19 15:28 . 2010-06-19 15:35 46777415 ----a-w- C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip 2010-06-19 15:20 . 2010-06-19 15:35 -------- d-----w- C:\UsbFix 2010-06-19 15:14 . 2010-06-19 15:19 1225123 ----a-w- c:\arquivos de programas\UsbFix.exe 2010-06-17 02:11 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-17 02:11 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-15 22:05 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-06-15 22:05 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-06-15 22:04 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-06-15 22:04 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll 2010-06-15 01:09 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-06-15 01:06 . 2008-06-14 17:34 272384 -c----w- c:\windows\system32\dllcache\bthport.sys 2010-06-15 00:54 . 2010-02-17 17:07 2194176 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2010-06-15 00:54 . 2010-02-16 19:07 2150400 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2010-06-15 00:54 . 2010-02-16 19:07 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2010-06-15 00:15 . 2008-04-13 21:20 45056 -c--a-w- c:\windows\system32\dllcache\nsepm.dll 2010-06-15 00:14 . 2008-04-13 21:20 42496 -c--a-w- c:\windows\system32\dllcache\davcdata.exe 2010-06-15 00:11 . 2001-10-28 17:06 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe 2010-06-14 21:43 . 2001-10-28 17:07 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2010-06-14 21:43 . 2001-10-28 17:07 24661 ----a-w- c:\windows\system32\spxcoins.dll 2010-06-14 21:43 . 2001-10-28 17:06 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2010-06-14 21:43 . 2001-10-28 17:06 13312 ----a-w- c:\windows\system32\irclass.dll 2010-06-07 23:13 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Orban 2010-06-07 23:11 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Megacubo 2010-05-27 22:57 . 2008-04-13 14:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys 2010-05-27 22:57 . 2008-04-13 14:46 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys 2010-05-27 22:57 . 2008-04-13 14:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys 2010-05-27 22:57 . 2008-04-13 14:46 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys 2010-05-27 22:57 . 2008-04-13 14:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys 2010-05-27 22:57 . 2004-07-09 07:27 230400 ----a-w- c:\windows\system32\dplayx.dll 2010-05-27 22:56 . 2008-01-14 19:58 19840 ----a-w- c:\windows\system32\drivers\StMp3Rec.sys 2010-05-27 22:55 . 2010-05-27 22:56 -------- d-----w- c:\arquivos de programas\Philips 2010-05-27 22:55 . 2010-05-27 22:55 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\InstallShield 2010-05-24 03:33 . 2010-05-24 03:33 503808 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcp71.dll 2010-05-24 03:33 . 2010-05-24 03:33 499712 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\jmc.dll 2010-05-24 03:33 . 2010-05-24 03:33 348160 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcr71.dll 2010-05-24 03:32 . 2010-05-24 03:32 61440 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-sse.dll 2010-05-24 03:32 . 2010-05-24 03:32 12800 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-d3d.dll . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-20 05:11 . 2010-03-12 13:24 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Free Download Manager 2010-06-19 15:21 . 2001-10-28 17:07 49804 ----a-w- c:\windows\system32\perfc016.dat 2010-06-19 15:21 . 2001-10-28 17:07 347648 ----a-w- c:\windows\system32\perfh016.dat 2010-06-17 02:11 . 2009-12-23 00:33 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2010-06-15 00:12 . 2009-12-20 04:54 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços 2010-06-15 00:10 . 2009-12-20 04:53 22964 ----a-w- c:\windows\system32\emptyregdb.dat 2010-06-10 01:33 . 2009-12-23 20:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help 2010-05-30 19:40 . 2009-12-20 21:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus! 2010-05-27 22:56 . 2009-12-20 05:10 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2010-05-20 23:25 . 2009-12-23 01:49 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Any Video Converter 2010-05-19 01:35 . 2010-05-19 01:14 -------- d-----w- c:\arquivos de programas\Valve 2010-05-18 02:01 . 2010-05-18 02:01 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Styler 2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VisualTaskTips 2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VistaDriveIcon 2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Styler 2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Blaero Start Orb 2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf 2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf 2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\PC Suite 2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Nokia 2010-05-12 01:29 . 2010-05-12 01:20 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Suite 2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Nokia 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\DIFX 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution 2010-05-12 01:17 . 2010-05-12 01:17 95232 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe 2010-05-12 01:17 . 2010-05-12 01:17 61440 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe 2010-05-12 01:17 . 2010-05-12 01:17 8192 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe 2010-05-12 01:17 . 2010-05-12 01:17 10240 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe 2010-05-12 01:16 . 2010-05-12 01:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Installations 2010-05-12 00:46 . 2010-05-12 01:17 34555528 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_por_br_web(2).exe 2010-05-06 10:34 . 2008-05-17 02:10 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 08:08 . 2008-04-13 20:54 1851392 ----a-w- c:\windows\system32\win32k.sys 2010-04-23 22:42 . 2010-04-23 22:42 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java 2010-04-23 22:42 . 2010-04-23 22:42 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-23 22:42 . 2010-04-23 22:42 -------- d-----w- c:\arquivos de programas\Java 2010-04-20 05:31 . 2008-04-13 21:18 285696 ----a-w- c:\windows\system32\atmfd.dll . ------- Sigcheck ------- [-] 2008-05-17 . 1D01C384F3BA123EB6F09769DEA005AC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot_2010-06-19_15.09.45 ))))))))))))))))))))))))))))))))))))))))) . + 2010-06-20 15:07 . 2010-06-20 15:07 16384 c:\windows\Temp\Perflib_Perfdata_6bc.dat + 2001-10-28 17:07 . 2010-06-19 15:21 40972 c:\windows\system32\perfc009.dat - 2001-10-28 17:07 . 2010-06-15 00:19 40972 c:\windows\system32\perfc009.dat + 2001-10-28 17:07 . 2010-06-19 15:21 314644 c:\windows\system32\perfh009.dat - 2001-10-28 17:07 . 2010-06-15 00:19 314644 c:\windows\system32\perfh009.dat . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-12-23 135664] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264] "VisualTaskTips"="c:\arquivos de programas\VisualTaskTips\VisualTaskTips.exe" [2008-03-09 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VTTimer"="VTTimer.exe" [2006-08-03 53248] "VTTrayp"="VTtrayp.exe" [2006-08-30 180224] "Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640] "GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "NeroFilterCheck"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040] "DrvIcon"="c:\arquivos de programas\VistaDriveIcon\DrvIcon.exe" [2008-04-13 49152] "SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] c:\documents and settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\ Blaero Start Orb.lnk - c:\arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe [2006-7-30 521216] Recorte de tela e Iniciador do OneNote 2007.lnk - c:\arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Styler.lnk - c:\arquivos de programas\Styler\Styler.exe [2007-4-15 307200] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Arquivos de programas\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"= "c:\\Arquivos de programas\\Megacubo\\megacubo.exe"= "c:\\WINDOWS\\system32\\ftp.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/5/2009 15:47 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14/5/2009 15:49 94360] R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [14/5/2009 15:47 731840] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28/12/2009 20:23 715248] S3 D301bus;GW01 USB WMC Bus Driver (WDM);c:\windows\system32\drivers\D301bus.sys [8/5/2010 12:44 83328] S3 D301mdfl;GW01 USB WMC Modem Filter;c:\windows\system32\drivers\D301mdfl.sys [8/5/2010 12:44 14976] S3 D301mdm;GW01 USB WMC Modem Driver;c:\windows\system32\drivers\D301mdm.sys [8/5/2010 12:44 109824] S3 D301mgmt;GW01 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\D301mgmt.sys [8/5/2010 12:45 103808] S3 d301nd5;GW01 USB WMC Ethernet GW (NDIS);c:\windows\system32\drivers\d301nd5.sys [8/5/2010 12:45 24832] S3 D301obex;GW01 USB WMC OBEX Interface;c:\windows\system32\drivers\D301obex.sys [8/5/2010 12:44 99840] S3 d301unic;GW01 USB WMC Ethernet GW (WDM);c:\windows\system32\drivers\d301unic.sys [8/5/2010 12:45 105728] S3 ddsxeiservice;ddsxeiservice2;c:\arquivos de programas\sXe Injected\ddsxei.sys [1/2/2010 20:48 93056] . Conteúdo da pasta 'Tarefas Agendadas' 2010-06-13 c:\windows\Tasks\Advanced WindowsCare V2 Pro.job - c:\arquivos de programas\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe [2009-12-21 20:49] 2010-06-20 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07] . . ------- Scan Suplementar ------- . IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm IE: E&xportar para o Microsoft Excel - c:\arquiv~1\Microsoft Office\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-06-20 13:50 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'explorer.exe'(2712) c:\windows\system32\WININET.dll c:\arquivos de programas\VisualTaskTips\VttHooks.dll c:\arquivos de programas\Windows Media Player\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Tempo para conclusão: 2010-06-20 13:51:37 ComboFix-quarantined-files.txt 2010-06-20 16:51 ComboFix2.txt 2010-06-19 15:12 ComboFix3.txt 2010-06-15 22:59 Pré-execução: 5.970.849.792 bytes disponíveis Pós execução: 5.964.341.248 bytes disponíveis - - End Of File - - 624ED469E08A5D05BEA124D34A8E80E0 Obrigado! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 21, 2010 Boa Noite! Xullippa <@> Execute o OTL.exe. <@> Copie estas informações que estão na Quote,para o campo abaixo de: Exames Personalizados/Correções :FilesC:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini c:\windows\system32\sfcfiles.dll c:\windows\LastGood.Tmp .scr c:\windows\LastGood .scr c:\windows\system32\de-DE .scr c:\windows\system32\da-DK .scr c:\windows\system32\config .scr c:\windows\system32\Com .scr c:\windows\system32\ChCfg.exe .scr c:\windows\system32\CatRoot2 .scr c:\windows\system32\CatRoot .scr c:\windows\system32\ar-SA .scr c:\windows\system32\alsndmgr.wav .scr c:\windows\system32\alsndmgr.cpl .scr c:\windows\system32\3com_dmi .scr :otl O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] :commands [purity] [emptyflash] [emptytemp] [Reboot] <@> Clique no botão Consertar --> Aguarde a conclusão! --> Executar! <@> Poste o relatório,que também estará na pasta: C:\_OTL\MovedFiles\*.log <-- 0000000000000000000000 oooooooooooooooooooooo <@> Vá em Iniciar --> Executar --> Digite: sfc /scannow --> Clique OK. < > <@> Será pedido a colocação do CD-ROM,do Windows XP,no drive. <@> Será,portanto,acionada a "Proteção de arquivo do Windows". Ps: Aguarde enquanto o Windows verifica se todos os arquivos protegidos do Windows estão intactos e em suas versões originais. <@> Aguarde a conclusão do reparo! Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 21, 2010 Boa noite, Segue Log All processes killed Error: Unable to interpret <Files> in the current context! Error: Unable to interpret <C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <c:\windows\system32\sfcfiles.dll > in the current context! Error: Unable to interpret <c:\windows\LastGood.Tmp .scr> in the current context! Error: Unable to interpret <c:\windows\LastGood .scr> in the current context! Error: Unable to interpret <c:\windows\system32\de-DE .scr> in the current context! Error: Unable to interpret <c:\windows\system32\da-DK .scr> in the current context! Error: Unable to interpret <c:\windows\system32\config .scr> in the current context! Error: Unable to interpret <c:\windows\system32\Com .scr> in the current context! Error: Unable to interpret <c:\windows\system32\ChCfg.exe .scr> in the current context! Error: Unable to interpret <c:\windows\system32\CatRoot2 .scr> in the current context! Error: Unable to interpret <c:\windows\system32\CatRoot .scr> in the current context! Error: Unable to interpret <c:\windows\system32\ar-SA .scr> in the current context! Error: Unable to interpret <c:\windows\system32\alsndmgr.wav .scr> in the current context! Error: Unable to interpret <c:\windows\system32\alsndmgr.cpl .scr> in the current context! Error: Unable to interpret <c:\windows\system32\3com_dmi .scr> in the current context! ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EF05952-B48D-4944-AA91-57A6A1A48EF8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EF05952-B48D-4944-AA91-57A6A1A48EF8}\ deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. C:\WINDOWS\SET4.tmp deleted successfully. C:\WINDOWS\SET8.tmp deleted successfully. C:\WINDOWS\SET9A.tmp deleted successfully. C:\WINDOWS\SET9D.tmp deleted successfully. C:\WINDOWS\SETA9.tmp deleted successfully. C:\WINDOWS\System32\CONFIG.TMP deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: Administrador User: All Users User: Default User User: Douglas Nobre ->Flash cache emptied: 26430 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: Administrador ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Douglas Nobre ->Temp folder emptied: 39998 bytes ->Temporary Internet Files folder emptied: 834841 bytes ->Java cache emptied: 319802 bytes ->Google Chrome cache emptied: 113565727 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 483 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 110,00 mb OTL by OldTimer - Version 3.2.6.0 log created on 06212010_212226 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Obrigado! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 21, 2010 Boa Noite! Xullippa <@> Baixe: < sfcfiles.zip > <@> Descompacte-o para este diretório,em destaque: c:\windows\system32\dllcache <-- <@> Ps: Abra o Malwarebytes! --> Clique em Ferramentas. <@> Clique em Executar ferramenta. <-- File Assassin! <@> Na janela Open e Examinar,busque o arquivo em destaque: c:\windows\system32\sfcfiles.dll <@> Clique em Abrir. <@> Na mensagem,clique em Sim! --> OK. 00000000000000000000000000 oooooooooooooooooooooooooo <@> Ps: Selecione e copie,esta informação que está no campo,para o Bloco de Notas. <@> Salve-o,no Desktop,com o nome: CFScript.txt RESTORE::c:\windows\system32\sfcfiles.dll <@> Ps: É recomendável que esteja desconectado,ao rodar o script. <@> Ps: Desabilite,temporariamente,seu antivírus. <@> Ps: Não utilizem este script em outra máquina! <@> Arraste,o CFScript.txt para o ícone/interior do ComboFix. <@> Veja a demonstração! <@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix. <@> Ps: Faça o arraste,até surgir essa solicitação! ( janela ) <@> Terminando,poste: C:\ComboFix.txt Abraços1 Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 22, 2010 PROBLEMA =/ Várias pastas do pc estão ocultas, inclusive a "system32" e ao entrar nela a outra pasta dllcache simplesmente não existe :( . E agora? Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 22, 2010 PROBLEMA =/ Várias pastas do pc estão ocultas, inclusive a "system32" e ao entrar nela a outra pasta dllcache simplesmente não existe :( . E agora? Abraços! //////////\/\\\\\\\\\ Opa! Xullipa <@> Copie estas informações,que estão no campo,para o Bloco de Notas. @echo offattrib -r -s -h %systemdrive%\"Windows\system32" attrib -r -s -h %systemdrive%\"Windows\system32\dllcache" attrib -r -s -h %systemdrive%\"Documents and Settings" attrib -r -s -h %systemdrive%\"Arquivos de programas" <@> Salve-as como: Fix.bat --> Envie o arquivo ao desktop. <@> Como "Tipo de arquivo",escolha: "Todos os Arquivos" <@> Ps: Execute-o com um duplo-clique em Fix.bat <-- <@> Aguarde! :seta: Confirme o surgimento das pastas,que estavam ocultas. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 23, 2010 Boa noite, Segue Log: ComboFix 10-06-15.02 - Douglas Nobre 22/06/2010 22:19:20.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.991.571 [GMT -3:00] Executando de: c:\documents and settings\Douglas Nobre\Desktop\ComboFix.exe Comandos utilizados :: c:\documents and settings\Douglas Nobre\Desktop\CFScript.txt AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\DOUGLA~1\CONFIG~1\Temp\install_flash_player.exe c:\windows\system32\sfcfiles.dll . . . está infectado!! . (((((((((((((((( Arquivos/Ficheiros criados de 2010-05-23 to 2010-06-23 )))))))))))))))))))))))))))) . 2010-06-22 00:42 . 2008-04-13 22:20 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2010-06-22 00:42 . 2001-09-06 02:50 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2010-06-22 00:42 . 2008-04-13 22:20 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2010-06-22 00:42 . 2001-09-06 02:50 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2010-06-22 00:42 . 2001-09-06 02:50 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2010-06-22 00:42 . 2001-09-06 02:50 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2010-06-22 00:42 . 2001-08-17 23:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys 2010-06-22 00:42 . 2008-04-13 12:34 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys 2010-06-22 00:42 . 2008-04-13 12:34 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys 2010-06-22 00:42 . 2008-04-13 22:20 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll 2010-06-22 00:40 . 2001-09-06 02:50 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll 2010-06-22 00:39 . 2008-04-13 22:20 73832 -c--a-w- c:\windows\system32\dllcache\slcoinst.dll 2010-06-22 00:38 . 2001-08-18 00:28 130942 -c--a-w- c:\windows\system32\dllcache\ptserlv.sys 2010-06-22 00:37 . 2001-09-06 02:49 91488 -c--a-w- c:\windows\system32\dllcache\n9i3disp.dll 2010-06-22 00:36 . 2001-08-18 00:28 797500 -c--a-w- c:\windows\system32\dllcache\ltsmt.sys 2010-06-22 00:35 . 2008-05-17 02:10 78336 -c--a-w- c:\windows\system32\dllcache\ieencode.dll 2010-06-22 00:34 . 2008-04-13 14:45 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys 2010-06-22 00:33 . 2001-08-17 23:11 29696 -c--a-w- c:\windows\system32\dllcache\dm9pci5.sys 2010-06-22 00:32 . 2001-09-06 02:12 14080 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys 2010-06-22 00:31 . 2008-04-13 22:20 870784 -c--a-w- c:\windows\system32\dllcache\ati3d1ag.dll 2010-06-22 00:30 . 2001-09-06 02:49 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll 2010-06-22 00:22 . 2010-06-22 00:22 -------- d-----w- C:\_OTL 2010-06-19 15:28 . 2010-06-19 15:35 46777415 ----a-w- C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip 2010-06-19 15:20 . 2010-06-19 15:35 -------- d-----w- C:\UsbFix 2010-06-19 15:14 . 2010-06-19 15:19 1225123 ----a-w- c:\arquivos de programas\UsbFix.exe 2010-06-17 02:11 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-17 02:11 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-15 22:05 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-06-15 22:05 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-06-15 22:04 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-06-15 22:04 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll 2010-06-15 00:54 . 2010-02-16 19:07 2150400 -c--a-w- c:\windows\system32\dllcache\ntkrnlmp.exe 2010-06-15 00:54 . 2010-02-16 19:07 2028544 -c--a-w- c:\windows\system32\dllcache\ntkrpamp.exe 2010-06-15 00:15 . 2008-04-13 21:20 45056 -c--a-w- c:\windows\system32\dllcache\nsepm.dll 2010-06-15 00:14 . 2008-04-13 21:20 42496 -c--a-w- c:\windows\system32\dllcache\davcdata.exe 2010-06-15 00:11 . 2001-10-28 17:06 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe 2010-06-14 21:43 . 2001-10-28 17:07 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2010-06-14 21:43 . 2001-10-28 17:07 24661 ----a-w- c:\windows\system32\spxcoins.dll 2010-06-14 21:43 . 2001-10-28 17:06 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2010-06-14 21:43 . 2001-10-28 17:06 13312 ----a-w- c:\windows\system32\irclass.dll 2010-06-07 23:13 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Orban 2010-06-07 23:11 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Megacubo 2010-05-27 22:57 . 2008-04-13 14:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys 2010-05-27 22:57 . 2008-04-13 14:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys 2010-05-27 22:57 . 2008-04-13 14:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys 2010-05-27 22:57 . 2008-04-13 14:46 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys 2010-05-27 22:57 . 2008-04-13 14:46 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys 2010-05-27 22:57 . 2008-04-13 14:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys 2010-05-27 22:57 . 2008-04-13 14:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys 2010-05-27 22:57 . 2008-04-13 14:46 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys 2010-05-27 22:57 . 2008-04-13 14:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys 2010-05-27 22:57 . 2008-04-13 14:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys 2010-05-27 22:57 . 2004-07-09 07:27 230400 ----a-w- c:\windows\system32\dplayx.dll 2010-05-27 22:56 . 2008-01-14 19:58 19840 ----a-w- c:\windows\system32\drivers\StMp3Rec.sys 2010-05-27 22:55 . 2010-05-27 22:56 -------- d-----w- c:\arquivos de programas\Philips 2010-05-27 22:55 . 2010-05-27 22:55 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\InstallShield 2010-05-24 03:33 . 2010-05-24 03:33 503808 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcp71.dll 2010-05-24 03:33 . 2010-05-24 03:33 499712 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\jmc.dll 2010-05-24 03:33 . 2010-05-24 03:33 348160 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcr71.dll 2010-05-24 03:32 . 2010-05-24 03:32 61440 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-sse.dll 2010-05-24 03:32 . 2010-05-24 03:32 12800 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-d3d.dll . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-22 02:57 . 2010-03-12 13:24 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Free Download Manager 2010-06-19 15:21 . 2001-10-28 17:07 49804 ----a-w- c:\windows\system32\perfc016.dat 2010-06-19 15:21 . 2001-10-28 17:07 347648 ----a-w- c:\windows\system32\perfh016.dat 2010-06-17 02:11 . 2009-12-23 00:33 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2010-06-15 00:12 . 2009-12-20 04:54 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços 2010-06-15 00:10 . 2009-12-20 04:53 22964 ----a-w- c:\windows\system32\emptyregdb.dat 2010-06-10 01:33 . 2009-12-23 20:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help 2010-05-30 19:40 . 2009-12-20 21:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus! 2010-05-27 22:56 . 2009-12-20 05:10 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2010-05-20 23:25 . 2009-12-23 01:49 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Any Video Converter 2010-05-19 01:35 . 2010-05-19 01:14 -------- d-----w- c:\arquivos de programas\Valve 2010-05-18 02:01 . 2010-05-18 02:01 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Styler 2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VisualTaskTips 2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VistaDriveIcon 2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Styler 2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Blaero Start Orb 2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf 2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf 2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\PC Suite 2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Nokia 2010-05-12 01:29 . 2010-05-12 01:20 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Suite 2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Nokia 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\DIFX 2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution 2010-05-12 01:17 . 2010-05-12 01:17 95232 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe 2010-05-12 01:17 . 2010-05-12 01:17 61440 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe 2010-05-12 01:17 . 2010-05-12 01:17 8192 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe 2010-05-12 01:17 . 2010-05-12 01:17 10240 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe 2010-05-12 01:16 . 2010-05-12 01:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Installations 2010-05-12 00:46 . 2010-05-12 01:17 34555528 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_por_br_web(2).exe 2010-05-06 10:34 . 2008-05-17 02:10 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 08:08 . 2008-04-13 20:54 1851392 ----a-w- c:\windows\system32\win32k.sys 2010-04-23 22:42 . 2010-04-23 22:42 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-20 05:31 . 2008-04-13 21:18 285696 ----a-w- c:\windows\system32\atmfd.dll . ------- Sigcheck ------- [-] 2008-05-17 . 1D01C384F3BA123EB6F09769DEA005AC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot_2010-06-19_15.09.45 ))))))))))))))))))))))))))))))))))))))))) . + 2010-06-22 21:07 . 2010-06-22 21:07 16384 c:\windows\Temp\Perflib_Perfdata_754.dat - 2001-10-28 17:07 . 2010-06-15 00:19 40972 c:\windows\system32\perfc009.dat + 2001-10-28 17:07 . 2010-06-19 15:21 40972 c:\windows\system32\perfc009.dat + 2008-04-13 19:20 . 2008-04-13 21:34 52736 c:\windows\system32\dllcache\wzcsapi.dll + 2009-12-20 04:54 . 2009-08-06 22:24 53472 c:\windows\system32\dllcache\wuauclt.exe + 2001-09-05 23:50 . 2001-10-28 17:06 14336 c:\windows\system32\dllcache\wowfaxui.dll + 2010-06-22 00:41 . 2001-09-06 02:22 34890 c:\windows\system32\dllcache\wlandrv2.sys + 2010-06-22 00:41 . 2001-09-06 02:50 54272 c:\windows\system32\dllcache\wiamsmud.dll + 2010-06-22 00:41 . 2001-09-06 02:50 87040 c:\windows\system32\dllcache\wiafbdrv.dll + 2008-04-13 12:17 . 2008-04-13 21:34 83072 c:\windows\system32\dllcache\wdmaud.sys + 2008-04-13 19:21 . 2008-04-13 21:34 23552 c:\windows\system32\dllcache\wdmaud.drv + 2010-06-22 00:41 . 2008-04-13 12:34 23615 c:\windows\system32\dllcache\wch7xxnt.sys + 2010-06-22 00:41 . 2008-04-13 21:53 32000 c:\windows\system32\dllcache\wceusbsh.sys + 2010-06-22 00:41 . 2001-08-17 23:10 35871 c:\windows\system32\dllcache\wbfirdma.sys + 2010-06-22 00:41 . 2008-04-13 12:34 25471 c:\windows\system32\dllcache\watv10nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 22271 c:\windows\system32\dllcache\watv06nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 33599 c:\windows\system32\dllcache\watv04nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 19551 c:\windows\system32\dllcache\watv02nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 29311 c:\windows\system32\dllcache\watv01nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 11935 c:\windows\system32\dllcache\wadv11nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 11871 c:\windows\system32\dllcache\wadv09nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 11295 c:\windows\system32\dllcache\wadv08nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 11807 c:\windows\system32\dllcache\wadv07nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 11775 c:\windows\system32\dllcache\wadv05nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 12127 c:\windows\system32\dllcache\wadv02nt.sys + 2010-06-22 00:41 . 2008-04-13 12:34 12415 c:\windows\system32\dllcache\wadv01nt.sys + 2010-06-22 00:41 . 2008-04-13 14:43 14208 c:\windows\system32\dllcache\wacompen.sys + 2010-06-22 00:41 . 2001-08-17 23:13 16925 c:\windows\system32\dllcache\w940nd.sys + 2010-06-22 00:41 . 2001-08-17 23:13 19016 c:\windows\system32\dllcache\w926nd.sys + 2010-06-22 00:41 . 2001-08-17 23:13 19528 c:\windows\system32\dllcache\w840nd.sys + 2010-06-22 00:41 . 2001-08-18 00:28 64605 c:\windows\system32\dllcache\vvoice.sys + 2010-06-22 00:41 . 2001-08-18 00:49 24576 c:\windows\system32\dllcache\viairda.sys + 2008-04-13 11:36 . 2008-04-13 21:34 42240 c:\windows\system32\dllcache\viaagp.sys + 2010-06-22 00:41 . 2008-04-13 22:20 54784 c:\windows\system32\dllcache\vfwwdm32.dll + 2001-08-17 22:02 . 2001-10-28 17:06 58112 c:\windows\system32\dllcache\vdmindvd.sys + 2010-06-22 00:41 . 2008-04-13 22:20 11325 c:\windows\system32\dllcache\vchnt5.dll + 2001-09-05 23:50 . 2001-10-28 17:06 49211 c:\windows\system32\dllcache\usrvpa.dll + 2001-09-05 23:50 . 2001-10-28 17:06 45116 c:\windows\system32\dllcache\usrvoica.dll + 2001-09-05 23:50 . 2001-10-28 17:06 49209 c:\windows\system32\dllcache\usrv80a.dll + 2001-09-05 23:50 . 2001-10-28 17:06 41019 c:\windows\system32\dllcache\usrsvpia.dll + 2001-09-05 23:50 . 2001-10-28 17:06 69700 c:\windows\system32\dllcache\usrshuta.exe + 2001-09-05 23:50 . 2001-10-28 17:06 49211 c:\windows\system32\dllcache\usrsdpia.dll + 2001-09-05 23:50 . 2001-10-28 17:06 77883 c:\windows\system32\dllcache\usrrtosa.dll + 2001-09-05 23:50 . 2001-10-28 17:06 61508 c:\windows\system32\dllcache\usrprbda.exe + 2001-09-05 23:50 . 2001-10-28 17:06 77891 c:\windows\system32\dllcache\usrmlnka.exe + 2001-09-05 23:50 . 2001-10-28 17:06 53305 c:\windows\system32\dllcache\usrlbva.dll + 2001-09-05 23:50 . 2001-10-28 17:06 86073 c:\windows\system32\dllcache\usrfaxa.dll + 2001-09-05 23:50 . 2001-10-28 17:06 77890 c:\windows\system32\dllcache\usrdpa.dll + 2001-09-05 23:50 . 2001-10-28 17:06 69699 c:\windows\system32\dllcache\usrcoina.dll + 2001-09-05 23:50 . 2001-10-28 17:06 61500 c:\windows\system32\dllcache\usrcntra.dll + 2008-04-13 19:20 . 2008-04-13 21:34 76288 c:\windows\system32\dllcache\usbui.dll + 2008-04-13 13:45 . 2008-04-13 13:45 20608 c:\windows\system32\dllcache\usbuhci.sys + 2008-04-13 13:45 . 2008-04-13 13:45 26368 c:\windows\system32\dllcache\usbstor.sys + 2008-04-13 11:45 . 2008-04-13 21:34 26112 c:\windows\system32\dllcache\usbser.sys + 2010-06-22 00:41 . 2008-04-13 14:45 15104 c:\windows\system32\dllcache\usbscan.sys + 2010-06-22 00:41 . 2008-04-13 14:47 25856 c:\windows\system32\dllcache\usbprint.sys + 2010-06-22 00:41 . 2008-04-13 14:45 17152 c:\windows\system32\dllcache\usbohci.sys + 2008-04-13 11:45 . 2008-04-13 21:34 15872 c:\windows\system32\dllcache\usbintel.sys + 2008-04-13 13:45 . 2008-04-13 13:45 59520 c:\windows\system32\dllcache\usbhub.sys + 2008-04-13 13:45 . 2008-04-13 13:45 30208 c:\windows\system32\dllcache\usbehci.sys + 2008-04-13 13:45 . 2008-04-13 13:45 32128 c:\windows\system32\dllcache\usbccgp.sys + 2008-04-13 11:45 . 2008-04-13 21:34 25728 c:\windows\system32\dllcache\usbcamd2.sys + 2008-04-13 11:45 . 2008-04-13 21:34 25600 c:\windows\system32\dllcache\usbcamd.sys + 2010-06-22 00:41 . 2008-04-13 14:45 60032 c:\windows\system32\dllcache\usbaudio.sys + 2010-06-22 00:41 . 2008-04-13 14:56 12800 c:\windows\system32\dllcache\usb8023x.sys + 2010-06-22 00:41 . 2008-04-13 21:52 32384 c:\windows\system32\dllcache\usb101et.sys + 2010-06-22 00:41 . 2001-09-06 02:50 94720 c:\windows\system32\dllcache\umaxud32.dll + 2010-06-22 00:41 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\umaxu40.dll + 2010-06-22 00:41 . 2001-09-06 02:50 26624 c:\windows\system32\dllcache\umaxu22.dll + 2010-06-22 00:41 . 2001-09-06 02:50 69632 c:\windows\system32\dllcache\umaxu12.dll + 2010-06-22 00:41 . 2001-09-06 02:50 50688 c:\windows\system32\dllcache\umaxscan.dll + 2010-06-22 00:41 . 2001-08-18 00:58 22912 c:\windows\system32\dllcache\umaxpcls.sys + 2010-06-22 00:41 . 2001-09-06 02:50 50176 c:\windows\system32\dllcache\umaxp60.dll + 2010-06-22 00:41 . 2001-09-06 02:50 47616 c:\windows\system32\dllcache\umaxcam.dll + 2010-06-22 00:41 . 2001-08-18 00:52 36736 c:\windows\system32\dllcache\ultra.sys + 2009-12-20 01:46 . 2008-04-13 11:36 44672 c:\windows\system32\dllcache\uagp35.sys + 2010-06-22 00:41 . 2001-08-18 00:48 11520 c:\windows\system32\dllcache\twotrack.sys + 2008-04-13 11:56 . 2008-04-13 21:34 12288 c:\windows\system32\dllcache\tunmp.sys + 2001-08-17 22:06 . 2001-10-28 17:06 21376 c:\windows\system32\dllcache\tsbvcap.sys + 2010-06-22 00:40 . 2001-08-17 23:12 34375 c:\windows\system32\dllcache\tpro4.sys + 2010-06-22 00:40 . 2001-09-06 02:49 43008 c:\windows\system32\dllcache\tp4res.dll + 2010-06-22 00:40 . 2008-04-13 22:21 82944 c:\windows\system32\dllcache\tp4mon.exe + 2010-06-22 00:40 . 2001-09-06 02:50 31744 c:\windows\system32\dllcache\tp4.dll + 2001-08-17 22:01 . 2001-10-28 17:06 51712 c:\windows\system32\dllcache\tosdvd.sys + 2010-06-22 00:40 . 2001-08-17 23:10 28232 c:\windows\system32\dllcache\tos4mo.sys + 2010-06-22 00:40 . 2001-09-06 02:49 81408 c:\windows\system32\dllcache\tgiul50.dll + 2009-12-20 04:51 . 2008-04-13 22:21 40840 c:\windows\system32\dllcache\termdd.sys + 2010-06-22 00:40 . 2001-08-17 23:13 17129 c:\windows\system32\dllcache\tdkcd31.sys + 2010-06-22 00:40 . 2001-08-17 23:13 37961 c:\windows\system32\dllcache\tdk100b.sys + 2010-06-22 00:40 . 2001-08-18 00:49 30464 c:\windows\system32\dllcache\tbatm155.sys + 2010-06-22 00:40 . 2001-08-17 23:50 36640 c:\windows\system32\dllcache\t2r4mini.sys + 2008-04-13 12:15 . 2008-04-13 21:34 60800 c:\windows\system32\dllcache\sysaudio.sys + 2010-06-22 00:40 . 2001-08-18 01:07 32640 c:\windows\system32\dllcache\symc8xx.sys + 2010-06-22 00:40 . 2001-08-18 01:07 16256 c:\windows\system32\dllcache\symc810.sys + 2010-06-22 00:40 . 2001-08-18 01:07 30688 c:\windows\system32\dllcache\sym_u3.sys + 2010-06-22 00:40 . 2001-08-18 01:07 28384 c:\windows\system32\dllcache\sym_hi.sys + 2010-06-22 00:40 . 2001-09-06 02:50 94293 c:\windows\system32\dllcache\sxports.dll + 2008-04-13 11:45 . 2008-04-13 21:34 56576 c:\windows\system32\dllcache\swmidi.sys + 2010-06-22 00:40 . 2001-09-06 02:50 53760 c:\windows\system32\dllcache\sw_wheel.dll + 2010-06-22 00:40 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\sw_effct.dll + 2008-04-13 13:46 . 2008-04-13 13:46 15232 c:\windows\system32\dllcache\streamip.sys + 2008-04-13 11:45 . 2008-04-13 21:34 49408 c:\windows\system32\dllcache\stream.sys + 2009-12-20 01:44 . 2008-04-13 22:20 75776 c:\windows\system32\dllcache\storprop.dll + 2010-06-22 00:40 . 2001-09-06 02:50 53248 c:\windows\system32\dllcache\stlncoin.dll + 2010-06-22 00:40 . 2001-09-06 02:06 17024 c:\windows\system32\dllcache\stcusb.sys + 2010-06-22 00:40 . 2001-08-17 23:11 48736 c:\windows\system32\dllcache\srwlnd5.sys + 2010-06-22 00:40 . 2001-09-06 02:50 99328 c:\windows\system32\dllcache\srusd.dll + 2010-06-22 00:40 . 2001-09-06 02:50 24660 c:\windows\system32\dllcache\spxupchk.dll + 2001-09-05 23:50 . 2001-10-28 17:06 72192 c:\windows\system32\dllcache\sprio800.dll + 2001-09-05 23:50 . 2001-10-28 17:06 70656 c:\windows\system32\dllcache\sprio600.dll + 2001-09-05 23:50 . 2001-10-28 17:06 69632 c:\windows\system32\dllcache\spnike.dll + 2010-06-22 00:40 . 2001-08-18 00:51 61824 c:\windows\system32\dllcache\speed.sys + 2010-06-22 00:40 . 2001-08-18 01:07 19072 c:\windows\system32\dllcache\sparrow.sys + 2010-06-22 00:40 . 2001-08-17 23:51 37040 c:\windows\system32\dllcache\sonypi.sys + 2010-06-22 00:40 . 2001-08-17 23:51 20752 c:\windows\system32\dllcache\sonync.sys + 2008-04-13 11:46 . 2008-04-13 21:34 25344 c:\windows\system32\dllcache\sonydcam.sys + 2010-06-22 00:40 . 2001-08-17 23:51 58368 c:\windows\system32\dllcache\smiminib.sys + 2010-06-22 00:40 . 2001-08-17 23:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys + 2010-06-22 00:40 . 2001-09-06 02:29 36425 c:\windows\system32\dllcache\smcirda.sys + 2010-06-22 00:40 . 2001-08-17 23:12 24576 c:\windows\system32\dllcache\smc8000n.sys + 2010-06-22 00:40 . 2008-04-13 14:36 16000 c:\windows\system32\dllcache\smbbatt.sys + 2010-06-22 00:40 . 2001-09-06 02:50 45568 c:\windows\system32\dllcache\smb3w.dll + 2010-06-22 00:40 . 2001-09-06 02:50 33792 c:\windows\system32\dllcache\smb0w.dll + 2010-06-22 00:40 . 2001-09-06 02:50 28672 c:\windows\system32\dllcache\sma0w.dll + 2010-06-22 00:40 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\sm91w.dll + 2010-06-22 00:40 . 2008-04-13 14:23 13240 c:\windows\system32\dllcache\slwdmsup.sys + 2010-06-22 00:40 . 2008-04-13 22:21 73796 c:\windows\system32\dllcache\slserv.exe + 2010-06-22 00:40 . 2008-04-13 22:21 32866 c:\windows\system32\dllcache\slrundll.exe + 2010-06-22 00:40 . 2008-04-13 14:23 95424 c:\windows\system32\dllcache\slnthal.sys + 2008-04-13 13:46 . 2008-04-13 13:46 11136 c:\windows\system32\dllcache\slip.sys + 2010-06-22 00:39 . 2008-04-13 12:35 63547 c:\windows\system32\dllcache\sla30nd5.sys + 2010-06-22 00:39 . 2001-08-17 23:12 91294 c:\windows\system32\dllcache\skfpwin.sys + 2010-06-22 00:39 . 2001-09-06 02:29 94890 c:\windows\system32\dllcache\sk98xwin.sys + 2010-06-22 00:39 . 2001-08-17 23:50 50432 c:\windows\system32\dllcache\sisv.sys + 2010-06-22 00:39 . 2008-04-13 12:35 32768 c:\windows\system32\dllcache\sisnic.sys + 2008-04-13 11:36 . 2008-04-13 21:34 40960 c:\windows\system32\dllcache\sisagp.sys + 2010-06-22 00:39 . 2001-08-17 23:50 68608 c:\windows\system32\dllcache\sis6306p.sys + 2010-06-22 00:39 . 2001-07-22 01:29 18400 c:\windows\system32\dllcache\sgsmld.sys + 2010-06-22 00:39 . 2001-08-17 23:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys + 2010-06-22 00:39 . 2001-08-17 23:19 36480 c:\windows\system32\dllcache\sfmanm.sys + 2008-04-13 13:40 . 2008-04-13 13:40 11392 c:\windows\system32\dllcache\sfloppy.sys + 2008-04-13 13:40 . 2008-04-13 13:40 11008 c:\windows\system32\dllcache\sffp_sd.sys + 2008-04-13 13:40 . 2008-04-13 13:40 11904 c:\windows\system32\dllcache\sffdisk.sys + 2010-06-22 00:39 . 2001-09-06 02:27 18176 c:\windows\system32\dllcache\sermouse.sys + 2008-04-13 20:55 . 2008-04-13 20:55 65536 c:\windows\system32\dllcache\serial.sys + 2008-04-13 13:40 . 2008-04-13 13:40 15744 c:\windows\system32\dllcache\serenum.sys + 2008-04-13 21:20 . 2008-04-13 22:20 29184 c:\windows\system32\dllcache\sdhcinst.dll + 2008-04-13 13:36 . 2008-04-13 13:36 79232 c:\windows\system32\dllcache\sdbus.sys + 2010-06-22 00:39 . 2008-04-13 14:45 11520 c:\windows\system32\dllcache\scsiscan.sys + 2010-06-22 00:39 . 2001-08-18 00:52 11648 c:\windows\system32\dllcache\scsiprnt.sys + 2008-04-13 13:40 . 2008-04-13 13:40 96384 c:\windows\system32\dllcache\scsiport.sys + 2010-06-22 00:39 . 2001-09-06 02:27 17408 c:\windows\system32\dllcache\scr111.sys + 2010-06-22 00:39 . 2001-09-06 02:27 16768 c:\windows\system32\dllcache\scmstcs.sys + 2010-06-22 00:39 . 2001-08-18 00:51 23936 c:\windows\system32\dllcache\sccmusbm.sys + 2010-06-22 00:39 . 2001-09-06 02:26 24064 c:\windows\system32\dllcache\sccmn50m.sys + 2010-06-22 00:39 . 2008-04-13 14:40 43904 c:\windows\system32\dllcache\sbp2port.sys + 2010-06-22 00:39 . 2001-08-17 23:50 75392 c:\windows\system32\dllcache\s3savmxm.sys + 2010-06-22 00:39 . 2001-08-17 23:50 77824 c:\windows\system32\dllcache\s3sav4m.sys + 2010-06-22 00:39 . 2001-08-17 23:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys + 2010-06-22 00:39 . 2001-09-06 02:49 62496 c:\windows\system32\dllcache\s3mtrio.dll + 2010-06-22 00:39 . 2001-08-17 23:50 41216 c:\windows\system32\dllcache\s3mt3d.sys + 2010-06-22 00:39 . 2001-08-18 00:57 65664 c:\windows\system32\dllcache\s3legacy.sys + 2010-06-22 00:39 . 2001-09-06 02:50 83456 c:\windows\system32\dllcache\rwia450.dll + 2010-06-22 00:39 . 2001-09-06 02:50 80896 c:\windows\system32\dllcache\rwia430.dll + 2010-06-22 00:39 . 2008-04-13 22:20 29696 c:\windows\system32\dllcache\rw450ext.dll + 2010-06-22 00:39 . 2008-04-13 22:20 28160 c:\windows\system32\dllcache\rw430ext.dll + 2010-06-22 00:39 . 2008-04-13 12:35 20992 c:\windows\system32\dllcache\rtl8139.sys + 2010-06-22 00:39 . 2001-08-17 23:12 19017 c:\windows\system32\dllcache\rtl8029.sys + 2010-06-22 00:39 . 2001-08-17 23:19 30720 c:\windows\system32\dllcache\rthwcls.sys + 2010-06-22 00:39 . 2008-04-13 21:54 79360 c:\windows\system32\dllcache\rocket.sys + 2010-06-22 00:39 . 2008-04-13 14:56 30592 c:\windows\system32\dllcache\rndismpx.sys + 2010-06-22 00:39 . 2001-08-17 23:12 37563 c:\windows\system32\dllcache\rlnet5.sys + 2001-08-17 21:24 . 2001-10-28 17:06 12032 c:\windows\system32\dllcache\riodrv.sys + 2001-08-17 21:24 . 2001-10-28 17:06 12032 c:\windows\system32\dllcache\rio8drv.sys + 2010-06-22 00:39 . 2008-04-13 14:46 59136 c:\windows\system32\dllcache\rfcomm.sys + 2009-12-20 01:47 . 2008-04-13 18:53 58240 c:\windows\system32\dllcache\redbook.sys + 2010-06-22 00:39 . 2008-04-13 14:23 13776 c:\windows\system32\dllcache\recagent.sys + 2010-06-22 00:39 . 2001-08-18 00:51 19584 c:\windows\system32\dllcache\rasirda.sys + 2010-06-22 00:39 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\qvusd.dll + 2010-06-22 00:39 . 2001-08-18 00:52 49024 c:\windows\system32\dllcache\ql1280.sys + 2010-06-22 00:39 . 2001-08-18 00:52 40448 c:\windows\system32\dllcache\ql1240.sys + 2010-06-22 00:39 . 2001-08-18 00:52 45312 c:\windows\system32\dllcache\ql12160.sys + 2010-06-22 00:39 . 2001-08-18 00:52 33152 c:\windows\system32\dllcache\ql10wnt.sys + 2010-06-22 00:39 . 2001-08-18 00:52 40320 c:\windows\system32\dllcache\ql1080.sys + 2010-06-22 00:38 . 2001-09-06 02:50 35328 c:\windows\system32\dllcache\psisload.dll + 2010-06-22 00:38 . 2001-09-06 02:21 16512 c:\windows\system32\dllcache\pscr.sys + 2008-04-13 18:51 . 2008-04-13 21:34 39936 c:\windows\system32\dllcache\processr.sys + 2010-06-22 00:38 . 2008-04-13 14:41 17664 c:\windows\system32\dllcache\ppa3.sys + 2010-06-22 00:38 . 2001-08-18 00:53 17792 c:\windows\system32\dllcache\ppa.sys + 2008-04-13 19:20 . 2008-04-13 21:34 15360 c:\windows\system32\dllcache\pjlmon.dll + 2008-04-13 19:20 . 2008-04-13 21:34 35328 c:\windows\system32\dllcache\pid.dll + 2010-06-22 00:38 . 2001-08-18 01:07 19840 c:\windows\system32\dllcache\philtune.sys + 2010-06-22 00:38 . 2001-08-18 01:04 92416 c:\windows\system32\dllcache\phildec.sys + 2010-06-22 00:38 . 2001-08-18 01:04 75776 c:\windows\system32\dllcache\philcam1.sys + 2010-06-22 00:38 . 2001-09-06 02:50 16896 c:\windows\system32\dllcache\philcam1.dll + 2010-06-22 00:38 . 2008-04-13 14:44 28032 c:\windows\system32\dllcache\perm3.sys + 2010-06-22 00:38 . 2008-04-13 14:44 27904 c:\windows\system32\dllcache\perm2.sys + 2010-06-22 00:38 . 2001-08-18 01:07 27296 c:\windows\system32\dllcache\perc2.sys + 2010-06-22 00:38 . 2001-09-06 02:50 86016 c:\windows\system32\dllcache\pctspk.exe + 2010-06-22 00:38 . 2001-08-17 23:11 35328 c:\windows\system32\dllcache\pcntpci5.sys + 2010-06-22 00:38 . 2001-08-17 23:11 29769 c:\windows\system32\dllcache\pcntn5m.sys + 2010-06-22 00:38 . 2001-08-17 23:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys + 2010-06-22 00:38 . 2001-08-17 23:12 26153 c:\windows\system32\dllcache\pcmlm56.sys + 2008-04-13 13:40 . 2008-04-13 13:40 24960 c:\windows\system32\dllcache\pciidex.sys + 2008-04-13 21:02 . 2008-04-13 21:02 68992 c:\windows\system32\dllcache\pci.sys + 2010-06-22 00:38 . 2008-04-13 12:35 29502 c:\windows\system32\dllcache\pca200e.sys + 2010-06-22 00:38 . 2001-08-17 23:12 30495 c:\windows\system32\dllcache\pc100nds.sys + 2008-04-13 19:02 . 2008-04-13 21:34 80384 c:\windows\system32\dllcache\parport.sys + 2008-04-13 19:02 . 2008-04-13 21:34 46848 c:\windows\system32\dllcache\p3.sys + 2010-06-22 00:38 . 2001-09-06 02:50 42496 c:\windows\system32\dllcache\ovui2rc.dll + 2010-06-22 00:38 . 2001-09-06 02:50 44544 c:\windows\system32\dllcache\ovui2.dll + 2010-06-22 00:38 . 2001-08-18 01:05 25216 c:\windows\system32\dllcache\ovsound2.sys + 2010-06-22 00:38 . 2001-09-06 02:50 39424 c:\windows\system32\dllcache\ovcoms.exe + 2010-06-22 00:38 . 2001-09-06 02:50 20480 c:\windows\system32\dllcache\ovcomc.dll + 2010-06-22 00:38 . 2001-08-18 01:05 31872 c:\windows\system32\dllcache\ovce.sys + 2010-06-22 00:38 . 2001-08-18 01:05 28032 c:\windows\system32\dllcache\ovcd.sys + 2010-06-22 00:38 . 2001-08-18 01:05 48000 c:\windows\system32\dllcache\ovcam2.sys + 2010-06-22 00:38 . 2001-08-18 01:05 25088 c:\windows\system32\dllcache\ovca.sys + 2010-06-22 00:38 . 2001-09-06 02:15 54698 c:\windows\system32\dllcache\otcsercb.sys + 2010-06-22 00:38 . 2001-09-06 02:15 44009 c:\windows\system32\dllcache\otceth5.sys + 2010-06-22 00:38 . 2001-08-17 23:12 27209 c:\windows\system32\dllcache\otc06x5.sys + 2010-06-22 00:38 . 2001-08-17 23:20 54528 c:\windows\system32\dllcache\opl3sax.sys + 2010-06-22 00:38 . 2008-04-13 14:46 61696 c:\windows\system32\dllcache\ohci1394.sys + 2010-06-22 00:38 . 2008-04-13 14:54 28672 c:\windows\system32\dllcache\nscirda.sys + 2010-06-22 00:38 . 2001-08-17 23:20 87040 c:\windows\system32\dllcache\nm6wdm.sys + 2001-08-17 21:24 . 2001-10-28 17:06 12032 c:\windows\system32\dllcache\nikedrv.sys + 2008-04-13 11:51 . 2008-04-13 21:34 61824 c:\windows\system32\dllcache\nic1394.sys + 2010-06-22 00:38 . 2001-08-17 23:12 32840 c:\windows\system32\dllcache\ngrpci.sys + 2010-06-22 00:38 . 2001-09-06 02:05 65918 c:\windows\system32\dllcache\netflx3.sys + 2010-06-22 00:38 . 2001-08-17 23:50 39264 c:\windows\system32\dllcache\neo20xx.sys + 2010-06-22 00:38 . 2001-09-06 02:49 60480 c:\windows\system32\dllcache\neo20xx.dll + 2010-06-22 00:38 . 2001-08-18 00:49 15872 c:\windows\system32\dllcache\ne2000.sys + 2008-04-13 11:56 . 2008-04-13 21:34 14592 c:\windows\system32\dllcache\ndisuio.sys + 2008-04-13 11:46 . 2008-04-13 21:34 10880 c:\windows\system32\dllcache\ndisip.sys + 2010-06-22 00:37 . 2001-08-17 23:50 27936 c:\windows\system32\dllcache\n9i3d.sys + 2010-06-22 00:37 . 2001-08-17 23:50 33088 c:\windows\system32\dllcache\n9i128v2.sys + 2010-06-22 00:37 . 2001-09-06 02:49 59104 c:\windows\system32\dllcache\n9i128v2.dll + 2010-06-22 00:37 . 2001-08-17 23:50 13664 c:\windows\system32\dllcache\n9i128.sys + 2010-06-22 00:37 . 2001-09-06 02:49 35392 c:\windows\system32\dllcache\n9i128.dll + 2010-06-22 00:37 . 2001-09-06 02:28 52767 c:\windows\system32\dllcache\n1000nt5.sys + 2010-06-22 00:37 . 2001-09-06 02:27 76544 c:\windows\system32\dllcache\mxport.sys + 2010-06-22 00:37 . 2001-08-18 00:49 19968 c:\windows\system32\dllcache\mxnic.sys + 2010-06-22 00:37 . 2001-09-06 02:50 19968 c:\windows\system32\dllcache\mxicfg.dll + 2010-06-22 00:37 . 2001-09-06 02:27 22016 c:\windows\system32\dllcache\mxcard.sys + 2010-06-22 00:37 . 2008-04-13 14:43 12672 c:\windows\system32\dllcache\mutohpen.sys - 2009-11-27 17:13 . 2009-11-27 17:13 17920 c:\windows\system32\dllcache\msyuv.dll + 2008-04-13 19:20 . 2009-11-27 17:13 17920 c:\windows\system32\dllcache\msyuv.dll + 2010-06-22 00:37 . 2008-04-13 14:46 49024 c:\windows\system32\dllcache\mstape.sys + 2008-04-13 11:36 . 2008-04-13 21:34 15488 c:\windows\system32\dllcache\mssmbios.sys + 2010-06-22 00:37 . 2001-08-18 00:48 12416 c:\windows\system32\dllcache\msriffwv.sys + 2010-06-22 00:37 . 2008-04-13 14:54 22016 c:\windows\system32\dllcache\msircomm.sys + 2010-06-22 00:37 . 2001-08-18 01:02 35200 c:\windows\system32\dllcache\msgame.sys + 2010-06-22 00:37 . 2001-08-18 00:52 17280 c:\windows\system32\dllcache\mraid35x.sys + 2008-04-13 11:46 . 2008-04-13 21:34 15232 c:\windows\system32\dllcache\mpe.sys + 2001-09-05 23:20 . 2001-10-28 17:06 12288 c:\windows\system32\dllcache\mouhid.sys + 2008-04-13 18:50 . 2008-04-13 21:34 23552 c:\windows\system32\dllcache\mouclass.sys + 2010-06-22 00:37 . 2001-08-18 00:57 16128 c:\windows\system32\dllcache\modemcsa.sys + 2008-04-13 18:50 . 2008-04-13 21:34 30336 c:\windows\system32\dllcache\modem.sys + 2008-04-13 11:36 . 2008-04-13 21:34 63744 c:\windows\system32\dllcache\mf.sys + 2010-06-22 00:37 . 2008-04-13 14:41 26112 c:\windows\system32\dllcache\memstpci.sys + 2010-06-22 00:37 . 2001-09-06 02:50 47616 c:\windows\system32\dllcache\memgrp.dll + 2010-06-22 00:37 . 2001-08-17 23:19 48768 c:\windows\system32\dllcache\maestro.sys + 2010-06-22 00:37 . 2001-09-06 02:50 59392 c:\windows\system32\dllcache\m3092dc.dll + 2010-06-22 00:37 . 2001-09-06 02:50 58880 c:\windows\system32\dllcache\m3091dc.dll + 2010-06-22 00:37 . 2001-08-17 23:49 22848 c:\windows\system32\dllcache\lwusbhid.sys + 2010-06-22 00:37 . 2008-04-13 12:39 20864 c:\windows\system32\dllcache\lwadihid.sys + 2010-06-22 00:36 . 2001-08-17 23:12 70730 c:\windows\system32\dllcache\lne100tx.sys + 2010-06-22 00:36 . 2001-08-17 23:12 20573 c:\windows\system32\dllcache\lne100.sys + 2010-06-22 00:36 . 2001-08-17 23:11 25065 c:\windows\system32\dllcache\lmndis3.sys + 2010-06-22 00:36 . 2001-09-06 02:11 16128 c:\windows\system32\dllcache\lit220p.sys + 2010-06-22 00:36 . 2008-04-13 14:40 34688 c:\windows\system32\dllcache\lbrtfdc.sys + 2010-06-22 00:36 . 2001-09-06 02:10 26634 c:\windows\system32\dllcache\lanepic5.sys + 2010-06-22 00:36 . 2001-08-17 23:12 19016 c:\windows\system32\dllcache\ktc111.sys + 2010-06-22 00:36 . 2001-09-06 02:50 37376 c:\windows\system32\dllcache\kousd.dll + 2010-06-22 00:36 . 2008-04-13 22:20 49152 c:\windows\system32\dllcache\kdsui.dll + 2008-04-13 20:58 . 2008-04-13 20:58 14720 c:\windows\system32\dllcache\kbdhid.sys + 2008-04-13 20:58 . 2008-04-13 20:58 25088 c:\windows\system32\dllcache\kbdclass.sys - 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll + 2008-04-13 19:20 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll + 2008-04-13 20:58 . 2008-04-13 20:58 37632 c:\windows\system32\dllcache\isapnp.sys + 2010-06-22 00:36 . 2001-08-18 00:49 26624 c:\windows\system32\dllcache\irstusb.sys + 2010-06-22 00:36 . 2001-08-18 00:51 18688 c:\windows\system32\dllcache\irsir.sys + 2010-06-22 00:36 . 2008-04-13 22:20 28672 c:\windows\system32\dllcache\irmon.dll + 2010-06-22 00:36 . 2001-08-18 00:49 23552 c:\windows\system32\dllcache\irmk7.sys + 2010-06-22 00:36 . 2008-04-13 14:54 88192 c:\windows\system32\dllcache\irda.sys + 2010-06-22 00:36 . 2008-04-13 14:45 46592 c:\windows\system32\dllcache\irbus.sys + 2010-06-22 00:36 . 2001-08-17 23:12 45632 c:\windows\system32\dllcache\ip5515.sys + 2010-06-22 00:36 . 2001-09-06 02:50 90200 c:\windows\system32\dllcache\io8ports.dll + 2010-06-22 00:36 . 2001-08-18 00:50 38784 c:\windows\system32\dllcache\io8.sys + 2008-04-13 20:57 . 2008-04-13 20:57 40448 c:\windows\system32\dllcache\intelppm.sys + 2010-06-22 00:36 . 2001-09-06 02:05 13568 c:\windows\system32\dllcache\inport.sys + 2010-06-22 00:36 . 2001-08-18 00:52 16000 c:\windows\system32\dllcache\ini910u.sys + 2008-04-13 13:41 . 2008-04-13 13:41 42112 c:\windows\system32\dllcache\imapi.sys + 2010-06-22 00:35 . 2001-09-06 02:50 20480 c:\windows\system32\dllcache\icam5ext.dll + 2010-06-22 00:35 . 2001-09-06 02:50 45056 c:\windows\system32\dllcache\icam5com.dll + 2010-06-22 00:35 . 2001-09-06 02:50 62976 c:\windows\system32\dllcache\icam4ext.dll + 2010-06-22 00:35 . 2001-09-06 02:50 91648 c:\windows\system32\dllcache\icam4com.dll + 2010-06-22 00:35 . 2001-09-06 02:50 26624 c:\windows\system32\dllcache\icam3ext.dll + 2010-06-22 00:35 . 2001-08-18 01:06 38528 c:\windows\system32\dllcache\ibmvcap.sys + 2010-06-22 00:35 . 2001-08-17 23:11 28700 c:\windows\system32\dllcache\ibmexmp.sys + 2008-04-13 20:55 . 2008-04-13 20:55 53504 c:\windows\system32\dllcache\i8042prt.sys + 2010-06-22 00:35 . 2001-08-17 23:49 58592 c:\windows\system32\dllcache\i740nt5.sys + 2010-06-22 00:35 . 2008-04-13 14:41 18560 c:\windows\system32\dllcache\i2omp.sys + 2010-06-22 00:35 . 2008-04-13 22:20 32285 c:\windows\system32\dllcache\hsfcisp2.dll + 2010-06-22 00:35 . 2001-08-18 00:28 50751 c:\windows\system32\dllcache\hsf_tone.sys + 2010-06-22 00:35 . 2001-08-18 00:28 73279 c:\windows\system32\dllcache\hsf_spkp.sys + 2010-06-22 00:35 . 2001-08-18 00:28 44863 c:\windows\system32\dllcache\hsf_soar.sys + 2010-06-22 00:35 . 2001-08-18 00:28 57471 c:\windows\system32\dllcache\hsf_samp.sys + 2010-06-22 00:35 . 2001-08-18 00:28 67167 c:\windows\system32\dllcache\hsf_bsc2.sys + 2010-06-22 00:35 . 2001-09-06 02:50 19456 c:\windows\system32\dllcache\hr1w.dll + 2010-06-22 00:35 . 2001-09-06 02:50 13312 c:\windows\system32\dllcache\hpsjmcro.dll + 2010-06-22 00:35 . 2001-08-18 01:07 25952 c:\windows\system32\dllcache\hpn.sys + 2010-06-22 00:35 . 2001-09-06 02:50 32768 c:\windows\system32\dllcache\hpgtmcro.dll + 2010-06-22 00:35 . 2001-09-06 02:50 68608 c:\windows\system32\dllcache\hpgt53tk.dll + 2010-06-22 00:35 . 2001-09-06 02:50 31232 c:\windows\system32\dllcache\hpgt42tk.dll + 2010-06-22 00:35 . 2001-09-06 02:50 93696 c:\windows\system32\dllcache\hpgt42.dll + 2010-06-22 00:35 . 2001-09-06 02:50 48128 c:\windows\system32\dllcache\hpgt33tk.dll + 2010-06-22 00:35 . 2001-09-06 02:50 89088 c:\windows\system32\dllcache\hpgt33.dll + 2010-06-22 00:35 . 2001-09-06 02:50 83968 c:\windows\system32\dllcache\hpgt21.dll + 2008-04-13 13:45 . 2008-04-13 13:45 10368 c:\windows\system32\dllcache\hidusb.sys + 2008-04-13 19:20 . 2008-04-13 21:34 21504 c:\windows\system32\dllcache\hidserv.dll + 2008-04-13 13:45 . 2008-04-13 13:45 24960 c:\windows\system32\dllcache\hidparse.sys + 2010-06-22 00:35 . 2008-04-13 14:45 19200 c:\windows\system32\dllcache\hidir.sys + 2008-04-13 13:45 . 2008-04-13 13:45 36864 c:\windows\system32\dllcache\hidclass.sys + 2010-06-22 00:35 . 2008-04-13 21:54 25728 c:\windows\system32\dllcache\hidbth.sys + 2010-06-22 00:35 . 2008-04-13 14:36 20352 c:\windows\system32\dllcache\hidbatt.sys + 2008-04-13 19:20 . 2008-04-13 21:34 20992 c:\windows\system32\dllcache\hid.dll + 2010-06-22 00:35 . 2008-04-13 21:54 28544 c:\windows\system32\dllcache\grserial.sys + 2010-06-22 00:35 . 2001-09-06 02:23 82432 c:\windows\system32\dllcache\grclass.sys + 2010-06-22 00:35 . 2001-09-06 02:22 17664 c:\windows\system32\dllcache\gpr400.sys + 2010-06-22 00:34 . 2008-04-13 14:45 10624 c:\windows\system32\dllcache\gameenum.sys + 2008-04-13 11:36 . 2008-04-13 21:34 46464 c:\windows\system32\dllcache\gagp30kx.sys + 2010-06-22 00:34 . 2001-09-06 02:50 92160 c:\windows\system32\dllcache\fuusd.dll + 2001-09-05 23:20 . 2001-10-28 17:06 12416 c:\windows\system32\dllcache\fsvga.sys + 2010-06-22 00:34 . 2008-04-13 12:35 34173 c:\windows\system32\dllcache\forehe.sys + 2010-06-22 00:34 . 2001-09-06 02:50 71680 c:\windows\system32\dllcache\fnfilter.dll + 2008-04-13 13:40 . 2008-04-13 13:40 20480 c:\windows\system32\dllcache\flpydisk.sys + 2010-06-22 00:34 . 2001-08-17 23:13 27165 c:\windows\system32\dllcache\fetnd5.sys + 2010-06-22 00:34 . 2001-08-17 23:10 22090 c:\windows\system32\dllcache\fem556n5.sys + 2008-04-13 13:40 . 2008-04-13 13:40 27392 c:\windows\system32\dllcache\fdc.sys + 2010-06-22 00:34 . 2001-08-17 23:12 24618 c:\windows\system32\dllcache\fa410nd5.sys + 2010-06-22 00:34 . 2001-08-17 23:12 16074 c:\windows\system32\dllcache\fa312nd5.sys + 2010-06-22 00:34 . 2001-08-17 23:11 11850 c:\windows\system32\dllcache\f3ab18xj.sys + 2010-06-22 00:34 . 2001-08-17 23:11 12362 c:\windows\system32\dllcache\f3ab18xi.sys + 2010-06-22 00:34 . 2001-08-17 23:12 16998 c:\windows\system32\dllcache\ex10.sys + 2010-06-22 00:34 . 2001-09-06 02:50 46080 c:\windows\system32\dllcache\esunib.dll + 2010-06-22 00:34 . 2001-09-06 02:50 46080 c:\windows\system32\dllcache\esuni.dll + 2010-06-22 00:34 . 2001-09-06 02:50 34816 c:\windows\system32\dllcache\esuimg.dll + 2010-06-22 00:34 . 2001-09-06 02:50 43008 c:\windows\system32\dllcache\esucm.dll + 2010-06-22 00:34 . 2001-08-17 23:19 63360 c:\windows\system32\dllcache\ess.sys + 2010-06-22 00:34 . 2001-08-17 23:19 72192 c:\windows\system32\dllcache\es1969.sys + 2010-06-22 00:34 . 2001-08-17 23:19 40704 c:\windows\system32\dllcache\es1371mp.sys + 2010-06-22 00:34 . 2001-08-17 23:19 37120 c:\windows\system32\dllcache\es1370mp.sys + 2010-06-22 00:34 . 2001-09-06 02:50 62464 c:\windows\system32\dllcache\eqnloop.exe + 2010-06-22 00:34 . 2001-09-06 02:50 51712 c:\windows\system32\dllcache\eqnlogr.exe + 2010-06-22 00:34 . 2001-09-06 02:50 53248 c:\windows\system32\dllcache\eqndiag.exe + 2010-06-22 00:34 . 2001-08-17 23:12 18503 c:\windows\system32\dllcache\epro4.sys + 2010-06-22 00:34 . 2001-08-17 23:10 19996 c:\windows\system32\dllcache\em556n4.sys + 2010-06-22 00:34 . 2001-08-17 23:10 25159 c:\windows\system32\dllcache\elnk3.sys + 2010-06-22 00:34 . 2001-08-17 23:11 70174 c:\windows\system32\dllcache\el98xn5.sys + 2010-06-22 00:34 . 2001-08-17 23:11 66591 c:\windows\system32\dllcache\el90xbc5.sys + 2010-06-22 00:34 . 2001-08-17 23:11 77386 c:\windows\system32\dllcache\el656nd5.sys + 2010-06-22 00:34 . 2001-08-17 23:11 69194 c:\windows\system32\dllcache\el656cd5.sys + 2010-06-22 00:34 . 2001-08-17 23:10 26141 c:\windows\system32\dllcache\el589nd5.sys + 2010-06-22 00:34 . 2001-08-17 23:10 69692 c:\windows\system32\dllcache\el575nd5.sys + 2010-06-22 00:34 . 2001-08-17 23:10 24653 c:\windows\system32\dllcache\el574nd4.sys + 2010-06-22 00:34 . 2001-08-17 23:10 55999 c:\windows\system32\dllcache\el556nd5.sys + 2010-06-22 00:34 . 2001-09-06 02:11 44103 c:\windows\system32\dllcache\el515.sys + 2010-06-22 00:34 . 2001-08-17 23:12 19594 c:\windows\system32\dllcache\e100isa4.sys + 2010-06-22 00:34 . 2001-09-06 02:10 51231 c:\windows\system32\dllcache\e1000nt5.sys + 2008-04-13 13:38 . 2008-04-13 13:38 71168 c:\windows\system32\dllcache\dxg.sys + 2001-09-05 23:50 . 2001-10-28 17:06 57344 c:\windows\system32\dllcache\dvdplay.exe + 2008-04-13 11:45 . 2008-04-13 21:34 60160 c:\windows\system32\dllcache\drmk.sys + 2010-06-22 00:34 . 2001-08-18 01:07 20192 c:\windows\system32\dllcache\dpti2o.sys + 2010-06-22 00:34 . 2001-08-17 23:12 28062 c:\windows\system32\dllcache\dp83820.sys + 2010-06-22 00:34 . 2001-09-06 02:06 24064 c:\windows\system32\dllcache\dot4usb.sys + 2010-06-22 00:34 . 2001-08-18 00:47 12928 c:\windows\system32\dllcache\dot4prt.sys + 2008-04-13 19:20 . 2008-04-13 21:34 55296 c:\windows\system32\dllcache\dmutil.dll + 2009-12-20 05:19 . 2008-04-13 14:45 52864 c:\windows\system32\dllcache\dmusic.sys + 2010-06-22 00:33 . 2001-08-17 23:11 26698 c:\windows\system32\dllcache\dlh5xnd5.sys + 2010-06-22 00:33 . 2001-09-06 02:50 29768 c:\windows\system32\dllcache\divasu.dll + 2010-06-22 00:33 . 2001-09-06 02:50 37962 c:\windows\system32\dllcache\divaprop.dll + 2010-06-22 00:33 . 2001-09-06 02:50 38985 c:\windows\system32\dllcache\disrvsu.dll + 2010-06-22 00:33 . 2001-09-06 02:50 31817 c:\windows\system32\dllcache\disrvpp.dll + 2008-04-13 13:40 . 2008-04-13 13:40 36352 c:\windows\system32\dllcache\disk.sys + 2010-06-22 00:33 . 2001-08-17 23:13 91305 c:\windows\system32\dllcache\dimaint.sys + 2010-06-22 00:33 . 2001-09-06 02:04 42528 c:\windows\system32\dllcache\digirlpt.sys + 2010-06-22 00:33 . 2001-08-17 23:14 21606 c:\windows\system32\dllcache\digiisdn.sys + 2010-06-22 00:33 . 2001-09-06 02:50 41046 c:\windows\system32\dllcache\digiisdn.dll + 2010-06-22 00:33 . 2001-09-06 02:04 90717 c:\windows\system32\dllcache\digifep5.sys + 2010-06-22 00:33 . 2001-09-06 02:04 37895 c:\windows\system32\dllcache\digiasyn.sys + 2010-06-22 00:33 . 2001-09-06 02:50 65622 c:\windows\system32\dllcache\digiasyn.dll + 2010-06-22 00:33 . 2001-09-06 02:50 32256 c:\windows\system32\dllcache\diapi2NT.dll + 2010-06-22 00:33 . 2001-09-06 02:27 29659 c:\windows\system32\dllcache\dgapci.sys + 2010-06-22 00:33 . 2001-08-17 23:11 24649 c:\windows\system32\dllcache\dfe650d.sys + 2010-06-22 00:33 . 2001-08-17 23:11 24648 c:\windows\system32\dllcache\dfe650.sys + 2010-06-22 00:33 . 2001-09-06 02:50 24064 c:\windows\system32\dllcache\devldr32.exe + 2010-06-22 00:33 . 2001-08-17 23:11 20928 c:\windows\system32\dllcache\defpa.sys + 2010-06-22 00:33 . 2001-09-06 02:50 86528 c:\windows\system32\dllcache\dc240usd.dll + 2010-06-22 00:33 . 2001-08-17 23:12 63208 c:\windows\system32\dllcache\dc21x4.sys + 2010-06-22 00:33 . 2001-09-06 02:50 81408 c:\windows\system32\dllcache\dc210usd.dll + 2010-06-22 00:33 . 2001-09-06 02:50 25600 c:\windows\system32\dllcache\dc210_32.dll + 2010-06-22 00:33 . 2001-08-18 00:52 14720 c:\windows\system32\dllcache\dac960nt.sys + 2010-06-22 00:33 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\cyzports.dll + 2010-06-22 00:33 . 2001-09-06 02:25 50560 c:\windows\system32\dllcache\cyzport.sys + 2010-06-22 00:33 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\cyzcoins.dll + 2010-06-22 00:33 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\cyyports.dll + 2010-06-22 00:33 . 2001-09-06 02:25 50816 c:\windows\system32\dllcache\cyyport.sys + 2010-06-22 00:33 . 2001-09-06 02:50 28672 c:\windows\system32\dllcache\cyycoins.dll + 2010-06-22 00:33 . 2001-09-06 02:25 15104 c:\windows\system32\dllcache\cyclom-y.sys + 2010-06-22 00:33 . 2001-09-06 02:25 17408 c:\windows\system32\dllcache\cyclad-z.sys + 2010-06-22 00:33 . 2008-04-13 12:36 48640 c:\windows\system32\dllcache\cwrwdm.sys + 2010-06-22 00:33 . 2001-08-17 23:19 93952 c:\windows\system32\dllcache\cwcwdm.sys + 2010-06-22 00:33 . 2001-08-17 23:19 72832 c:\windows\system32\dllcache\cwbwdm.sys + 2010-06-22 00:33 . 2001-08-17 23:19 96256 c:\windows\system32\dllcache\ctlsb16.sys + 2008-04-13 18:57 . 2008-04-13 21:34 40832 c:\windows\system32\dllcache\crusoe.sys + 2010-06-22 00:33 . 2001-08-17 23:19 42112 c:\windows\system32\dllcache\crtaud.sys + 2010-06-22 00:33 . 2008-04-13 14:36 10240 c:\windows\system32\dllcache\compbatt.sys + 2008-04-13 19:20 . 2008-04-13 21:34 49152 c:\windows\system32\dllcache\cnbjmon.dll + 2010-06-22 00:33 . 2001-09-06 02:18 20864 c:\windows\system32\dllcache\cmbp0wdm.sys + 2010-06-22 00:33 . 2008-04-13 14:36 13952 c:\windows\system32\dllcache\cmbatt.sys + 2010-06-22 00:33 . 2001-08-18 00:57 45696 c:\windows\system32\dllcache\cirrus.sys + 2010-06-22 00:33 . 2001-09-06 02:49 91264 c:\windows\system32\dllcache\cirrus.dll + 2010-06-22 00:33 . 2008-04-13 22:20 15423 c:\windows\system32\dllcache\ch7xxnt5.dll + 2010-06-22 00:33 . 2001-09-06 02:15 49182 c:\windows\system32\dllcache\cem56n5.sys + 2010-06-22 00:33 . 2001-09-06 02:15 22044 c:\windows\system32\dllcache\cem33n5.sys + 2010-06-22 00:33 . 2001-09-06 02:15 22044 c:\windows\system32\dllcache\cem28n5.sys + 2010-06-22 00:33 . 2001-09-06 02:15 27164 c:\windows\system32\dllcache\ce3n5.sys + 2010-06-22 00:33 . 2001-09-06 02:15 21530 c:\windows\system32\dllcache\ce2n5.sys + 2008-04-13 13:40 . 2008-04-13 13:40 62976 c:\windows\system32\dllcache\cdrom.sys + 2008-04-13 21:20 . 2009-08-06 22:24 96480 c:\windows\system32\dllcache\cdm.dll + 2001-08-17 21:52 . 2001-10-28 17:06 18688 c:\windows\system32\dllcache\cdaudio.sys + 2001-10-28 17:06 . 2001-10-28 17:06 13952 c:\windows\system32\dllcache\cbidf2k.sys + 2010-06-22 00:33 . 2001-08-17 23:13 46108 c:\windows\system32\dllcache\cben5.sys + 2010-06-22 00:33 . 2001-08-17 23:12 39680 c:\windows\system32\dllcache\cb325.sys + 2010-06-22 00:33 . 2001-08-17 23:12 37916 c:\windows\system32\dllcache\cb102.sys + 2010-06-22 00:33 . 2001-09-06 02:50 74240 c:\windows\system32\dllcache\camexo20.dll + 2010-06-22 00:32 . 2008-04-13 14:46 18944 c:\windows\system32\dllcache\bthusb.sys + 2008-04-13 21:20 . 2008-04-13 22:20 30208 c:\windows\system32\dllcache\bthserv.dll + 2010-06-22 00:32 . 2008-04-13 14:46 36480 c:\windows\system32\dllcache\bthprint.sys + 2010-06-22 00:32 . 2008-04-13 14:46 37888 c:\windows\system32\dllcache\bthmodem.sys + 2010-06-22 00:32 . 2008-04-13 14:46 17024 c:\windows\system32\dllcache\bthenum.sys + 2008-04-13 21:20 . 2008-04-13 22:20 20992 c:\windows\system32\dllcache\bthci.dll + 2010-06-22 00:32 . 2001-08-17 23:11 31529 c:\windows\system32\dllcache\brzwlan.sys + 2010-06-22 00:32 . 2001-08-18 00:12 10368 c:\windows\system32\dllcache\brusbscn.sys + 2010-06-22 00:32 . 2001-08-18 00:12 11008 c:\windows\system32\dllcache\brusbmdm.sys + 2010-06-22 00:32 . 2001-08-18 00:12 60416 c:\windows\system32\dllcache\brserwdm.sys + 2010-06-22 00:32 . 2001-09-06 02:12 39680 c:\windows\system32\dllcache\brparwdm.sys + 2010-06-22 00:32 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\brmfusb.dll + 2010-06-22 00:32 . 2001-09-06 02:50 32256 c:\windows\system32\dllcache\brmfrsmg.exe + 2010-06-22 00:32 . 2001-09-06 02:50 29696 c:\windows\system32\dllcache\brmflpt.dll + 2010-06-22 00:32 . 2001-09-06 02:50 81920 c:\windows\system32\dllcache\brmfcwia.dll + 2010-06-22 00:32 . 2001-09-06 02:50 15360 c:\windows\system32\dllcache\brmfbidi.dll + 2010-06-22 00:32 . 2001-08-18 00:12 12160 c:\windows\system32\dllcache\brfiltlo.sys + 2010-06-22 00:32 . 2001-09-06 02:50 12800 c:\windows\system32\dllcache\brevif.dll + 2010-06-22 00:32 . 2001-09-06 02:50 19456 c:\windows\system32\dllcache\brbidiif.dll + 2008-04-13 11:46 . 2008-04-13 21:34 11776 c:\windows\system32\dllcache\bdasup.sys + 2010-06-22 00:32 . 2001-08-17 23:11 26568 c:\windows\system32\dllcache\bcm4e5.sys + 2010-06-22 00:32 . 2001-08-17 23:11 54271 c:\windows\system32\dllcache\bcm42xx5.sys + 2010-06-22 00:32 . 2001-08-17 23:11 66557 c:\windows\system32\dllcache\bcm42u.sys + 2010-06-22 00:32 . 2008-04-13 14:36 14208 c:\windows\system32\dllcache\battc.sys + 2010-06-22 00:32 . 2001-08-17 23:48 36128 c:\windows\system32\dllcache\banshee.sys + 2010-06-22 00:32 . 2001-09-06 02:09 97184 c:\windows\system32\dllcache\b57xp32.sys + 2010-06-22 00:32 . 2001-08-17 23:13 89952 c:\windows\system32\dllcache\b1cbase.sys + 2010-06-22 00:32 . 2001-08-17 23:19 36992 c:\windows\system32\dllcache\aztw2320.sys + 2010-06-22 00:32 . 2001-08-17 23:13 37568 c:\windows\system32\dllcache\avmwan.sys + 2010-06-22 00:32 . 2001-09-06 02:50 87552 c:\windows\system32\dllcache\avmcoxp.dll + 2010-06-22 00:32 . 2008-04-13 14:46 13696 c:\windows\system32\dllcache\avcstrm.sys + 2010-06-22 00:32 . 2001-08-18 01:01 36096 c:\windows\system32\dllcache\avcaudio.sys + 2010-06-22 00:32 . 2008-04-13 14:46 38912 c:\windows\system32\dllcache\avc.sys + 2010-06-22 00:32 . 2008-04-13 22:20 17279 c:\windows\system32\dllcache\atv10nt5.dll + 2010-06-22 00:32 . 2008-04-13 22:20 14143 c:\windows\system32\dllcache\atv06nt5.dll + 2010-06-22 00:32 . 2008-04-13 22:20 25471 c:\windows\system32\dllcache\atv04nt5.dll + 2010-06-22 00:32 . 2008-04-13 22:20 11359 c:\windows\system32\dllcache\atv02nt5.dll + 2010-06-22 00:32 . 2008-04-13 22:20 21183 c:\windows\system32\dllcache\atv01nt5.dll + 2010-06-22 00:32 . 2001-08-17 23:49 23552 c:\windows\system32\dllcache\atixbar.sys + 2010-06-22 00:32 . 2001-08-17 23:49 26624 c:\windows\system32\dllcache\ativxbar.sys + 2010-06-22 00:32 . 2001-08-17 23:49 19456 c:\windows\system32\dllcache\ativttxx.sys + 2010-06-22 00:32 . 2008-04-13 22:20 32768 c:\windows\system32\dllcache\ativtmxx.dll + 2010-06-22 00:32 . 2001-08-17 23:49 17152 c:\windows\system32\dllcache\atitvsnd.sys + 2010-06-22 00:32 . 2001-08-17 23:49 17152 c:\windows\system32\dllcache\atitunep.sys + 2010-06-22 00:32 . 2001-08-17 23:49 26880 c:\windows\system32\dllcache\atirtsnd.sys + 2010-06-22 00:32 . 2001-08-17 23:49 49920 c:\windows\system32\dllcache\atirtcap.sys + 2010-06-22 00:32 . 2001-09-06 02:08 70656 c:\windows\system32\dllcache\atiragem.sys + 2010-06-22 00:32 . 2001-08-17 23:49 10240 c:\windows\system32\dllcache\atipcxxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 63488 c:\windows\system32\dllcache\atinxsxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 31744 c:\windows\system32\dllcache\atinxbxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 73216 c:\windows\system32\dllcache\atintuxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 13824 c:\windows\system32\dllcache\atinttxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 28672 c:\windows\system32\dllcache\atinsnxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 52224 c:\windows\system32\dllcache\atinraxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 14336 c:\windows\system32\dllcache\atinpdxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 13824 c:\windows\system32\dllcache\atinmdxx.sys + 2010-06-22 00:32 . 2008-04-13 12:34 57856 c:\windows\system32\dllcache\atinbtxx.sys + 2010-06-22 00:32 . 2001-09-06 02:08 75264 c:\windows\system32\dllcache\atimpae.sys + 2010-06-22 00:32 . 2001-09-06 02:50 37376 c:\windows\system32\dllcache\atievxx.exe + 2010-06-22 00:32 . 2001-08-17 23:49 46464 c:\windows\system32\dllcache\atibt829.sys + 2010-06-22 00:31 . 2008-04-13 12:34 34735 c:\windows\system32\dllcache\ati1xsxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 29455 c:\windows\system32\dllcache\ati1xbxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 36463 c:\windows\system32\dllcache\ati1tuxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 21343 c:\windows\system32\dllcache\ati1ttxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 26367 c:\windows\system32\dllcache\ati1snxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 63663 c:\windows\system32\dllcache\ati1rvxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 30671 c:\windows\system32\dllcache\ati1raxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 12047 c:\windows\system32\dllcache\ati1pdxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 11615 c:\windows\system32\dllcache\ati1mdxx.sys + 2010-06-22 00:31 . 2008-04-13 12:34 56623 c:\windows\system32\dllcache\ati1btxx.sys + 2010-06-22 00:31 . 2001-09-06 02:08 77824 c:\windows\system32\dllcache\ati.sys + 2010-06-22 00:31 . 2001-09-06 02:49 96128 c:\windows\system32\dllcache\ati.dll + 2008-04-13 13:40 . 2008-04-13 13:40 96512 c:\windows\system32\dllcache\atapi.sys + 2010-06-22 00:31 . 2001-08-17 23:12 97354 c:\windows\system32\dllcache\aspndis3.sys + 2010-06-22 00:31 . 2001-08-18 00:51 14848 c:\windows\system32\dllcache\asc3550.sys + 2010-06-22 00:31 . 2001-08-18 00:52 22400 c:\windows\system32\dllcache\asc3350p.sys + 2010-06-22 00:31 . 2001-08-18 00:52 26496 c:\windows\system32\dllcache\asc.sys + 2008-04-13 11:51 . 2008-04-13 21:34 60800 c:\windows\system32\dllcache\arp1394.sys + 2010-06-22 00:31 . 2008-04-13 12:35 36224 c:\windows\system32\dllcache\an983.sys + 2010-06-22 00:31 . 2001-08-18 00:52 12032 c:\windows\system32\dllcache\amsint.sys + 2008-04-13 18:51 . 2008-04-13 21:34 41856 c:\windows\system32\dllcache\amdk7.sys + 2008-04-13 18:51 . 2008-04-13 21:34 41472 c:\windows\system32\dllcache\amdk6.sys + 2008-04-13 11:36 . 2008-04-13 21:34 43008 c:\windows\system32\dllcache\amdagp.sys + 2010-06-22 00:31 . 2001-08-17 23:11 16969 c:\windows\system32\dllcache\amb8002.sys + 2008-04-13 11:36 . 2008-04-13 21:34 42752 c:\windows\system32\dllcache\alim1541.sys + 2010-06-22 00:31 . 2001-08-18 00:49 26624 c:\windows\system32\dllcache\alifir.sys + 2010-06-22 00:31 . 2001-08-17 23:11 27678 c:\windows\system32\dllcache\ali5261.sys + 2010-06-22 00:31 . 2001-08-18 01:07 56960 c:\windows\system32\dllcache\aic78xx.sys + 2010-06-22 00:31 . 2001-08-18 01:07 55168 c:\windows\system32\dllcache\aic78u2.sys + 2010-06-22 00:31 . 2001-08-18 00:52 12800 c:\windows\system32\dllcache\aha154x.sys + 2008-04-13 11:36 . 2008-04-13 21:34 44928 c:\windows\system32\dllcache\agpcpq.sys + 2008-04-13 11:36 . 2008-04-13 21:34 42368 c:\windows\system32\dllcache\agp440.sys + 2010-06-22 00:31 . 2001-08-17 23:11 46112 c:\windows\system32\dllcache\adptsf50.sys + 2010-06-22 00:31 . 2008-04-13 12:36 10880 c:\windows\system32\dllcache\admjoy.sys + 2010-06-22 00:31 . 2001-08-17 23:11 20160 c:\windows\system32\dllcache\adm8511.sys + 2001-10-28 17:06 . 2001-10-28 17:06 11904 c:\windows\system32\dllcache\acpiec.sys + 2010-06-22 00:31 . 2001-09-06 02:50 61952 c:\windows\system32\dllcache\acerscad.dll + 2010-06-22 00:31 . 2008-04-13 12:36 84480 c:\windows\system32\dllcache\ac97via.sys + 2010-06-22 00:31 . 2001-08-17 23:20 96256 c:\windows\system32\dllcache\ac97intc.sys + 2010-06-22 00:31 . 2001-08-18 00:52 23552 c:\windows\system32\dllcache\abp480n5.sys + 2010-06-22 00:31 . 2001-09-06 02:50 98304 c:\windows\system32\dllcache\a3d.dll + 2010-06-22 00:31 . 2001-09-06 02:49 38400 c:\windows\system32\dllcache\8514a.dll + 2010-06-22 00:31 . 2008-04-13 14:46 48128 c:\windows\system32\dllcache\61883.sys + 2010-06-22 00:31 . 2008-04-13 14:40 12288 c:\windows\system32\dllcache\4mmdat.sys + 2010-06-22 00:31 . 2001-08-18 01:06 11264 c:\windows\system32\dllcache\1394vdbg.sys + 2010-06-22 00:31 . 2008-04-13 14:46 53376 c:\windows\system32\dllcache\1394bus.sys + 2001-09-05 23:49 . 2001-10-28 17:06 3200 c:\windows\system32\dllcache\wowfax.dll + 2010-06-22 00:41 . 2008-04-13 14:36 8832 c:\windows\system32\dllcache\wmiacpi.sys + 2008-04-13 13:40 . 2008-04-13 13:40 5376 c:\windows\system32\dllcache\viaide.sys + 2010-06-22 00:41 . 2001-08-18 00:28 7556 c:\windows\system32\dllcache\usroslba.sys + 2001-10-28 17:07 . 2001-10-28 17:07 4736 c:\windows\system32\dllcache\usbd.sys + 2001-09-05 23:50 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll - 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll + 2010-06-22 00:40 . 2001-09-06 02:12 4992 c:\windows\system32\dllcache\toside.sys + 2010-06-22 00:40 . 2001-08-18 00:52 7040 c:\windows\system32\dllcache\tandqic.sys + 2008-04-13 11:39 . 2008-04-13 21:34 4352 c:\windows\system32\dllcache\swenum.sys + 2001-09-05 23:50 . 2001-10-28 17:06 8192 c:\windows\system32\dllcache\streamci.dll + 2009-12-20 05:19 . 2008-04-13 14:45 6272 c:\windows\system32\dllcache\splitter.sys + 2010-06-22 00:40 . 2001-08-18 00:56 7552 c:\windows\system32\dllcache\sonypvu1.sys + 2010-06-22 00:40 . 2001-08-18 00:53 9600 c:\windows\system32\dllcache\sonymc.sys + 2010-06-22 00:40 . 2008-04-13 14:40 7552 c:\windows\system32\dllcache\sonyait.sys + 2010-06-22 00:40 . 2001-08-18 00:53 7040 c:\windows\system32\dllcache\snyaitmc.sys + 2010-06-22 00:40 . 2001-08-18 00:57 6784 c:\windows\system32\dllcache\smbhc.sys + 2010-06-22 00:40 . 2008-04-13 14:36 6912 c:\windows\system32\dllcache\smbclass.sys + 2010-06-22 00:40 . 2008-04-13 14:36 5888 c:\windows\system32\dllcache\smbali.sys + 2010-06-22 00:39 . 2008-04-13 22:20 3901 c:\windows\system32\dllcache\siint5.dll + 2010-06-22 00:39 . 2001-09-06 02:27 6912 c:\windows\system32\dllcache\serscan.sys + 2010-06-22 00:39 . 2001-08-18 00:53 6912 c:\windows\system32\dllcache\seaddsmc.sys + 2010-06-22 00:39 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\rsmgrstr.dll + 2010-06-22 00:39 . 2001-08-17 23:19 3840 c:\windows\system32\dllcache\rpfun.sys + 2010-06-22 00:39 . 2001-08-18 00:53 3328 c:\windows\system32\dllcache\qv2kux.sys + 2010-06-22 00:39 . 2008-04-13 14:40 6016 c:\windows\system32\dllcache\qic157.sys + 2010-06-22 00:38 . 2001-09-06 02:50 5632 c:\windows\system32\dllcache\ptpusb.dll + 2010-06-22 00:38 . 2008-04-13 14:40 8832 c:\windows\system32\dllcache\powerfil.sys + 2010-06-22 00:38 . 2001-08-18 00:53 7168 c:\windows\system32\dllcache\pnrmc.sys + 2010-06-22 00:38 . 2001-08-18 01:07 5504 c:\windows\system32\dllcache\perc2hib.sys + 2001-10-28 17:07 . 2001-10-28 17:07 3456 c:\windows\system32\dllcache\pciide.sys + 2001-10-28 17:07 . 2001-10-28 17:07 3456 c:\windows\system32\dllcache\oprghdlr.sys + 2010-06-22 00:38 . 2001-08-18 00:53 7552 c:\windows\system32\dllcache\nsmmc.sys + 2010-06-22 00:37 . 2001-09-06 02:50 7168 c:\windows\system32\dllcache\mxport.dll + 2008-04-13 11:39 . 2008-04-13 21:34 4992 c:\windows\system32\dllcache\mspqm.sys + 2008-04-13 11:39 . 2008-04-13 21:34 5376 c:\windows\system32\dllcache\mspclock.sys + 2010-06-22 00:37 . 2001-08-18 01:00 2944 c:\windows\system32\dllcache\msmpu401.sys + 2008-04-13 11:39 . 2008-04-13 21:34 7552 c:\windows\system32\dllcache\mskssrv.sys + 2010-06-22 00:37 . 2001-08-18 00:48 6016 c:\windows\system32\dllcache\msfsio.sys + 2010-06-22 00:37 . 2001-08-18 00:52 6528 c:\windows\system32\dllcache\miniqic.sys + 2010-06-22 00:37 . 2001-08-18 00:58 8320 c:\windows\system32\dllcache\memcard.sys + 2010-06-22 00:37 . 2001-08-18 00:52 7424 c:\windows\system32\dllcache\mammoth.sys + 2010-06-22 00:36 . 2008-04-13 14:40 7040 c:\windows\system32\dllcache\ltotape.sys + 2010-06-22 00:36 . 2001-08-18 00:53 4992 c:\windows\system32\dllcache\loop.sys + 2009-12-20 05:19 . 2008-04-13 22:20 4096 c:\windows\system32\dllcache\ksuser.dll + 2001-08-18 06:36 . 2001-10-28 17:06 8192 c:\windows\system32\dllcache\kbdkor.dll + 2001-08-18 06:36 . 2001-10-28 17:06 8704 c:\windows\system32\dllcache\kbdjpn.dll + 2008-04-13 19:18 . 2008-04-13 21:34 6144 c:\windows\system32\dllcache\kbd106.dll + 2001-08-17 22:55 . 2001-10-28 17:06 5632 c:\windows\system32\dllcache\kbd103.dll + 2001-08-17 22:55 . 2001-10-28 17:06 6144 c:\windows\system32\dllcache\kbd101c.dll + 2001-08-17 22:55 . 2001-10-28 17:06 6144 c:\windows\system32\dllcache\kbd101b.dll + 2010-06-22 00:36 . 2008-04-13 21:57 5632 c:\windows\system32\dllcache\intelide.sys + 2010-06-22 00:35 . 2001-09-06 02:48 9728 c:\windows\system32\dllcache\ibmsgnet.dll + 2010-06-22 00:35 . 2008-04-13 14:41 8576 c:\windows\system32\dllcache\i2omgmt.sys + 2010-06-22 00:35 . 2001-09-06 02:50 9759 c:\windows\system32\dllcache\hsf_inst.dll + 2010-06-22 00:35 . 2001-08-18 00:52 5760 c:\windows\system32\dllcache\hpt4qic.sys + 2010-06-22 00:35 . 2001-08-18 01:02 8576 c:\windows\system32\dllcache\hidgame.sys + 2008-04-13 21:20 . 2008-04-13 21:20 7168 c:\windows\system32\dllcache\hccoin.dll + 2010-06-22 00:34 . 2001-08-18 00:52 7040 c:\windows\system32\dllcache\exabyte2.sys + 2010-06-22 00:34 . 2001-08-18 00:46 6400 c:\windows\system32\dllcache\enum1394.sys + 2010-06-22 00:34 . 2001-08-18 00:53 7296 c:\windows\system32\dllcache\elmsmc.sys + 2008-04-13 11:45 . 2008-04-13 21:34 2944 c:\windows\system32\dllcache\drmkaud.sys + 2010-06-22 00:34 . 2001-08-18 00:47 8704 c:\windows\system32\dllcache\dot4scan.sys + 2010-06-22 00:33 . 2008-04-13 14:40 8320 c:\windows\system32\dllcache\dlttape.sys + 2010-06-22 00:33 . 2001-09-06 02:50 6216 c:\windows\system32\dllcache\divaci.dll + 2010-06-22 00:33 . 2001-09-06 02:50 6729 c:\windows\system32\dllcache\disrvci.dll + 2010-06-22 00:33 . 2001-08-18 00:52 7424 c:\windows\system32\dllcache\ddsmc.sys + 2010-06-22 00:33 . 2001-08-17 23:19 3584 c:\windows\system32\dllcache\cwcosnt5.sys + 2010-06-22 00:33 . 2001-08-17 23:19 3072 c:\windows\system32\dllcache\cwbmidi.sys + 2010-06-22 00:33 . 2001-08-17 23:19 3072 c:\windows\system32\dllcache\cwbase.sys + 2010-06-22 00:33 . 2001-09-06 02:50 4096 c:\windows\system32\dllcache\ctwdm32.dll + 2010-06-22 00:33 . 2001-08-17 23:19 3712 c:\windows\system32\dllcache\ctljystk.sys + 2010-06-22 00:33 . 2001-08-17 23:19 6912 c:\windows\system32\dllcache\ctlfacem.sys + 2010-06-22 00:33 . 2001-09-06 02:18 6656 c:\windows\system32\dllcache\cmdide.sys + 2010-06-22 00:33 . 2008-04-13 14:41 8192 c:\windows\system32\dllcache\changer.sys + 2010-06-22 00:33 . 2001-08-18 00:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys + 2010-06-22 00:32 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\brserif.dll + 2010-06-22 00:32 . 2001-09-06 02:50 5120 c:\windows\system32\dllcache\brscnrsm.dll + 2010-06-22 00:32 . 2001-08-18 00:12 3168 c:\windows\system32\dllcache\brparimg.sys + 2010-06-22 00:32 . 2001-08-18 00:12 3968 c:\windows\system32\dllcache\brfiltup.sys + 2010-06-22 00:32 . 2001-08-18 00:12 2944 c:\windows\system32\dllcache\brfilt.sys + 2010-06-22 00:32 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\brcoinst.dll + 2009-12-20 01:48 . 2001-08-17 21:59 3072 c:\windows\system32\dllcache\audstub.sys + 2010-06-22 00:32 . 2001-08-17 23:49 9472 c:\windows\system32\dllcache\ativmdcd.sys + 2010-06-22 00:31 . 2001-08-18 00:47 6272 c:\windows\system32\dllcache\apmbatt.sys + 2010-06-22 00:31 . 2001-08-18 00:51 5248 c:\windows\system32\dllcache\aliide.sys + 2010-06-22 00:31 . 2008-04-13 22:20 3775 c:\windows\system32\dllcache\adv11nt5.dll + 2010-06-22 00:31 . 2008-04-13 22:20 3711 c:\windows\system32\dllcache\adv09nt5.dll + 2010-06-22 00:31 . 2008-04-13 22:20 3135 c:\windows\system32\dllcache\adv08nt5.dll + 2010-06-22 00:31 . 2008-04-13 22:20 3647 c:\windows\system32\dllcache\adv07nt5.dll + 2010-06-22 00:31 . 2008-04-13 22:20 3615 c:\windows\system32\dllcache\adv05nt5.dll + 2010-06-22 00:31 . 2008-04-13 22:20 3967 c:\windows\system32\dllcache\adv02nt5.dll + 2010-06-22 00:31 . 2008-04-13 22:20 4255 c:\windows\system32\dllcache\adv01nt5.dll + 2010-06-22 00:31 . 2001-08-18 00:53 7424 c:\windows\system32\dllcache\adicvls.sys - 2001-10-28 17:07 . 2010-06-15 00:19 314644 c:\windows\system32\perfh009.dat + 2001-10-28 17:07 . 2010-06-19 15:21 314644 c:\windows\system32\perfh009.dat + 2010-06-11 20:43 . 2010-06-22 21:09 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe - 2010-06-11 20:43 . 2010-06-11 21:29 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe + 2008-04-13 19:20 . 2008-04-13 21:34 483840 c:\windows\system32\dllcache\wzcsvc.dll + 2009-12-20 04:54 . 2009-08-06 22:24 209632 c:\windows\system32\dllcache\wuweb.dll + 2009-12-20 04:54 . 2009-08-06 22:24 327896 c:\windows\system32\dllcache\wucltui.dll + 2009-12-20 04:54 . 2009-08-06 22:23 575704 c:\windows\system32\dllcache\wuapi.dll + 2008-04-13 21:20 . 2008-04-13 21:20 108032 c:\windows\system32\dllcache\wshbth.dll + 2010-06-22 00:41 . 2008-04-13 12:35 154624 c:\windows\system32\dllcache\wlluc48.sys + 2010-06-22 00:41 . 2001-08-18 00:28 771581 c:\windows\system32\dllcache\winacisa.sys + 2010-06-22 00:41 . 2001-08-18 00:28 701386 c:\windows\system32\dllcache\wdhaalba.sys + 2010-06-22 00:41 . 2001-08-18 00:28 397502 c:\windows\system32\dllcache\vpctcom.sys + 2010-06-22 00:41 . 2001-08-18 00:28 604253 c:\windows\system32\dllcache\vmodem.sys + 2010-06-22 00:41 . 2001-08-18 00:28 687999 c:\windows\system32\dllcache\usrwdxjs.sys + 2001-09-05 23:50 . 2001-10-28 17:06 102457 c:\windows\system32\dllcache\usrv42a.dll + 2010-06-22 00:41 . 2001-08-18 00:28 765884 c:\windows\system32\dllcache\usrti.sys + 2010-06-22 00:41 . 2001-08-18 00:28 113762 c:\windows\system32\dllcache\usrpda.sys + 2001-09-05 23:50 . 2001-10-28 17:06 323641 c:\windows\system32\dllcache\usrdtea.dll + 2010-06-22 00:41 . 2001-08-18 00:28 224802 c:\windows\system32\dllcache\usr1807a.sys + 2010-06-22 00:41 . 2001-08-18 00:28 794399 c:\windows\system32\dllcache\usr1806v.sys + 2010-06-22 00:41 . 2001-08-18 00:28 793598 c:\windows\system32\dllcache\usr1806.sys + 2010-06-22 00:41 . 2001-08-18 00:28 794654 c:\windows\system32\dllcache\usr1801.sys + 2010-06-22 00:41 . 2008-04-13 14:46 121984 c:\windows\system32\dllcache\usbvideo.sys + 2008-04-13 13:45 . 2008-04-13 13:45 143872 c:\windows\system32\dllcache\usbport.sys + 2010-06-22 00:41 . 2001-09-06 02:50 212480 c:\windows\system32\dllcache\um54scan.dll + 2010-06-22 00:41 . 2001-09-06 02:50 216576 c:\windows\system32\dllcache\um34scan.dll + 2010-06-22 00:40 . 2001-08-17 23:51 166784 c:\windows\system32\dllcache\tridxpm.sys + 2010-06-22 00:40 . 2001-08-17 23:51 159232 c:\windows\system32\dllcache\tridkbm.sys + 2010-06-22 00:40 . 2001-09-06 02:49 440576 c:\windows\system32\dllcache\tridkb.dll + 2010-06-22 00:40 . 2001-08-17 23:51 222336 c:\windows\system32\dllcache\trid3dm.sys + 2010-06-22 00:40 . 2001-09-06 02:49 315520 c:\windows\system32\dllcache\trid3d.dll + 2010-06-22 00:40 . 2001-08-18 01:02 230912 c:\windows\system32\dllcache\tosdvd03.sys + 2010-06-22 00:40 . 2001-08-18 01:01 241664 c:\windows\system32\dllcache\tosdvd02.sys + 2010-06-22 00:40 . 2001-08-17 23:14 123995 c:\windows\system32\dllcache\tjisdn.sys + 2010-06-22 00:40 . 2001-08-17 23:51 138528 c:\windows\system32\dllcache\tgiulnt5.sys + 2010-06-22 00:40 . 2008-04-13 14:40 149376 c:\windows\system32\dllcache\tffsport.sys + 2010-06-22 00:40 . 2001-09-06 02:49 172768 c:\windows\system32\dllcache\t2r4disp.dll + 2010-06-22 00:40 . 2001-08-18 00:50 103936 c:\windows\system32\dllcache\sx.sys + 2010-06-22 00:40 . 2001-09-06 02:50 155648 c:\windows\system32\dllcache\stlnprop.dll + 2010-06-22 00:40 . 2001-09-06 02:06 286432 c:\windows\system32\dllcache\stlnata.sys + 2010-06-22 00:40 . 2001-09-06 02:50 106584 c:\windows\system32\dllcache\spdports.dll + 2010-06-22 00:40 . 2001-09-06 02:50 114688 c:\windows\system32\dllcache\sonypi.dll + 2010-06-22 00:40 . 2001-09-06 02:49 147200 c:\windows\system32\dllcache\smidispb.dll + 2010-06-22 00:40 . 2008-04-13 14:23 404990 c:\windows\system32\dllcache\slntamr.sys + 2010-06-22 00:40 . 2008-04-13 14:23 129535 c:\windows\system32\dllcache\slnt7554.sys + 2010-06-22 00:40 . 2008-04-13 22:20 188508 c:\windows\system32\dllcache\slgen.dll + 2010-06-22 00:40 . 2008-04-13 22:20 286792 c:\windows\system32\dllcache\slextspk.dll + 2010-06-22 00:39 . 2001-09-06 02:49 157696 c:\windows\system32\dllcache\sisv256.dll + 2010-06-22 00:39 . 2001-09-06 02:50 238592 c:\windows\system32\dllcache\sisgrv.dll + 2010-06-22 00:39 . 2001-08-17 23:50 104064 c:\windows\system32\dllcache\sisgrp.sys + 2010-06-22 00:39 . 2001-09-06 02:49 150144 c:\windows\system32\dllcache\sis6306v.dll + 2010-06-22 00:39 . 2001-09-06 02:49 252032 c:\windows\system32\dllcache\sis300iv.dll + 2010-06-22 00:39 . 2001-08-17 23:50 101760 c:\windows\system32\dllcache\sis300ip.sys + 2010-06-22 00:39 . 2001-09-06 02:28 161632 c:\windows\system32\dllcache\sgsmusb.sys + 2010-06-22 00:39 . 2001-09-06 02:49 386560 c:\windows\system32\dllcache\sgiul50.dll + 2010-06-22 00:39 . 2001-09-06 02:50 495616 c:\windows\system32\dllcache\sblfx.dll + 2010-06-22 00:39 . 2001-09-06 02:49 245632 c:\windows\system32\dllcache\s3savmx.dll + 2010-06-22 00:39 . 2001-09-06 02:49 198400 c:\windows\system32\dllcache\s3sav4.dll + 2010-06-22 00:39 . 2001-09-06 02:49 179264 c:\windows\system32\dllcache\s3sav3d.dll + 2010-06-22 00:39 . 2001-09-06 02:49 210496 c:\windows\system32\dllcache\s3mvirge.dll + 2010-06-22 00:39 . 2001-09-06 02:49 182272 c:\windows\system32\dllcache\s3mt3d.dll + 2010-06-22 00:39 . 2001-08-17 23:50 166720 c:\windows\system32\dllcache\s3m.sys + 2010-06-22 00:39 . 2008-04-13 12:34 166912 c:\windows\system32\dllcache\s3gnbm.sys + 2010-06-22 00:39 . 2008-04-13 22:20 397056 c:\windows\system32\dllcache\s3gnb.dll + 2009-12-20 04:51 . 2008-04-13 14:32 196224 c:\windows\system32\dllcache\rdpdr.sys + 2010-06-22 00:39 . 2001-09-06 02:22 715242 c:\windows\system32\dllcache\r2mdmkxx.sys + 2010-06-22 00:39 . 2001-09-06 02:22 899658 c:\windows\system32\dllcache\r2mdkxga.sys + 2010-06-22 00:38 . 2001-08-18 00:28 112574 c:\windows\system32\dllcache\ptserlp.sys + 2010-06-22 00:38 . 2001-08-18 00:28 128286 c:\windows\system32\dllcache\ptserli.sys + 2010-06-22 00:38 . 2008-04-13 22:20 159232 c:\windows\system32\dllcache\ptpusd.dll + 2008-04-13 19:20 . 2008-04-13 21:34 363520 c:\windows\system32\dllcache\psisdecd.dll + 2008-04-13 12:19 . 2008-04-13 21:34 146048 c:\windows\system32\dllcache\portcls.sys + 2010-06-22 00:38 . 2001-09-06 02:50 121344 c:\windows\system32\dllcache\phvfwext.dll + 2010-06-22 00:38 . 2001-08-18 01:04 173696 c:\windows\system32\dllcache\philcam2.sys + 2010-06-22 00:38 . 2008-04-13 22:19 259328 c:\windows\system32\dllcache\perm3dd.dll + 2010-06-22 00:38 . 2008-04-13 22:19 211584 c:\windows\system32\dllcache\perm2dll.dll + 2010-06-22 00:38 . 2008-04-13 12:12 169984 c:\windows\system32\dllcache\pcx500.sys + 2008-04-13 21:02 . 2008-04-13 21:02 120320 c:\windows\system32\dllcache\pcmcia.sys + 2001-09-05 23:50 . 2001-10-28 17:06 157696 c:\windows\system32\dllcache\paqsp.dll + 2010-06-22 00:38 . 2001-08-18 01:05 351616 c:\windows\system32\dllcache\ovcodek2.sys + 2010-06-22 00:38 . 2001-09-06 02:50 116736 c:\windows\system32\dllcache\ovcodec2.dll + 2010-06-22 00:38 . 2001-08-17 23:50 198144 c:\windows\system32\dllcache\nv3.sys + 2010-06-22 00:38 . 2001-09-06 02:49 123776 c:\windows\system32\dllcache\nv3.dll + 2010-06-22 00:38 . 2008-04-13 14:23 180360 c:\windows\system32\dllcache\ntmtlfax.sys + 2010-06-22 00:38 . 2001-08-17 23:20 126080 c:\windows\system32\dllcache\nm5a2wdm.sys + 2010-06-22 00:38 . 2008-04-13 21:59 132695 c:\windows\system32\dllcache\netwlan5.sys + 2010-06-22 00:37 . 2001-09-06 02:28 129024 c:\windows\system32\dllcache\n100325.sys + 2010-06-22 00:37 . 2001-08-17 23:50 103296 c:\windows\system32\dllcache\mtxvideo.sys + 2010-06-22 00:37 . 2008-04-13 12:34 452736 c:\windows\system32\dllcache\mtxparhm.sys + 2010-06-22 00:37 . 2008-04-13 14:23 126686 c:\windows\system32\dllcache\mtlmnt5.sys - 2010-06-15 01:09 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys + 2008-04-13 14:17 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys + 2010-06-22 00:37 . 2001-09-06 02:18 320384 c:\windows\system32\dllcache\mgaum.sys + 2010-06-22 00:37 . 2001-09-06 02:49 235648 c:\windows\system32\dllcache\mgaud.dll + 2001-09-05 23:50 . 2001-10-28 17:06 147968 c:\windows\system32\dllcache\mdwmdmsp.dll + 2010-06-22 00:37 . 2001-09-06 02:15 165290 c:\windows\system32\dllcache\mdgndis5.sys + 2010-06-22 00:36 . 2001-08-18 00:28 802683 c:\windows\system32\dllcache\ltsm.sys + 2010-06-22 00:36 . 2008-04-13 22:00 422016 c:\windows\system32\dllcache\ltmdmntt.sys + 2010-06-22 00:36 . 2001-09-06 02:12 577226 c:\windows\system32\dllcache\ltmdmntl.sys + 2010-06-22 00:36 . 2008-04-13 22:00 607196 c:\windows\system32\dllcache\ltmdmnt.sys + 2010-06-22 00:36 . 2001-09-06 02:12 728298 c:\windows\system32\dllcache\ltck000c.sys + 2008-04-13 12:16 . 2008-04-13 21:34 141056 c:\windows\system32\dllcache\ks.sys + 2008-04-13 11:45 . 2008-04-13 21:34 172416 c:\windows\system32\dllcache\kmixer.sys + 2010-06-22 00:36 . 2008-04-13 22:20 254464 c:\windows\system32\dllcache\kdsusd.dll + 2010-06-22 00:36 . 2008-04-13 22:21 152576 c:\windows\system32\dllcache\irftp.exe + 2010-06-22 00:35 . 2001-08-18 01:06 100992 c:\windows\system32\dllcache\icam5usb.sys + 2010-06-22 00:35 . 2001-08-18 01:06 154496 c:\windows\system32\dllcache\icam4usb.sys + 2010-06-22 00:35 . 2001-08-18 01:05 141056 c:\windows\system32\dllcache\icam3.sys + 2010-06-22 00:35 . 2001-08-17 23:12 109085 c:\windows\system32\dllcache\ibmtrp.sys + 2010-06-22 00:35 . 2001-08-17 23:12 100936 c:\windows\system32\dllcache\ibmtok.sys + 2010-06-22 00:35 . 2008-04-13 12:34 161020 c:\windows\system32\dllcache\i81xnt5.sys + 2010-06-22 00:35 . 2008-04-13 22:20 702845 c:\windows\system32\dllcache\i81xdnt5.dll + 2010-06-22 00:35 . 2001-09-06 02:49 353184 c:\windows\system32\dllcache\i740dnt5.dll + 2008-04-13 13:53 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys - 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys + 2010-06-22 00:35 . 2008-04-13 14:23 685056 c:\windows\system32\dllcache\hsfcxts2.sys + 2010-06-22 00:35 . 2008-04-13 14:23 220032 c:\windows\system32\dllcache\hsfbs2s2.sys + 2010-06-22 00:35 . 2001-08-18 00:28 488383 c:\windows\system32\dllcache\hsf_v124.sys + 2010-06-22 00:35 . 2001-08-18 00:28 542879 c:\windows\system32\dllcache\hsf_msft.sys + 2010-06-22 00:35 . 2001-08-18 00:28 391199 c:\windows\system32\dllcache\hsf_k56k.sys + 2010-06-22 00:35 . 2001-08-18 00:28 115807 c:\windows\system32\dllcache\hsf_fsks.sys + 2010-06-22 00:35 . 2001-08-18 00:28 199711 c:\windows\system32\dllcache\hsf_faxx.sys + 2010-06-22 00:35 . 2001-08-18 00:28 289887 c:\windows\system32\dllcache\hsf_fall.sys + 2010-06-22 00:35 . 2001-08-18 00:28 150239 c:\windows\system32\dllcache\hsf_amos.sys + 2010-06-22 00:35 . 2001-09-06 02:50 324608 c:\windows\system32\dllcache\hpojwia.dll + 2010-06-22 00:35 . 2001-09-06 02:50 165888 c:\windows\system32\dllcache\hpgt53.dll + 2010-06-22 00:35 . 2001-09-06 02:50 126976 c:\windows\system32\dllcache\hpgt34tk.dll + 2010-06-22 00:35 . 2001-09-06 02:50 101376 c:\windows\system32\dllcache\hpgt34.dll + 2010-06-22 00:35 . 2001-09-06 02:50 123392 c:\windows\system32\dllcache\hpgt21tk.dll + 2010-06-22 00:35 . 2001-09-06 02:50 119296 c:\windows\system32\dllcache\hpdigwia.dll + 2010-06-22 00:35 . 2001-09-06 02:23 907904 c:\windows\system32\dllcache\hcf_msft.sys + 2010-06-22 00:34 . 2001-09-06 02:21 322560 c:\windows\system32\dllcache\g400m.sys + 2010-06-22 00:34 . 2001-09-06 02:21 320512 c:\windows\system32\dllcache\g200m.sys + 2010-06-22 00:34 . 2001-09-06 02:49 470144 c:\windows\system32\dllcache\g200d.dll + 2010-06-22 00:34 . 2001-08-17 23:15 454912 c:\windows\system32\dllcache\fxusbase.sys + 2010-06-22 00:34 . 2001-08-17 23:15 455296 c:\windows\system32\dllcache\fusbbase.sys + 2010-06-22 00:34 . 2001-08-17 23:15 455680 c:\windows\system32\dllcache\fus2base.sys + 2001-10-28 17:06 . 2001-10-28 17:06 125824 c:\windows\system32\dllcache\ftdisk.sys + 2008-04-13 21:21 . 2008-04-13 21:21 193024 c:\windows\system32\dllcache\fsquirt.exe + 2010-06-22 00:34 . 2001-08-17 23:15 442240 c:\windows\system32\dllcache\fpnpbase.sys + 2010-06-22 00:34 . 2001-08-17 23:14 441728 c:\windows\system32\dllcache\fpcmbase.sys + 2010-06-22 00:34 . 2001-08-17 23:14 444416 c:\windows\system32\dllcache\fpcibase.sys + 2010-06-22 00:34 . 2008-04-13 12:36 137088 c:\windows\system32\dllcache\essm2e.sys + 2010-06-22 00:34 . 2001-09-06 02:17 347966 c:\windows\system32\dllcache\es56tpi.sys + 2010-06-22 00:34 . 2001-09-06 02:17 594654 c:\windows\system32\dllcache\es56hpi.sys + 2010-06-22 00:34 . 2001-09-06 02:17 596095 c:\windows\system32\dllcache\es56cvmp.sys + 2010-06-22 00:34 . 2001-08-17 23:19 174464 c:\windows\system32\dllcache\es198x.sys + 2010-06-22 00:34 . 2001-09-06 02:17 629952 c:\windows\system32\dllcache\eqn.sys + 2010-06-22 00:34 . 2001-08-18 00:50 114944 c:\windows\system32\dllcache\epstw2k.sys + 2010-06-22 00:34 . 2001-08-18 00:50 144896 c:\windows\system32\dllcache\epcfw2k.sys + 2010-06-22 00:34 . 2001-08-17 23:19 283904 c:\windows\system32\dllcache\emu10k1m.sys + 2010-06-22 00:34 . 2001-09-06 02:11 173056 c:\windows\system32\dllcache\el99xn51.sys + 2010-06-22 00:34 . 2001-09-06 02:11 455711 c:\windows\system32\dllcache\el985n51.sys + 2010-06-22 00:34 . 2001-09-06 02:11 153631 c:\windows\system32\dllcache\el90xnd5.sys + 2010-06-22 00:34 . 2001-09-06 02:11 241238 c:\windows\system32\dllcache\el656se5.sys + 2010-06-22 00:34 . 2001-09-06 02:11 634166 c:\windows\system32\dllcache\el656ct5.sys + 2010-06-22 00:34 . 2001-09-06 02:10 117760 c:\windows\system32\dllcache\e100b325.sys + 2010-06-22 00:34 . 2001-08-17 23:20 334208 c:\windows\system32\dllcache\ds1wdm.sys + 2010-06-22 00:34 . 2008-04-13 14:39 206976 c:\windows\system32\dllcache\dot4.sys + 2010-06-22 00:33 . 2001-08-17 23:14 952007 c:\windows\system32\dllcache\diwan.sys + 2010-06-22 00:33 . 2001-09-06 02:50 236060 c:\windows\system32\dllcache\ditrace.exe + 2010-06-22 00:33 . 2001-09-06 02:50 622621 c:\windows\system32\dllcache\digiview.exe + 2010-06-22 00:33 . 2001-09-06 02:50 110621 c:\windows\system32\dllcache\digirlpt.dll + 2010-06-22 00:33 . 2001-09-06 02:50 102484 c:\windows\system32\dllcache\digiinf.dll + 2010-06-22 00:33 . 2001-09-06 02:50 159828 c:\windows\system32\dllcache\digihlc.dll + 2010-06-22 00:33 . 2001-09-06 02:50 229462 c:\windows\system32\dllcache\digifwrk.dll + 2010-06-22 00:33 . 2001-09-06 02:04 103428 c:\windows\system32\dllcache\digidxb.sys + 2010-06-22 00:33 . 2001-09-06 02:50 131156 c:\windows\system32\dllcache\digidbp.dll + 2010-06-22 00:33 . 2001-08-17 23:13 164923 c:\windows\system32\dllcache\diapi2.sys + 2010-06-22 00:33 . 2001-09-06 02:50 421405 c:\windows\system32\dllcache\dgconfig.dll + 2010-06-22 00:33 . 2001-09-06 02:50 256512 c:\windows\system32\dllcache\devcon32.dll + 2010-06-22 00:33 . 2001-09-06 02:50 111104 c:\windows\system32\dllcache\dc260usd.dll + 2010-06-22 00:33 . 2001-08-18 00:52 179584 c:\windows\system32\dllcache\dac2w2k.sys + 2010-06-22 00:33 . 2001-09-06 02:25 117760 c:\windows\system32\dllcache\d100ib5.sys + 2010-06-22 00:33 . 2001-08-17 23:19 111872 c:\windows\system32\dllcache\cwcspud.sys + 2010-06-22 00:33 . 2008-04-13 22:20 251904 c:\windows\system32\dllcache\ctmasetp.dll + 2010-06-22 00:33 . 2001-09-06 02:50 175104 c:\windows\system32\dllcache\csamsp.dll + 2010-06-22 00:33 . 2001-08-18 00:57 248064 c:\windows\system32\dllcache\cl546xm.sys + 2010-06-22 00:33 . 2001-09-06 02:49 170880 c:\windows\system32\dllcache\cl546x.dll + 2010-06-22 00:33 . 2001-09-06 02:49 111232 c:\windows\system32\dllcache\cl5465.dll + 2001-09-05 23:17 . 2001-10-28 17:06 262528 c:\windows\system32\dllcache\cinemst2.sys + 2010-06-22 00:33 . 2001-09-06 02:17 272640 c:\windows\system32\dllcache\cinemclc.sys + 2010-06-22 00:33 . 2001-09-06 02:15 715210 c:\windows\system32\dllcache\cbmdmkxx.sys + 2010-06-22 00:33 . 2008-04-13 22:20 121856 c:\windows\system32\dllcache\camext30.dll + 2010-06-22 00:33 . 2001-09-06 02:50 236032 c:\windows\system32\dllcache\camext20.dll + 2010-06-22 00:33 . 2001-08-18 01:04 171264 c:\windows\system32\dllcache\camdrv30.sys + 2010-06-22 00:33 . 2001-08-18 01:04 223232 c:\windows\system32\dllcache\camdrv21.sys + 2010-06-22 00:33 . 2001-08-18 01:05 314752 c:\windows\system32\dllcache\camdro21.sys + 2008-04-13 20:53 . 2008-06-14 17:34 272384 c:\windows\system32\dllcache\bthport.sys - 2010-06-15 01:06 . 2008-06-14 17:34 272384 c:\windows\system32\dllcache\bthport.sys + 2010-06-22 00:32 . 2008-04-13 14:51 101120 c:\windows\system32\dllcache\bthpan.sys + 2010-06-22 00:32 . 2001-09-06 02:50 102912 c:\windows\system32\dllcache\binlsvc.dll + 2010-06-22 00:32 . 2001-08-18 00:28 871388 c:\windows\system32\dllcache\bcmdm.sys + 2010-06-22 00:32 . 2001-09-06 02:49 342336 c:\windows\system32\dllcache\banshee.dll + 2010-06-22 00:32 . 2001-09-06 02:50 144384 c:\windows\system32\dllcache\avmenum.dll + 2010-06-22 00:32 . 2008-04-13 22:20 516768 c:\windows\system32\dllcache\ativvaxx.dll + 2010-06-22 00:32 . 2001-09-06 02:49 104832 c:\windows\system32\dllcache\atiraged.dll + 2010-06-22 00:32 . 2008-04-13 12:34 104960 c:\windows\system32\dllcache\atinrvxx.sys + 2010-06-22 00:32 . 2001-09-06 02:08 281600 c:\windows\system32\dllcache\atimtai.sys + 2010-06-22 00:32 . 2001-09-06 02:08 289792 c:\windows\system32\dllcache\atimpab.sys + 2010-06-22 00:32 . 2001-09-06 02:49 268160 c:\windows\system32\dllcache\atidvai.dll + 2010-06-22 00:32 . 2001-09-06 02:49 137216 c:\windows\system32\dllcache\atidrae.dll + 2010-06-22 00:32 . 2001-09-06 02:49 382592 c:\windows\system32\dllcache\atidrab.dll + 2010-06-22 00:31 . 2008-04-13 21:52 701440 c:\windows\system32\dllcache\ati2mtag.sys + 2010-06-22 00:31 . 2008-04-13 21:52 327040 c:\windows\system32\dllcache\ati2mtaa.sys + 2010-06-22 00:31 . 2008-04-13 22:20 201728 c:\windows\system32\dllcache\ati2dvag.dll + 2010-06-22 00:31 . 2008-04-13 22:20 377984 c:\windows\system32\dllcache\ati2dvaa.dll + 2010-06-22 00:31 . 2008-04-13 22:20 229376 c:\windows\system32\dllcache\ati2cqag.dll + 2008-04-13 09:39 . 2008-04-13 21:34 142592 c:\windows\system32\dllcache\aec.sys + 2010-06-22 00:31 . 2001-08-18 01:07 101888 c:\windows\system32\dllcache\adpu160m.sys + 2010-06-22 00:31 . 2001-08-17 23:19 747392 c:\windows\system32\dllcache\adm8830.sys + 2010-06-22 00:31 . 2001-08-17 23:19 553984 c:\windows\system32\dllcache\adm8820.sys + 2010-06-22 00:31 . 2001-08-17 23:19 584448 c:\windows\system32\dllcache\adm8810.sys + 2008-04-13 20:50 . 2008-04-13 20:50 188416 c:\windows\system32\dllcache\acpi.sys + 2010-06-22 00:31 . 2001-08-17 23:20 297728 c:\windows\system32\dllcache\ac97sis.sys + 2010-06-22 00:31 . 2008-04-13 12:36 231552 c:\windows\system32\dllcache\ac97ali.sys + 2010-06-22 00:31 . 2001-09-06 02:50 462848 c:\windows\system32\dllcache\a3dapi.dll + 2010-06-22 00:31 . 2001-08-17 23:48 148352 c:\windows\system32\dllcache\3dfxvsm.sys + 2010-06-22 00:31 . 2001-09-06 02:49 689216 c:\windows\system32\dllcache\3dfxvs.dll + 2010-06-22 00:31 . 2001-08-18 00:28 762780 c:\windows\system32\dllcache\3cwmcru.sys - 2010-01-27 01:07 . 2010-06-11 21:29 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2010-01-27 01:07 . 2010-06-22 21:09 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2009-12-20 04:54 . 2009-08-06 22:23 1929952 c:\windows\system32\dllcache\wuaueng.dll + 2010-06-22 00:38 . 2008-04-13 12:34 1897408 c:\windows\system32\dllcache\nv4_mini.sys + 2010-06-22 00:38 . 2008-04-13 22:20 4274816 c:\windows\system32\dllcache\nv4_disp.dll - 2010-06-15 00:54 . 2010-02-17 17:07 2194176 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-04-13 21:01 . 2010-02-17 17:07 2194176 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-04-13 19:00 . 2010-02-16 19:07 2071040 c:\windows\system32\dllcache\ntkrnlpa.exe - 2009-02-10 22:07 . 2010-02-16 19:07 2071040 c:\windows\system32\dllcache\ntkrnlpa.exe + 2010-06-22 00:37 . 2008-04-13 22:20 1737856 c:\windows\system32\dllcache\mtxparhd.dll + 2010-06-22 00:37 . 2008-04-13 14:23 1309184 c:\windows\system32\dllcache\mtlstrm.sys + 2009-12-20 04:52 . 2009-06-10 12:21 2066432 c:\windows\system32\dllcache\lhmstscx.dll + 2010-06-22 00:35 . 2008-04-13 14:23 1041536 c:\windows\system32\dllcache\hsfdpsp2.sys + 2010-06-22 00:34 . 2001-09-06 02:49 1733120 c:\windows\system32\dllcache\g400d.dll + 2010-06-22 00:32 . 2008-04-13 22:20 1888992 c:\windows\system32\dllcache\ati3duag.dll . -- Snapshot resetado para data atual -- . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-12-23 135664] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264] "VisualTaskTips"="c:\arquivos de programas\VisualTaskTips\VisualTaskTips.exe" [2008-03-09 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VTTimer"="VTTimer.exe" [2006-08-03 53248] "VTTrayp"="VTtrayp.exe" [2006-08-30 180224] "Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640] "GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "NeroFilterCheck"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040] "DrvIcon"="c:\arquivos de programas\VistaDriveIcon\DrvIcon.exe" [2008-04-13 49152] "SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\ Blaero Start Orb.lnk - c:\arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe [2006-7-30 521216] Recorte de tela e Iniciador do OneNote 2007.lnk - c:\arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Styler.lnk - c:\arquivos de programas\Styler\Styler.exe [2007-4-15 307200] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ \0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Arquivos de programas\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"= "c:\\Arquivos de programas\\Megacubo\\megacubo.exe"= "c:\\WINDOWS\\system32\\ftp.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/5/2009 15:47 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14/5/2009 15:49 94360] R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [14/5/2009 15:47 731840] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28/12/2009 20:23 715248] S3 D301bus;GW01 USB WMC Bus Driver (WDM);c:\windows\system32\drivers\D301bus.sys [8/5/2010 12:44 83328] S3 D301mdfl;GW01 USB WMC Modem Filter;c:\windows\system32\drivers\D301mdfl.sys [8/5/2010 12:44 14976] S3 D301mdm;GW01 USB WMC Modem Driver;c:\windows\system32\drivers\D301mdm.sys [8/5/2010 12:44 109824] S3 D301mgmt;GW01 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\D301mgmt.sys [8/5/2010 12:45 103808] S3 d301nd5;GW01 USB WMC Ethernet GW (NDIS);c:\windows\system32\drivers\d301nd5.sys [8/5/2010 12:45 24832] S3 D301obex;GW01 USB WMC OBEX Interface;c:\windows\system32\drivers\D301obex.sys [8/5/2010 12:44 99840] S3 d301unic;GW01 USB WMC Ethernet GW (WDM);c:\windows\system32\drivers\d301unic.sys [8/5/2010 12:45 105728] S3 ddsxeiservice;ddsxeiservice2;c:\arquivos de programas\sXe Injected\ddsxei.sys [1/2/2010 20:48 93056] . Conteúdo da pasta 'Tarefas Agendadas' 2010-06-13 c:\windows\Tasks\Advanced WindowsCare V2 Pro.job - c:\arquivos de programas\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe [2009-12-21 20:49] 2010-06-22 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07] . . ------- Scan Suplementar ------- . IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm IE: E&xportar para o Microsoft Excel - c:\arquiv~1\Microsoft Office\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-06-22 22:22 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . Tempo para conclusão: 2010-06-22 22:23:35 ComboFix-quarantined-files.txt 2010-06-23 01:23 ComboFix2.txt 2010-06-20 16:51 ComboFix3.txt 2010-06-19 15:12 ComboFix4.txt 2010-06-15 22:59 Pré-execução: 4.596.199.424 bytes disponíveis Pós execução: 4.586.422.272 bytes disponíveis - - End Of File - - 6A7198A5D999535A378038B937E9C1B0 Obrigado! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 23, 2010 Bom Dia! Xullippa <@> Baixe: < SystemLook > ( ...by jpshortstuff ) <@> Salve-o no desktop. <@> Execute SystemLook.exe e,no campo,cole estas informações: :filefindsfcfiles.dll <@> Clique,à seguir,em Look --> Aguarde! <@> Terminando,clique em Exit. <@> Poste o relatório: SystemLook.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Xullippa 0 Denunciar post Postado Junho 24, 2010 Boa noite, Segue Log: SystemLook v1.0 by jpshortstuff (11.01.10) Log created at 22:08 on 23/06/2010 by Douglas Nobre (Administrator - Elevation successful) ========== filefind ========== Searching for "sfcfiles.dll " C:\WINDOWS\system32\sfcfiles.dll --a--- 1571840 bytes [02:11 17/05/2008] [02:11 17/05/2008] 1D01C384F3BA123EB6F09769DEA005AC -=End Of File=- Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Junho 24, 2010 Boa Noite! Xullippa <@> Abra o Malwarebytes! --> Clique em Ferramentas. <@> Clique em Executar ferramenta. <-- File Assassin! <@> Na janela Open e Examinar,busque o arquivo em destaque: <!> c:\windows\system32\sfcfiles.dll <-- <@> Clique em Abrir. <@> Na mensagem,clique em Sim! --> OK. 00000000000000000000000 <@> Descompacte sfcfiles.zip,para o C:\ --> c:\sfcfiles.dll <-- Caminho! <@> Vá em Iniciar --> Executar --> Digite: cmd --> OK <@> Ao abrir o prompt,digite: cd\ --> Aperte Enter. <@> Á seguir,digite: C:\>expand -r sfcfiles.dl_ --> Aperte Enter. 00000000000000000000000 <@> Ps: Selecione e copie,esta informação que está no campo,para o Bloco de Notas. <@> Salve-o,no Desktop,com o nome: CFScript.txt FMove::c:\sfcfiles.dll | c:\windows\system32\sfcfiles.dll <@> Ps: É recomendável que esteja desconectado,ao rodar o script. <@> Ps: Desabilite,temporariamente,seu antivírus. <@> Ps: Não utilizem este script em outra máquina! <@> Arraste,o CFScript.txt para o ícone/interior do ComboFix. <@> Veja a demonstração! <@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix. <@> Ps: Faça o arraste,até surgir essa solicitação! ( janela ) <@> Terminando,poste: C:\ComboFix.txt Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
