Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Xullippa

[Arquivado] Análise de Log

Recommended Posts

As pastas do meu computador estão como um arquivo do tipo protetor de tela, além de estarem como se fossem arquivo morto, acontece que eu não tenho a menor ideia do porquê delas estarem assim. Quando eu clico em cima delas com o o botão direito do mouse, em vez de abrir, tenho TESTAR, e logo embaixo, tenho CONFIGURAR e depois INSTALAR.

O que é será?

 

 

Segue Log para análise:

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:44:11, on 14/6/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe

C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe

C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\Styler\Styler.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\HijackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ciee.org.br/portal/index.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL (file missing)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe

O4 - HKLM\..\Run: [C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe] C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [VisualTaskTips] "C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe" noTrayIcon

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O4 - Startup: Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe

O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\Microsoft Office\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 8655 bytes

 

 

 

Obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Xullippa

 

<@> Baixe: < desktopicon.png > ( ...by sUBs )

 

<!> Link-2 --> < ForoSpyware >

 

<!> Link-3 --> < GeeksToGo >

 

<@> Salve-o no desktop!

<@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

<@> Feche todas as janelas e execute a ferramenta!

<@> Ps: A execução,por comando,também é possível:

<@> Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\Combofix.exe" /killall

 

combofixejr8.gif

 

<@> Clique em Ok.

<@> Na janela: "Contrato de garantia de software" --> Clique em Sim!

 

RcAuto1.gif

 

<@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!

<@> Terminando,clique Sim ou Yes. --> Aguarde!

 

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta ComboFix.exe e faça,novamente,seu download.

<!> Salve-a no desktop,renomeada como: Kombo.exe

<!> Ps: Nomeie durante o salvamento,e não após salvá-la!

<!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em "Modo de Segurança". <-- Link!

<!> Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação:

 

Rookit_found.gif

 

<!> Ps: Anote essas detecções,e dê o OK.

<!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

<!> Ps: Evite executar,voluntariamente,esta ferramenta!

<!> Ps: Para evitar problemas,siga todas as recomendações propostas.

<!> Ps: ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão profissional.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

<@> Abrir-se-á a janela Auto Scan. --> Aguarde!

<@> Para finalizar remoções,o ComboFix poderá reiniciar o computador.

<@> Se houver necessidade,digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

<@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

<@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter!

<@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite! Fiz tudo e agora?

 

Segue os relatórios:

 

HIJACKTHIS:

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:00:54, on 15/6/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe

C:\Arquivos de programas\Styler\Styler.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\HijackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ciee.org.br/portal/index.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL (file missing)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [VisualTaskTips] "C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe" noTrayIcon

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O4 - Startup: Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe

O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\Microsoft Office\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 8123 bytes

 

 

 

 

 

COMBOFIX:

 

 

ComboFix 10-06-15.02 - Douglas Nobre 15/06/2010 19:54:42.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.991.642 [GMT -3:00]

Executando de: c:\documents and settings\Douglas Nobre\Desktop\ComboFix.exe

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\All Users\Dados de aplicativos\dkwork.ini

c:\documents and settings\All Users\Dados de aplicativos\UpApp32.dll

c:\documents and settings\Douglas Nobre\count.exe

c:\windows\apsou.vbs

c:\windows\msvrc20.dll

c:\windows\system32\1025 .scr

c:\windows\system32\1028 .scr

c:\windows\system32\1031 .scr

c:\windows\system32\1033 .scr

c:\windows\system32\1037 .scr

c:\windows\system32\1041 .scr

c:\windows\system32\1042 .scr

c:\windows\system32\1046 .scr

c:\windows\system32\1054 .scr

c:\windows\system32\2052 .scr

c:\windows\system32\3076 .scr

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-05-15 to 2010-06-15 ))))))))))))))))))))))))))))

.

 

2010-06-15 22:24 . 2010-06-15 22:24 -------- d-----w- c:\windows\LastGood

2010-06-15 22:05 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2010-06-15 22:05 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2010-06-15 22:04 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2010-06-15 22:04 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll

2010-06-15 01:09 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2010-06-15 01:06 . 2008-06-14 17:34 272384 -c----w- c:\windows\system32\dllcache\bthport.sys

2010-06-15 00:54 . 2010-02-17 17:07 2194176 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2010-06-15 00:54 . 2010-02-16 19:07 2150400 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2010-06-15 00:54 . 2010-02-16 19:07 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2010-06-15 00:26 . 2010-04-09 21:24 214528 ----a-w- c:\windows\LastGood.Tmp .scr

2010-06-15 00:26 . 2010-04-09 21:24 214528 ----a-w- c:\windows\LastGood .scr

2010-06-15 00:15 . 2008-04-13 21:20 45056 -c--a-w- c:\windows\system32\dllcache\nsepm.dll

2010-06-15 00:14 . 2008-04-13 21:20 42496 -c--a-w- c:\windows\system32\dllcache\davcdata.exe

2010-06-15 00:11 . 2001-10-28 17:06 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe

2010-06-14 21:43 . 2001-10-28 17:07 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll

2010-06-14 21:43 . 2001-10-28 17:07 24661 ----a-w- c:\windows\system32\spxcoins.dll

2010-06-14 21:43 . 2001-10-28 17:06 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll

2010-06-14 21:43 . 2001-10-28 17:06 13312 ----a-w- c:\windows\system32\irclass.dll

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\de-DE .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\da-DK .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\config .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\Com .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\ChCfg.exe .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\CatRoot2 .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\CatRoot .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\ar-SA .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\alsndmgr.wav .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\alsndmgr.cpl .scr

2010-06-14 00:42 . 2010-04-09 21:24 214528 ----a-r- c:\windows\system32\3com_dmi .scr

2010-06-07 23:13 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Orban

2010-06-07 23:11 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Megacubo

2010-05-27 22:57 . 2008-04-13 14:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys

2010-05-27 22:57 . 2008-04-13 14:46 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys

2010-05-27 22:57 . 2008-04-13 14:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys

2010-05-27 22:57 . 2008-04-13 14:46 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys

2010-05-27 22:57 . 2008-04-13 14:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys

2010-05-27 22:57 . 2004-07-09 07:27 230400 ----a-w- c:\windows\system32\dplayx.dll

2010-05-27 22:56 . 2008-01-14 19:58 19840 ----a-w- c:\windows\system32\drivers\StMp3Rec.sys

2010-05-27 22:55 . 2010-05-27 22:56 -------- d-----w- c:\arquivos de programas\Philips

2010-05-27 22:55 . 2010-05-27 22:55 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\InstallShield

2010-05-24 03:33 . 2010-05-24 03:33 503808 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcp71.dll

2010-05-24 03:33 . 2010-05-24 03:33 499712 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\jmc.dll

2010-05-24 03:33 . 2010-05-24 03:33 348160 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcr71.dll

2010-05-24 03:32 . 2010-05-24 03:32 61440 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-sse.dll

2010-05-24 03:32 . 2010-05-24 03:32 12800 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-d3d.dll

2010-05-19 01:14 . 2010-05-19 01:35 -------- d-----w- c:\arquivos de programas\Valve

2010-05-18 02:01 . 2010-05-18 02:01 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Styler

2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VisualTaskTips

2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VistaDriveIcon

2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Styler

2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Blaero Start Orb

2010-05-18 01:46 . 2010-05-18 01:56 -------- d--h--w- c:\windows\VistaMizer

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-15 22:13 . 2010-03-12 13:24 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Free Download Manager

2010-06-15 00:19 . 2001-10-28 17:07 49804 ----a-w- c:\windows\system32\perfc016.dat

2010-06-15 00:19 . 2001-10-28 17:07 347648 ----a-w- c:\windows\system32\perfh016.dat

2010-06-15 00:12 . 2009-12-20 04:54 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços

2010-06-15 00:10 . 2009-12-20 04:53 22964 ----a-w- c:\windows\system32\emptyregdb.dat

2010-06-10 01:33 . 2009-12-23 20:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2010-05-30 19:40 . 2009-12-20 21:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus!

2010-05-27 22:56 . 2009-12-20 05:10 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2010-05-20 23:25 . 2009-12-23 01:49 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Any Video Converter

2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf

2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf

2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\PC Suite

2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Nokia

2010-05-12 01:29 . 2010-05-12 01:20 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Suite

2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Nokia

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\DIFX

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution

2010-05-12 01:17 . 2010-05-12 01:17 95232 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe

2010-05-12 01:17 . 2010-05-12 01:17 61440 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2010-05-12 01:17 . 2010-05-12 01:17 8192 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe

2010-05-12 01:17 . 2010-05-12 01:17 10240 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe

2010-05-12 01:16 . 2010-05-12 01:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Installations

2010-05-12 00:46 . 2010-05-12 01:17 34555528 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_por_br_web(2).exe

2010-05-06 10:34 . 2008-05-17 02:10 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-02 08:08 . 2008-04-13 20:54 1851392 ----a-w- c:\windows\system32\win32k.sys

2010-04-23 22:42 . 2010-04-23 22:42 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java

2010-04-23 22:42 . 2010-04-23 22:42 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-04-23 22:42 . 2010-04-23 22:42 -------- d-----w- c:\arquivos de programas\Java

2010-04-20 05:31 . 2008-04-13 21:18 285696 ----a-w- c:\windows\system32\atmfd.dll

.

 

------- Sigcheck -------

 

[-] 2008-05-17 . 1D01C384F3BA123EB6F09769DEA005AC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-12-23 135664]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]

"VisualTaskTips"="c:\arquivos de programas\VisualTaskTips\VisualTaskTips.exe" [2008-03-09 61440]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2006-08-03 53248]

"VTTrayp"="VTtrayp.exe" [2006-08-30 180224]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]

"egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]

"GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"NeroFilterCheck"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]

"DrvIcon"="c:\arquivos de programas\VistaDriveIcon\DrvIcon.exe" [2008-04-13 49152]

"SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_2"="shell32" [X]

 

c:\documents and settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\

Blaero Start Orb.lnk - c:\arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe [2006-7-30 521216]

Recorte de tela e Iniciador do OneNote 2007.lnk - c:\arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

Styler.lnk - c:\arquivos de programas\Styler\Styler.exe [2007-4-15 307200]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Arquivos de programas\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=

"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=

"c:\\WINDOWS\\system32\\ftp.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

 

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/5/2009 15:47 107256]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14/5/2009 15:49 94360]

R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [14/5/2009 15:47 731840]

S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28/12/2009 20:23 715248]

S3 D301bus;GW01 USB WMC Bus Driver (WDM);c:\windows\system32\drivers\D301bus.sys [8/5/2010 12:44 83328]

S3 D301mdfl;GW01 USB WMC Modem Filter;c:\windows\system32\drivers\D301mdfl.sys [8/5/2010 12:44 14976]

S3 D301mdm;GW01 USB WMC Modem Driver;c:\windows\system32\drivers\D301mdm.sys [8/5/2010 12:44 109824]

S3 D301mgmt;GW01 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\D301mgmt.sys [8/5/2010 12:45 103808]

S3 d301nd5;GW01 USB WMC Ethernet GW (NDIS);c:\windows\system32\drivers\d301nd5.sys [8/5/2010 12:45 24832]

S3 D301obex;GW01 USB WMC OBEX Interface;c:\windows\system32\drivers\D301obex.sys [8/5/2010 12:44 99840]

S3 d301unic;GW01 USB WMC Ethernet GW (WDM);c:\windows\system32\drivers\d301unic.sys [8/5/2010 12:45 105728]

S3 ddsxeiservice;ddsxeiservice2;c:\arquivos de programas\sXe Injected\ddsxei.sys [1/2/2010 20:48 93056]

S3 XDva297;XDva297;\??\c:\windows\system32\XDva297.sys --> c:\windows\system32\XDva297.sys [?]

S3 XDva315;XDva315;\??\c:\windows\system32\XDva315.sys --> c:\windows\system32\XDva315.sys [?]

S3 XDva321;XDva321;\??\c:\windows\system32\XDva321.sys --> c:\windows\system32\XDva321.sys [?]

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2010-06-13 c:\windows\Tasks\Advanced WindowsCare V2 Pro.job

- c:\arquivos de programas\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe [2009-12-21 20:49]

 

2010-06-13 c:\windows\Tasks\AwcProUpdate.job

- c:\arquivos de programas\IObit\Advanced WindowsCare V2 Pro\AutoUpdate.exe [2009-12-21 00:03]

 

2010-06-15 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.ciee.org.br/portal/index.asp

IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm

IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm

IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm

IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\Microsoft Office\Office12\EXCEL.EXE/3000

.

- - - - ORFÃOS REMOVIDOS - - - -

 

HKLM-Run-c:\docume~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe - c:\docume~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe

HKU-Default-RunOnce-tscuninstall - c:\windows\system32\tscupgrd.exe

MSConfigStartUp-MsnMsgr - c:\arquivos de programas\MSN Messenger\MsnMsgr.Exe

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-06-15 19:57

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

Tempo para conclusão: 2010-06-15 19:59:09

ComboFix-quarantined-files.txt 2010-06-15 22:59

 

Pré-execução: 6.034.743.296 bytes disponíveis

Pós execução: 6.785.626.112 bytes disponíveis

 

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

- - End Of File - - 5329018444D91EBFFD471491048C12B9

 

 

Obrigado!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Xullippa

 

<@> Baixe: < Malwarebytes' Anti-Malware >

 

<@> Link - 2: < marcinsig.gif >

 

<@> Ps: Salve ou imprima estas instruções:

 

- Dê um duplo-clique no mbam-setup.exe;escolha a linguagem e,na instalação,aceite todas as opções padrão.

- Verifique se as caixas: "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware" estão marcadas.

- Clique,à seguir,em Concluir.

- Ps: Se houver atualizações a serem feitas,serão baixadas e instaladas.

- Ao final da atualização,com o programa aberto, marque: Verificação Rápida

- Clique no botão Verificar.

- Começará então o exame. -> Aguarde,pois pode demorar!

- Concluindo,clique em OK e depois no botão "Mostrar Resultados",para dispormos do relatório.

- Ps: Se houver ítens encontrados,marque-os e clique no botão "Remover".

- Ps: Ao final da desinfecção,abrir-se-á o Bloco de notas contendo o relatório.

- Ps: O log será armazenado,automáticamente,pela ferramenta.

- Ps: Obtenha-o clicando na aba "Logs" na janela principal do Programa.

<@> Ps: Caso o MBAM encontre arquivos que não consiga remover,poderá ter de reiniciar o PC. Talvez mais de uma vez!

<@> Ps: Faça isso imediatamente,ao ser perguntado se quer reiniciar.

0000000000000000000

<!> Selecione, copie e cole o conteúdo do log do MBAM,na sua próxima resposta.

<!> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite,

 

 

Segue os Logs:

 

 

 

MBAM:

 

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Versão da Base de Dados: 4207

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

18/6/2010 18:02:58

mbam-log-2010-06-18 (18-02-58).txt

 

Tipo de Verificação: Verificação Rápida

Objetos escaneados: 133323

Tempo decorrido: 5 minuto(s), 38 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 0

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

 

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

(Não foram detectados ítens maliciosos)

 

 

 

HIJACKTHIS:

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:05:11, on 18/6/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe

C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe

C:\Arquivos de programas\Styler\Styler.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\HijackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ciee.org.br/portal/index.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL (file missing)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe] C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [VisualTaskTips] "C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe" noTrayIcon

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O4 - Startup: Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe

O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\Microsoft Office\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 8169 bytes

 

 

Obrigado!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Xullippa

 

<@> Abra o HijackThis :seta: Clique: Do a system scan only

 

O4 - HKLM\..\Run: [C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe] C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe

<@> Marque,àcima,esta entrada! <-- Caso à encontre!

<@> Clique em Fix checked --> Sim! --> Reinicie!

000000000000000000

oooooooooooooooooo

<@> Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas.

<@> Salve-o,no Desktop,com o nome: CFScript.txt

 

File::

C:\DOCUME~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe

RESTORE::

c:\windows\system32\sfcfiles.dll

Driver::

"XDva297"

"XDva315"

"XDva321"

<@> Ps: É recomendável que esteja desconectado,ao rodar o script.

<@> Ps: Desabilite,temporariamente,seu antivírus.

<@> Ps: Não utilizem este script em outra máquina!

<@> Arraste,o CFScript.txt para o ícone/interior do ComboFix.

<@> Veja a demonstração!

 

2872959479_997d4500c4_o.gif

 

<@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.

<@> Ps: Faça o arraste,até surgir essa solicitação! ( janela )

<@> Terminando,poste: C:\ComboFix.txt <--

000000000000000000

oooooooooooooooooo

<@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 )

<@> Salve-a em Arquivos de programas!

<@> Desabilite seu antivírus!

<@> Instale e execute a ferramenta,com um duplo-clique em: < r2t69y.jpg >

<@> Nas opções da língua,escolha "PT-BR" --> Enter.

<@> Escolha a opção 2: 2. Suppression des fichiers infectieux --> Aperte Enter.

 

wrmljk.jpg

 

<@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... )

<@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok.

 

6f8nwo.jpg

 

<@> O computador irá reiniciar. <-- Aguarde!

<@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta.

<@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante!

<@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter.

<@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia,

 

Segue os Logs:

 

 

USBFIX:

 

############################## | UsbFix 7.011 | [supressão]

 

Usuário: Douglas Nobre (Administrador) # HOME-97DEF26A7C [ ]

Atualizado em 17/06/2010 por El Desaparecido / C_XX

Começou em 12:34:34 | 19/06/2010

Site: http://pagesperso-orange.fr/NosTools/index.html

Contato: FindyKill.Contact@gmail.com

 

CPU: Intel® Celeron® CPU 420 @ 1.60GHz

Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3

Internet Explorer 8.0.6001.18702

 

Windows Firewall: Habilitado

Antivirus: ESET NOD32 Antivirus 4.0 4.0 [(!) Disabled | Updated]

RAM -> 991 Mb

C:\ (%systemdrive%) -> Disco fixo # 20 Gb (6 Mb livre - 30%) [] # NTFS

D:\ -> Disco fixo # 35 Gb (15 Mb livre - 42%) [Diversos] # NTFS

E:\ -> CD-ROM

F:\ -> CD-ROM

G:\ -> Disco fixo # 20 Gb (7 Mb livre - 36%) [instalações] # NTFS

H:\ -> Disco removível # 489 Mb (74 Mb livre - 15%) [DOUG] # FAT

 

################## | Ficheiros # pastas infeciosos |

 

Supprimido ! C:\Recycler\S-1-5-21-2000478354-492894223-1417001333-1003

Supprimido ! D:\Recycler\S-1-5-21-2000478354-492894223-1417001333-1003

Supprimido ! G:\Recycler\S-1-5-21-2000478354-492894223-1417001333-1003

 

################## | Registro |

 

 

################## | Mountpoints2 |

 

 

################## | Listing |

 

[19/06/2010 - 12:19:16 | RD ] C:\Arquivos de programas

[20/12/2009 - 01:56:23 | A | 0] C:\AUTOEXEC.BAT

[19/06/2010 - 12:28:20 | RASHD ] C:\Autorun.inf

[14/06/2010 - 21:08:05 | A | 211] C:\Boot.bak

[15/06/2010 - 19:54:12 | RASH | 281] C:\boot.ini

[28/10/2001 - 14:06:10 | RASH | 4952] C:\Bootfont.bin

[15/06/2010 - 19:54:12 | RASHD ] C:\cmdcons

[03/08/2004 - 23:00:16 | A | 261856] C:\cmldr

[19/06/2010 - 12:12:14 | A | 41628] C:\ComboFix.txt

[09/06/2010 - 22:51:12 | D ] C:\Config.Msi

[20/12/2009 - 01:56:23 | A | 0] C:\CONFIG.SYS

[22/12/2009 - 21:42:05 | D ] C:\Documents and Settings

[16/03/2010 - 21:12:02 | D ] C:\Downloads

[23/05/2010 - 02:14:33 | A | 34355200] C:\dump_dvd.vob

[19/06/2010 - 11:52:30 | D ] C:\HijackThis

[20/12/2009 - 01:56:23 | RASH | 0] C:\IO.SYS

[20/12/2009 - 01:56:23 | RASH | 0] C:\MSDOS.SYS

[23/12/2009 - 17:54:33 | RD ] C:\MSOCache

[13/04/2008 - 08:43:04 | RASH | 47564] C:\NTDETECT.COM

[13/04/2008 - 10:31:44 | RASH | 251696] C:\ntldr

[19/06/2010 - 12:17:19 | ASH | 1560281088] C:\pagefile.sys

[19/06/2010 - 12:11:39 | D ] C:\Qoobox

[19/06/2010 - 12:35:17 | SHD ] C:\RECYCLER

[20/12/2009 - 02:40:56 | AH | 268] C:\sqmdata00.sqm

[20/12/2009 - 18:22:15 | AH | 268] C:\sqmdata01.sqm

[21/12/2009 - 20:32:17 | AH | 268] C:\sqmdata02.sqm

[21/12/2009 - 21:19:41 | AH | 232] C:\sqmdata03.sqm

[20/12/2009 - 02:40:56 | AH | 244] C:\sqmnoopt00.sqm

[20/12/2009 - 18:22:15 | AH | 244] C:\sqmnoopt01.sqm

[21/12/2009 - 20:32:17 | AH | 244] C:\sqmnoopt02.sqm

[21/12/2009 - 21:19:41 | AH | 244] C:\sqmnoopt03.sqm

[14/06/2010 - 21:20:37 | SHD ] C:\System Volume Information

[19/06/2010 - 12:35:17 | D ] C:\UsbFix

[19/06/2010 - 12:35:20 | A | 1180] C:\UsbFix.txt

[19/06/2010 - 12:28:35 | A | 46779256] C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip

[19/06/2010 - 12:28:01 | D ] C:\WINDOWS

[29/12/2009 - 23:20:50 | D ] C:\WinSetupFromUSB

[09/08/2009 - 10:04:23 | D ] D:\1dd3e7261f85c2d50108af8ede64

[05/10/2009 - 00:37:46 | D ] D:\81280e612ed7c301fbdf

[19/01/2008 - 01:46:52 | D ] D:\aa60f4aeb9fc3b134b9cef

[15/12/2009 - 19:12:17 | D ] D:\AMANDA

[01/08/2008 - 20:36:07 | D ] D:\Aplicativos Tiago

[19/06/2010 - 12:28:20 | RASHD ] D:\Autorun.inf

[27/10/2009 - 22:28:04 | D ] D:\CASA

[19/06/2010 - 12:28:02 | D ] D:\DESKTOP

[19/06/2010 - 12:28:02 | D ] D:\Diversos

[20/12/2009 - 01:10:01 | D ] D:\Downloads

[22/12/2009 - 22:48:31 | D ] D:\fa53d55b336416aab3045b

[16/03/2008 - 11:39:35 | A | 4460163] D:\Fotos - Formatura.rar

[02/01/2010 - 12:31:33 | D ] D:\Imagens

[19/06/2010 - 12:28:02 | D ] D:\Meus Doc

[13/01/2010 - 23:46:06 | D ] D:\Meus videos

[19/06/2010 - 12:28:05 | D ] D:\Minhas Músicas

[05/05/2009 - 00:14:49 | RD ] D:\MSOCache

[19/06/2010 - 12:35:17 | SHD ] D:\RECYCLER

[01/06/2009 - 22:15:38 | A | 66] D:\Senha Wireless.txt

[10/06/2008 - 00:20:52 | AH | 268] D:\sqmdata00.sqm

[03/05/2009 - 02:33:12 | AH | 268] D:\sqmdata01.sqm

[20/12/2009 - 02:45:35 | AH | 268] D:\sqmdata02.sqm

[10/06/2008 - 00:20:52 | AH | 244] D:\sqmnoopt00.sqm

[03/05/2009 - 02:33:12 | AH | 244] D:\sqmnoopt01.sqm

[20/12/2009 - 02:45:35 | AH | 244] D:\sqmnoopt02.sqm

[14/06/2010 - 21:20:37 | SHD ] D:\System Volume Information

[03/01/2008 - 12:34:07 | AH | 162] D:\~$rriculo Douglas.doc

[05/03/2010 - 10:02:28 | A | 148995] G:\1118-1336-1-PB.pdf

[26/04/2010 - 14:06:36 | D ] G:\ALTO NIVEL - FAZENDA DO MIMI - 25.04.2010 - MAILSON DO ZOIANDO

[19/06/2010 - 12:28:20 | RASHD ] G:\Autorun.inf

[16/04/2010 - 16:27:32 | D ] G:\Cd Pancadão Altomotivo Vol 3 (Dj Ricardo & G7som)

[19/03/2010 - 17:29:25 | D ] G:\Chimarruts - Ao Vivo 2007

[26/04/2010 - 13:59:36 | A | 420089] G:\edital petrobrás.pdf

[16/03/2010 - 23:23:29 | AH | 0] G:\F.Paris.Leg.by.rick.86.rmvb

[28/01/2010 - 10:47:07 | D ] G:\Filmes & Vídeos

[19/04/2010 - 22:44:46 | D ] G:\FORRO DO MUIDO PROMOCIONAL MAIO 2010 - BY LEO CD MORAL

[24/11/2009 - 21:50:50 | D ] G:\FORRÓ BOCA A BOCA AO VIVO NO FORRÓ NO SITIO 21.11.09 MAIS UMA EXCLUSIVA BY LUAN GRAVACOES

[16/03/2010 - 22:52:57 | AH | 0] G:\From.Paris.w.LR5.Leg-by-B4rm4n.www.clubwarez.ws(1).rmvb

[16/03/2010 - 22:52:35 | AH | 0] G:\From.Paris.w.LR5.Leg-by-B4rm4n.www.clubwarez.ws.rmvb

[22/04/2010 - 16:40:44 | AH | 335493835] G:\Furia.de.Tita.mkv

[18/04/2010 - 21:52:26 | D ] G:\GRUPO ALTO NIVEL - VOL 06 - CRISTIANO CD'S DE TIANGUÁ

[20/05/2010 - 20:26:11 | D ] G:\MOBILE_MP4

[16/03/2010 - 11:04:49 | AH | 0] G:\peter.and.vandy.2009.limited.dvdrip.xvid_nodlabs(1).rmvb

[16/03/2010 - 11:05:12 | AH | 0] G:\peter.and.vandy.2009.limited.dvdrip.xvid_nodlabs(2).rmvb

[19/06/2010 - 12:35:17 | SHD ] G:\RECYCLER

[14/06/2010 - 21:20:37 | SHD ] G:\System Volume Information

[22/04/2010 - 20:50:43 | AH | 428922183] G:\[www.TELONA.org_LUANEGRA.rmvb

[23/03/2010 - 16:22:13 | AH | 346129125] G:\[www.TioDosFilmes.com]DEF3ND0R_LeG_.rmvb

 

################## | Vaccin |

 

C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

D:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

G:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

 

################## | Upload |

 

Favor enviar o arquivo: C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip

http://chiquitine.changelog.fr/Sample/Upload.php

Obrigado pela sua contribuição.

 

################## | E.O.F |

 

 

 

HIJACKTHIS:

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:37:29, on 19/6/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\HijackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL (file missing)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [VisualTaskTips] "C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe" noTrayIcon

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O4 - Startup: Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe

O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\Microsoft Office\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 7192 bytes

 

 

 

Obrigado!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Xullippa

 

<@> Baixe: < OTL > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

<@> Clique duplo em: < otlDesktopIcon.png >

<@> Ps: Sigamos,agora,com sua configuração!

 

<!> 1 - Em "Saída",deixe marcado o botão "Resumida".

<!> 2 - Marque as caixas: Verificar All Users e Incluir Verificação 64bit <-- Ps: Caso o SO seja 64 bit!

<!> 3 - Processos: Usar SafeList <-- Marque!

<!> 4 - Módulos: Usar SafeList <-- Marque!

<!> 5 - Serviços: Usar SafeList <-- Marque!

<!> 6 - Drivers: Usar SafeList <-- Marque!

<!> 7 - Exame Padrão do Registro: Usar SafeList <-- Marque!

<!> 8 - Exame Extra do Registro: Usar SafeList <-- Marque!

<!> 9 - Verificação de Arquivos:

 

<!> Data de Criação >> Escolha: 14 dias

 

<!> Marque: Usar WhiteList para Nomes de Companhias

<!> Marque: Ignorar Arquivos Microsoft

 

<!> 10 - Arquivos Criados Desde:

 

<!> Marque: Data de Criação

 

<!> 11 - Arquivos Modificados Desde:

 

<!> Marque: Data de Criação

<!> Marque as caixas:

 

[] Verificar Lop

[] Verificar Purity

 

<@> Ps: Sugiro que imprima estas orientações,para posterior leitura.

 

netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%SYSTEMDRIVE%\*.exe%SYSTEMDRIVE%\eventlog.dll /s /md5%SYSTEMDRIVE%\scecli.dll /s /md5%SYSTEMDRIVE%\sfcfiles.dll /s /md5%SYSTEMDRIVE%\netlogon.dll /s /md5%SYSTEMDRIVE%\atapi.sys /s /md5CREATERESTOREPOINT

<@> Ps: Copie e cole estas informações,que estão no Code,para o campo abaixo de: Exames Personalizados/Correções

<@> Clique em: Verificar --> Aguarde!

<@> Concluindo,poste:

 

<!> <1> OTL.txt <--

<!> <2> Extras.txt <--

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia!

 

Segue Logs:

 

 

OTL.txt:

 

 

OTL logfile created on: 20/6/2010 01:24:52 - Run 1

OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Douglas Nobre\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

991,00 Mb Total Physical Memory | 541,00 Mb Available Physical Memory | 55,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free

Paging file location(s): c:\pagefile.sys 1488 2976 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 19,53 Gb Total Space | 5,61 Gb Free Space | 28,70% Space Free | Partition Type: NTFS

Drive D: | 35,46 Gb Total Space | 15,01 Gb Free Space | 42,33% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 19,53 Gb Total Space | 7,09 Gb Free Space | 36,33% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: HOME-97DEF26A7C

Current User Name: Douglas Nobre

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\Douglas Nobre\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)

PRC - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

PRC - C:\Arquivos de programas\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe (artArmin)

PRC - C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com)

PRC - C:\Arquivos de programas\Styler\Styler.exe (ta2027)

PRC - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)

PRC - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)

PRC - C:\WINDOWS\system32\VTTrayp.exe (S3 Graphics Co., Ltd.)

PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.)

PRC - C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe ()

PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\Douglas Nobre\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\mfc42.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\Arquivos de programas\VisualTaskTips\VttHooks.dll ()

MOD - C:\Arquivos de programas\Styler\StylerHelper.dll (ta2027)

MOD - C:\WINDOWS\system32\mfc42loc.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (ServiceLayer) -- C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (EhttpSrv) -- C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)

SRV - (ekrn) -- C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)

SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (ddsxeiservice) -- C:\Arquivos de programas\sXe Injected\ddsxei.sys ()

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)

DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)

DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)

DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)

DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)

DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)

DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)

DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)

DRV - (StMp3Rec) -- C:\WINDOWS\system32\drivers\StMp3Rec.sys (Generic)

DRV - (d301unic) GW01 USB WMC Ethernet GW (WDM) -- C:\WINDOWS\system32\drivers\d301unic.sys (MCCI Corporation)

DRV - (D301mgmt) GW01 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\D301mgmt.sys (MCCI Corporation)

DRV - (D301obex) -- C:\WINDOWS\system32\drivers\D301obex.sys (MCCI Corporation)

DRV - (d301nd5) GW01 USB WMC Ethernet GW (NDIS) -- C:\WINDOWS\system32\drivers\d301nd5.sys (MCCI Corporation)

DRV - (D301mdm) -- C:\WINDOWS\system32\drivers\D301mdm.sys (MCCI Corporation)

DRV - (D301bus) GW01 USB WMC Bus Driver (WDM) -- C:\WINDOWS\system32\drivers\D301bus.sys (MCCI Corporation)

DRV - (D301mdfl) -- C:\WINDOWS\system32\drivers\D301mdfl.sys (MCCI Corporation)

DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)

DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)

DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/12/20 02:29:12 | 000,000,000 | ---D | M]

 

 

O1 HOSTS File: ([2010/06/19 12:09:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL File not found

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Programa Auxiliar de Início de Sessão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll ()

O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll (StyleFantasist)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [DrvIcon] C:\Arquivos de programas\VistaDriveIcon\DrvIcon.exe (artArmin)

O4 - HKLM..\Run: [egui] C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)

O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)

O4 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)

O4 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003..\Run: [VisualTaskTips] C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com)

O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found

O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found

O4 - Startup: C:\Documents and Settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\Blaero Start Orb.lnk = C:\Arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe ()

O4 - Startup: C:\Documents and Settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\Styler.lnk = C:\Arquivos de programas\Styler\Styler.exe (ta2027)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O7 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

O7 - HKU\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O8 - Extra context menu item: Baixar com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dllink.htm ()

O8 - Extra context menu item: Baixar tudo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlall.htm ()

O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlfvideo.htm ()

O8 - Extra context menu item: Download selecionado pelo Free Download Manager - C:\Arquivos de programas\Free Download Manager\dlselected.htm ()

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261449751343 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/12/20 01:56:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010/06/19 12:35:22 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2010/06/19 12:35:22 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2010/06/19 12:35:22 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/06/14 21:13:19 | 000,000,000 | -H-D | M]

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Processamento de gráficos vetoriais (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Ligação de dados de HTML dinâmico para Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Cancelar inscrição

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Criação avançada

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes DirectAnimation para Java

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Agendador de tarefas

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)

Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: msacm.voxacm160 - vct3216.acm File not found

Drivers32: MSVideo - vfwwdm32.dll File not found

Drivers32: MSVideo8 - VfWWDM32.dll File not found

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)

Drivers32: VIDC.DRAW - DVIDEO.DLL File not found

Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()

Drivers32: VIDC.FPS1 - frapsvid.dll File not found

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.mp42 - MPG4C32.dll File not found

Drivers32: VIDC.MSUD - msulvc05.dll File not found

Drivers32: VIDC.VP40 - vp4vfw.dll File not found

Drivers32: vidc.VP60 - vp6vfw.dll File not found

Drivers32: vidc.VP61 - vp6vfw.dll File not found

Drivers32: vidc.VP62 - vp6vfw.dll File not found

Drivers32: vidc.VP70 - vp7vfw.dll File not found

Drivers32: VIDC.WMV3 - wmv9vcm.dll File not found

Drivers32: vidc.X264 - x264vfw.dll File not found

Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (17183528496136192)

 

========== Files/Folders - Created Within 14 Days ==========

 

[2010/06/20 01:21:05 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Douglas Nobre\Desktop\OTL.exe

[2010/06/19 12:35:22 | 000,000,000 | RHSD | C] -- C:\Autorun.inf

[2010/06/19 12:28:06 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/06/19 12:20:22 | 000,000,000 | ---D | C] -- C:\UsbFix

[2010/06/19 12:14:59 | 001,225,123 | ---- | C] (C_XX & El Desaparecido) -- C:\Arquivos de programas\UsbFix.exe

[2010/06/16 23:11:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/06/16 23:11:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/06/16 23:07:28 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Douglas Nobre\Desktop\mbam-setup-1.46.exe

[2010/06/15 19:54:08 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010/06/15 19:49:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/06/15 19:49:33 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/06/15 19:49:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/06/15 19:49:33 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/06/15 19:49:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ERDNT

[2010/06/15 19:49:06 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/06/14 21:19:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2010/06/14 21:16:13 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2010/06/14 21:16:12 | 000,080,896 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2010/06/14 21:16:12 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll

[2010/06/14 21:14:46 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys

[2010/06/11 20:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Douglas Nobre\Desktop\Matisyahu-Youth-2006-RNS

[2010/06/11 17:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Douglas Nobre\Desktop\ Ponto_de_Equilibrio_Abre_a_Janela

[2010/06/09 22:32:22 | 000,000,000 | ---D | C] -- C:\Config.Msi

[2010/06/07 20:13:47 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Orban

[2010/06/07 20:11:50 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Megacubo

[2010/06/07 19:48:52 | 007,627,139 | ---- | C] (www.megacubo.net ) -- C:\Documents and Settings\Douglas Nobre\Desktop\51761_megacubo_737.exe

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 14 Days ==========

 

[2010/06/20 01:21:29 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Douglas Nobre\Desktop\OTL.exe

[2010/06/20 01:18:30 | 000,002,284 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/06/20 01:18:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job

[2010/06/20 01:18:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/06/20 01:18:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/06/19 16:21:42 | 005,242,880 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\ntuser.dat

[2010/06/19 16:21:42 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\Douglas Nobre\ntuser.ini

[2010/06/19 16:21:37 | 010,706,212 | -H-- | M] () -- C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\IconCache.db

[2010/06/19 15:38:54 | 307,583,865 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\www.Telona.org.Dm..rmvb

[2010/06/19 12:35:36 | 046,777,415 | ---- | M] () -- C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip

[2010/06/19 12:21:58 | 000,347,648 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat

[2010/06/19 12:21:58 | 000,314,644 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/06/19 12:21:58 | 000,049,804 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat

[2010/06/19 12:21:58 | 000,040,972 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/06/19 12:21:57 | 000,759,962 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/06/19 12:19:48 | 001,225,123 | ---- | M] (C_XX & El Desaparecido) -- C:\Arquivos de programas\UsbFix.exe

[2010/06/19 12:09:45 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/06/19 12:09:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/06/18 00:22:02 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2010/06/18 00:22:02 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2010/06/16 23:10:49 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Douglas Nobre\Desktop\mbam-setup-1.46.exe

[2010/06/15 21:45:35 | 000,069,776 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT

[2010/06/15 20:39:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010/06/15 19:54:12 | 000,000,281 | RHS- | M] () -- C:\boot.ini

[2010/06/15 18:54:22 | 003,712,146 | R--- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\ComboFix.exe

[2010/06/15 18:46:47 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/06/14 21:17:23 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2010/06/14 21:13:58 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2010/06/14 21:13:46 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2010/06/14 21:12:50 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2010/06/14 21:12:50 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2010/06/14 21:12:35 | 000,000,687 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/06/14 21:10:07 | 000,022,964 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/06/14 21:08:05 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2010/06/13 16:30:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Advanced WindowsCare V2 Pro.job

[2010/06/12 14:47:38 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/12 12:14:29 | 001,494,781 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\lava_rapido.pdf

[2010/06/11 03:21:41 | 394,608,178 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\Ac.www.therebels.biz.HyperX.rmvb

[2010/06/10 19:30:42 | 000,765,345 | ---- | M] () -- C:\WINDOWS\setupapi.old

[2010/06/07 20:02:49 | 007,627,139 | ---- | M] (www.megacubo.net ) -- C:\Documents and Settings\Douglas Nobre\Desktop\51761_megacubo_737.exe

[2010/06/07 14:01:47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/06/07 13:45:24 | 000,122,368 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\CalculadoraHP12C.doc

[2010/06/06 16:50:04 | 000,098,976 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\TUDO JUNTO.rtf

[2010/06/06 14:34:18 | 001,094,144 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\Apresentaçao dos assentamentos.ppt

[2010/06/06 05:45:54 | 394,003,667 | ---- | M] () -- C:\Documents and Settings\Douglas Nobre\Desktop\www.Telona.org.L-.rmvb

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/06/19 12:43:31 | 307,583,865 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\www.Telona.org.Dm..rmvb

[2010/06/19 12:28:27 | 046,777,415 | ---- | C] () -- C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip

[2010/06/15 19:54:12 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2010/06/15 19:54:10 | 000,261,856 | ---- | C] () -- C:\cmldr

[2010/06/15 19:49:33 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010/06/15 19:49:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/06/15 19:49:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/06/15 19:49:33 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010/06/15 19:49:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/06/15 18:52:11 | 003,712,146 | R--- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\ComboFix.exe

[2010/06/14 21:16:48 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls

[2010/06/14 21:16:05 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls

[2010/06/14 21:16:05 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls

[2010/06/14 21:16:04 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll

[2010/06/14 21:15:33 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls

[2010/06/14 21:15:32 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2010/06/14 21:15:25 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe

[2010/06/14 21:15:24 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe

[2010/06/14 21:15:22 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2010/06/14 21:15:12 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll

[2010/06/14 21:15:08 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2010/06/14 21:15:03 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll

[2010/06/14 21:14:49 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll

[2010/06/14 21:14:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls

[2010/06/14 21:14:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls

[2010/06/14 21:14:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls

[2010/06/14 21:14:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls

[2010/06/14 21:14:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls

[2010/06/14 21:14:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls

[2010/06/14 21:14:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls

[2010/06/14 21:14:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls

[2010/06/14 21:14:44 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls

[2010/06/14 21:14:44 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls

[2010/06/14 21:14:44 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls

[2010/06/14 21:14:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls

[2010/06/14 21:14:43 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls

[2010/06/14 21:14:43 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls

[2010/06/14 21:14:43 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls

[2010/06/14 21:14:43 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls

[2010/06/14 21:14:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls

[2010/06/14 21:14:42 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls

[2010/06/14 21:14:42 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls

[2010/06/14 21:14:42 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls

[2010/06/14 21:14:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls

[2010/06/14 21:14:41 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls

[2010/06/14 21:14:41 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls

[2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls

[2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls

[2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls

[2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls

[2010/06/14 21:14:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls

[2010/06/14 21:14:40 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls

[2010/06/14 21:14:40 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls

[2010/06/14 21:14:40 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls

[2010/06/14 21:14:39 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls

[2010/06/14 21:12:50 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2010/06/14 21:12:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2010/06/14 18:43:00 | 001,233,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT

[2010/06/14 18:43:00 | 000,809,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2010/06/14 18:43:00 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2010/06/14 18:43:00 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat

[2010/06/14 18:43:00 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat

[2010/06/14 18:43:00 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT

[2010/06/14 18:43:00 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat

[2010/06/14 18:43:00 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT

[2010/06/14 18:43:00 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT

[2010/06/14 18:43:00 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT

[2010/06/14 18:43:00 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT

[2010/06/14 18:43:00 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT

[2010/06/14 18:43:00 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2010/06/14 18:43:00 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2010/06/14 18:42:59 | 002,038,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT

[2010/06/14 18:42:59 | 000,634,592 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT

[2010/06/12 12:13:27 | 001,494,781 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\lava_rapido.pdf

[2010/06/10 23:03:52 | 394,608,178 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\Ac.www.therebels.biz.HyperX.rmvb

[2010/06/07 13:45:23 | 000,122,368 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\CalculadoraHP12C.doc

[2010/06/06 15:05:03 | 000,098,976 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\TUDO JUNTO.rtf

[2010/06/06 11:52:34 | 001,094,144 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\Apresentaçao dos assentamentos.ppt

[2010/06/06 02:21:36 | 394,003,667 | ---- | C] () -- C:\Documents and Settings\Douglas Nobre\Desktop\www.Telona.org.L-.rmvb

[2010/03/16 19:21:13 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2010/02/10 10:47:45 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010/02/10 10:47:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2010/02/10 10:47:34 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010/02/10 10:47:34 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010/02/10 10:47:30 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2010/02/10 10:47:18 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/02/10 10:47:18 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010/01/11 19:27:27 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2010/01/02 12:20:20 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2009/12/21 21:53:41 | 000,000,033 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI

[2009/12/20 02:19:19 | 000,135,168 | -H-- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2009/12/20 02:19:11 | 000,000,164 | -H-- | C] () -- C:\WINDOWS\avrack.ini

[2009/12/20 02:18:30 | 000,061,440 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll

[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2008/04/13 16:20:38 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2007/12/19 11:53:30 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2007/08/29 09:34:46 | 000,041,053 | ---- | C] () -- C:\WINDOWS\cam1690.ini

[2007/03/09 19:17:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\cam1690m.dll

 

========== LOP Check ==========

 

[2009/12/20 02:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ESET

[2010/03/12 10:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FreeDownloadManager.ORG

[2010/05/11 22:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Installations

[2010/05/30 16:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

[2010/05/11 22:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite

[2010/02/22 12:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\SpeedBit

[2010/05/20 20:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Any Video Converter

[2009/12/29 20:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\DAEMON Tools

[2010/06/20 01:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Free Download Manager

[2010/05/11 22:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Nokia

[2010/03/12 10:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Orbit

[2010/05/11 22:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\PC Suite

[2010/05/17 23:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Douglas Nobre\Dados de aplicativos\Styler

[2010/06/13 16:30:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\Advanced WindowsCare V2 Pro.job

[2010/06/20 01:18:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.exe >

 

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

[2008/04/13 18:20:28 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\ERDNT\cache\eventlog.dll

[2008/04/13 18:20:28 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\eventlog.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[2008/04/13 18:20:28 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\dllcache\eventlog.dll

 

< %SYSTEMDRIVE%\scecli.dll /s /md5 >

[2008/04/13 18:20:42 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\ERDNT\cache\scecli.dll

[2008/04/13 18:20:42 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\scecli.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[2008/04/13 18:20:42 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\dllcache\scecli.dll

 

< %SYSTEMDRIVE%\sfcfiles.dll /s /md5 >

[2008/05/16 23:11:08 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=1D01C384F3BA123EB6F09769DEA005AC -- C:\WINDOWS\system32\sfcfiles.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >

[2008/04/13 18:20:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\ERDNT\cache\netlogon.dll

[2008/04/13 18:20:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\netlogon.dll

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[2008/04/13 18:20:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\dllcache\netlogon.dll

 

< %SYSTEMDRIVE%\atapi.sys /s /md5 >

[2008/04/13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys

[2008/04/13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< End of report >

 

 

 

 

Extras.txt:

 

 

OTL Extras logfile created on: 20/6/2010 01:24:52 - Run 1

OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Douglas Nobre\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

 

991,00 Mb Total Physical Memory | 541,00 Mb Available Physical Memory | 55,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free

Paging file location(s): c:\pagefile.sys 1488 2976 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 19,53 Gb Total Space | 5,61 Gb Free Space | 28,70% Space Free | Partition Type: NTFS

Drive D: | 35,46 Gb Total Space | 15,01 Gb Free Space | 42,33% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 19,53 Gb Total Space | 7,09 Gb Free Space | 36,33% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: HOME-97DEF26A7C

Current User Name: Douglas Nobre

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Minimal

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_USERS\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [mega] -- "C:\Arquivos de programas\Megacubo\megacubo.exe" "%1" (www.megacubo.net )

Directory [OneNote.Open] -- C:\ARQUIV~1\Microsoft Office\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015

"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016

"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015

"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016

"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\MSN Messenger\livecall.exe" = C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found

"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)

"C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)

"C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)

"C:\Arquivos de programas\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Arquivos de programas\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero AG)

"C:\Arquivos de programas\Megacubo\megacubo.exe" = C:\Arquivos de programas\Megacubo\megacubo.exe:*:Enabled:MegaCubo -- (www.megacubo.net )

"C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Enabled:Windows Update -- (Microsoft Corporation)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{110E8E90-1F9A-4804-9221-1DA0D0379C90}" = SA30xx Media Converter

"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{20B05668-C9F0-4469-AEF4-14DF41D6ACB6}" = Windows Live Messenger

"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager

"{28DA1AA2-07F2-4451-A28B-A6A01A9CE8E9}" = Assistente de Início de Sessão do Windows Live

"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{418001D0-F48E-4910-966C-0DCCC996A87A}" = Windows Live Call

"{4908C75E-E5E2-43F7-B1DF-023CBA831046}" = Nero 7 Premium

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50CEA963-2745-46A8-BE71-767F2B36FEF2}" = Windows Live Essentials

"{5DC09527-BE89-4FD0-AF67-73FBA5EEB8BC}" = SA30xx Media Converter

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution

"{8527C3D5-BA1D-46E9-88D2-AF25544311A3}" = JPEG Camera v1.02

"{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver

"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12

"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0

"{E31D543D-1EF2-41B8-8DC0-AC7DCB1D6F4C}" = ESET NOD32 Antivirus

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pacote de Driver do Windows - Nokia Modem (10/05/2009 4.2)

"504244733D18C8F63FF584AEB290E3904E791693" = Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pacote de Driver do Windows - Nokia Modem (06/01/2009 7.01.0.4)

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Advanced WindowsCare V2 Pro_is1" = Advanced WindowsCare 2.01 Professional

"Any Video Converter_is1" = Any Video Converter 2.7.5

"DVD Decrypter" = DVD Decrypter (Remove Only)

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Free Download Manager_is1" = Free Download Manager 3.0

"HijackThis" = HijackThis 2.0.2

"ie8" = Windows Internet Explorer 8

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.7.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Megacubo_is1" = Megacubo 7.3.7

"Messenger Plus! Live" = Messenger Plus! Live

"Nokia PC Suite" = Nokia PC Suite

"Seven Remix XP" = Seven Remix XP 2.31

"sXe Injected" = sXe Injected

"Usbfix" = Usbfix By C_XX & El Desaparecido

"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0331

"VistaMizer" = VistaMizer 2.5.1.0

"Visual Task Tips" = Visual Task Tips 3.2

"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter

"WinAVI Video Converter 9.09.0" = WinAVI Video Converter 9.0

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = Arquivo do WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2000478354-492894223-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"WinSetupFromUSB" = WinSetupFromUSB

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 17/5/2010 16:09:28 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 17/5/2010 21:07:14 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 17/5/2010 22:07:14 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 19/5/2010 12:07:14 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 5/6/2010 09:07:14 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 10/6/2010 18:07:22 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 10/6/2010 19:07:23 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 16/6/2010 21:26:06 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 19/6/2010 03:56:30 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

Error - 19/6/2010 10:06:22 | Computer Name = HOME-97DEF26A7C | Source = Google Update | ID = 20

Description =

 

[ System Events ]

Error - 19/6/2010 11:17:37 | Computer Name = HOME-97DEF26A7C | Source = sptd | ID = 262148

Description = O driver detectou um erro interno nas estruturas de dados para .

 

Error - 19/6/2010 11:17:40 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: sptd

 

Error - 19/6/2010 11:21:16 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7034

Description = O serviço Spooler de impressão foi encerrado inesperadamente. Isso

aconteceu 1 vez(es).

 

Error - 19/6/2010 11:21:16 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7034

Description = O serviço Serviço 'Gateway de camada de aplicativo' foi encerrado

inesperadamente. Isso aconteceu 1 vez(es).

 

Error - 19/6/2010 11:21:16 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7034

Description = O serviço Adaptador de desempenho WMI foi encerrado inesperadamente.

Isso aconteceu 1 vez(es).

 

Error - 19/6/2010 11:21:16 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7034

Description = O serviço Java Quick Starter foi encerrado inesperadamente. Isso

aconteceu 1 vez(es).

 

Error - 19/6/2010 15:16:08 | Computer Name = HOME-97DEF26A7C | Source = sptd | ID = 262148

Description = O driver detectou um erro interno nas estruturas de dados para .

 

Error - 19/6/2010 15:16:13 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: sptd

 

Error - 20/6/2010 00:18:27 | Computer Name = HOME-97DEF26A7C | Source = sptd | ID = 262148

Description = O driver detectou um erro interno nas estruturas de dados para .

 

Error - 20/6/2010 00:18:29 | Computer Name = HOME-97DEF26A7C | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: sptd

 

 

< End of report >

 

 

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Xullippa

 

<!> Execute,novamente,o procedimento CFScript que está no Post #6.

<!> Poste,ao concluir: ComboFix.txt <--

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde!

 

 

Segue Log:

 

 

COMBOFIX:

 

 

 

 

ComboFix 10-06-15.02 - Douglas Nobre 20/06/2010 13:47:29.3.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.991.632 [GMT -3:00]

Executando de: c:\documents and settings\Douglas Nobre\Desktop\ComboFix.exe

Comandos utilizados :: c:\documents and settings\Douglas Nobre\Desktop\CFScript.txt

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

 

FILE ::

"c:\docume~1\DOUGLA~1\CONFIG~1\Temp\Ev~NeN^e.eXe"

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\system32\sfcfiles.dll . . . está infectado!!

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-05-20 to 2010-06-20 ))))))))))))))))))))))))))))

.

 

2010-06-19 15:28 . 2010-06-19 15:35 46777415 ----a-w- C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip

2010-06-19 15:20 . 2010-06-19 15:35 -------- d-----w- C:\UsbFix

2010-06-19 15:14 . 2010-06-19 15:19 1225123 ----a-w- c:\arquivos de programas\UsbFix.exe

2010-06-17 02:11 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-06-17 02:11 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-06-15 22:05 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2010-06-15 22:05 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2010-06-15 22:04 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2010-06-15 22:04 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll

2010-06-15 01:09 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2010-06-15 01:06 . 2008-06-14 17:34 272384 -c----w- c:\windows\system32\dllcache\bthport.sys

2010-06-15 00:54 . 2010-02-17 17:07 2194176 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2010-06-15 00:54 . 2010-02-16 19:07 2150400 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2010-06-15 00:54 . 2010-02-16 19:07 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2010-06-15 00:15 . 2008-04-13 21:20 45056 -c--a-w- c:\windows\system32\dllcache\nsepm.dll

2010-06-15 00:14 . 2008-04-13 21:20 42496 -c--a-w- c:\windows\system32\dllcache\davcdata.exe

2010-06-15 00:11 . 2001-10-28 17:06 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe

2010-06-14 21:43 . 2001-10-28 17:07 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll

2010-06-14 21:43 . 2001-10-28 17:07 24661 ----a-w- c:\windows\system32\spxcoins.dll

2010-06-14 21:43 . 2001-10-28 17:06 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll

2010-06-14 21:43 . 2001-10-28 17:06 13312 ----a-w- c:\windows\system32\irclass.dll

2010-06-07 23:13 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Orban

2010-06-07 23:11 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Megacubo

2010-05-27 22:57 . 2008-04-13 14:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys

2010-05-27 22:57 . 2008-04-13 14:46 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys

2010-05-27 22:57 . 2008-04-13 14:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys

2010-05-27 22:57 . 2008-04-13 14:46 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys

2010-05-27 22:57 . 2008-04-13 14:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys

2010-05-27 22:57 . 2004-07-09 07:27 230400 ----a-w- c:\windows\system32\dplayx.dll

2010-05-27 22:56 . 2008-01-14 19:58 19840 ----a-w- c:\windows\system32\drivers\StMp3Rec.sys

2010-05-27 22:55 . 2010-05-27 22:56 -------- d-----w- c:\arquivos de programas\Philips

2010-05-27 22:55 . 2010-05-27 22:55 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\InstallShield

2010-05-24 03:33 . 2010-05-24 03:33 503808 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcp71.dll

2010-05-24 03:33 . 2010-05-24 03:33 499712 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\jmc.dll

2010-05-24 03:33 . 2010-05-24 03:33 348160 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcr71.dll

2010-05-24 03:32 . 2010-05-24 03:32 61440 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-sse.dll

2010-05-24 03:32 . 2010-05-24 03:32 12800 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-d3d.dll

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-20 05:11 . 2010-03-12 13:24 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Free Download Manager

2010-06-19 15:21 . 2001-10-28 17:07 49804 ----a-w- c:\windows\system32\perfc016.dat

2010-06-19 15:21 . 2001-10-28 17:07 347648 ----a-w- c:\windows\system32\perfh016.dat

2010-06-17 02:11 . 2009-12-23 00:33 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2010-06-15 00:12 . 2009-12-20 04:54 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços

2010-06-15 00:10 . 2009-12-20 04:53 22964 ----a-w- c:\windows\system32\emptyregdb.dat

2010-06-10 01:33 . 2009-12-23 20:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2010-05-30 19:40 . 2009-12-20 21:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus!

2010-05-27 22:56 . 2009-12-20 05:10 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2010-05-20 23:25 . 2009-12-23 01:49 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Any Video Converter

2010-05-19 01:35 . 2010-05-19 01:14 -------- d-----w- c:\arquivos de programas\Valve

2010-05-18 02:01 . 2010-05-18 02:01 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Styler

2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VisualTaskTips

2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VistaDriveIcon

2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Styler

2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Blaero Start Orb

2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf

2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf

2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\PC Suite

2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Nokia

2010-05-12 01:29 . 2010-05-12 01:20 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Suite

2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Nokia

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\DIFX

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution

2010-05-12 01:17 . 2010-05-12 01:17 95232 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe

2010-05-12 01:17 . 2010-05-12 01:17 61440 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2010-05-12 01:17 . 2010-05-12 01:17 8192 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe

2010-05-12 01:17 . 2010-05-12 01:17 10240 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe

2010-05-12 01:16 . 2010-05-12 01:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Installations

2010-05-12 00:46 . 2010-05-12 01:17 34555528 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_por_br_web(2).exe

2010-05-06 10:34 . 2008-05-17 02:10 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-02 08:08 . 2008-04-13 20:54 1851392 ----a-w- c:\windows\system32\win32k.sys

2010-04-23 22:42 . 2010-04-23 22:42 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java

2010-04-23 22:42 . 2010-04-23 22:42 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-04-23 22:42 . 2010-04-23 22:42 -------- d-----w- c:\arquivos de programas\Java

2010-04-20 05:31 . 2008-04-13 21:18 285696 ----a-w- c:\windows\system32\atmfd.dll

.

 

------- Sigcheck -------

 

[-] 2008-05-17 . 1D01C384F3BA123EB6F09769DEA005AC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

.

((((((((((((((((((((((((((((( SnapShot_2010-06-19_15.09.45 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-06-20 15:07 . 2010-06-20 15:07 16384 c:\windows\Temp\Perflib_Perfdata_6bc.dat

+ 2001-10-28 17:07 . 2010-06-19 15:21 40972 c:\windows\system32\perfc009.dat

- 2001-10-28 17:07 . 2010-06-15 00:19 40972 c:\windows\system32\perfc009.dat

+ 2001-10-28 17:07 . 2010-06-19 15:21 314644 c:\windows\system32\perfh009.dat

- 2001-10-28 17:07 . 2010-06-15 00:19 314644 c:\windows\system32\perfh009.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-12-23 135664]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]

"VisualTaskTips"="c:\arquivos de programas\VisualTaskTips\VisualTaskTips.exe" [2008-03-09 61440]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2006-08-03 53248]

"VTTrayp"="VTtrayp.exe" [2006-08-30 180224]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]

"egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]

"GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"NeroFilterCheck"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]

"DrvIcon"="c:\arquivos de programas\VistaDriveIcon\DrvIcon.exe" [2008-04-13 49152]

"SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_2"="shell32" [X]

 

c:\documents and settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\

Blaero Start Orb.lnk - c:\arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe [2006-7-30 521216]

Recorte de tela e Iniciador do OneNote 2007.lnk - c:\arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

Styler.lnk - c:\arquivos de programas\Styler\Styler.exe [2007-4-15 307200]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Arquivos de programas\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=

"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=

"c:\\WINDOWS\\system32\\ftp.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

 

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/5/2009 15:47 107256]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14/5/2009 15:49 94360]

R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [14/5/2009 15:47 731840]

S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28/12/2009 20:23 715248]

S3 D301bus;GW01 USB WMC Bus Driver (WDM);c:\windows\system32\drivers\D301bus.sys [8/5/2010 12:44 83328]

S3 D301mdfl;GW01 USB WMC Modem Filter;c:\windows\system32\drivers\D301mdfl.sys [8/5/2010 12:44 14976]

S3 D301mdm;GW01 USB WMC Modem Driver;c:\windows\system32\drivers\D301mdm.sys [8/5/2010 12:44 109824]

S3 D301mgmt;GW01 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\D301mgmt.sys [8/5/2010 12:45 103808]

S3 d301nd5;GW01 USB WMC Ethernet GW (NDIS);c:\windows\system32\drivers\d301nd5.sys [8/5/2010 12:45 24832]

S3 D301obex;GW01 USB WMC OBEX Interface;c:\windows\system32\drivers\D301obex.sys [8/5/2010 12:44 99840]

S3 d301unic;GW01 USB WMC Ethernet GW (WDM);c:\windows\system32\drivers\d301unic.sys [8/5/2010 12:45 105728]

S3 ddsxeiservice;ddsxeiservice2;c:\arquivos de programas\sXe Injected\ddsxei.sys [1/2/2010 20:48 93056]

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2010-06-13 c:\windows\Tasks\Advanced WindowsCare V2 Pro.job

- c:\arquivos de programas\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe [2009-12-21 20:49]

 

2010-06-20 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07]

.

.

------- Scan Suplementar -------

.

IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm

IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm

IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm

IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\Microsoft Office\Office12\EXCEL.EXE/3000

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-06-20 13:50

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'explorer.exe'(2712)

c:\windows\system32\WININET.dll

c:\arquivos de programas\VisualTaskTips\VttHooks.dll

c:\arquivos de programas\Windows Media Player\wmpband.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Tempo para conclusão: 2010-06-20 13:51:37

ComboFix-quarantined-files.txt 2010-06-20 16:51

ComboFix2.txt 2010-06-19 15:12

ComboFix3.txt 2010-06-15 22:59

 

Pré-execução: 5.970.849.792 bytes disponíveis

Pós execução: 5.964.341.248 bytes disponíveis

 

- - End Of File - - 624ED469E08A5D05BEA124D34A8E80E0

 

 

 

Obrigado!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Xullippa

 

<@> Execute o OTL.exe.

<@> Copie estas informações que estão na Quote,para o campo abaixo de: Exames Personalizados/Correções

 

:Files

C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

c:\windows\system32\sfcfiles.dll

c:\windows\LastGood.Tmp .scr

c:\windows\LastGood .scr

c:\windows\system32\de-DE .scr

c:\windows\system32\da-DK .scr

c:\windows\system32\config .scr

c:\windows\system32\Com .scr

c:\windows\system32\ChCfg.exe .scr

c:\windows\system32\CatRoot2 .scr

c:\windows\system32\CatRoot .scr

c:\windows\system32\ar-SA .scr

c:\windows\system32\alsndmgr.wav .scr

c:\windows\system32\alsndmgr.cpl .scr

c:\windows\system32\3com_dmi .scr

:otl

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL File not found

O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found

O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

:commands

[purity]

[emptyflash]

[emptytemp]

[Reboot]

<@> Clique no botão Consertar --> Aguarde a conclusão! --> Executar!

<@> Poste o relatório,que também estará na pasta: C:\_OTL\MovedFiles\*.log <--

0000000000000000000000

oooooooooooooooooooooo

<@> Vá em Iniciar --> Executar --> Digite: sfc /scannow --> Clique OK.

 

< 2.jpg >

 

<@> Será pedido a colocação do CD-ROM,do Windows XP,no drive.

<@> Será,portanto,acionada a "Proteção de arquivo do Windows".

 

Ps: Aguarde enquanto o Windows verifica se todos os arquivos protegidos do Windows estão intactos e em suas versões originais.

<@> Aguarde a conclusão do reparo!

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite,

 

Segue Log

 

 

All processes killed

Error: Unable to interpret <Files> in the current context!

Error: Unable to interpret <C:\Documents and Settings\Douglas Nobre\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context!

Error: Unable to interpret <c:\windows\system32\sfcfiles.dll > in the current context!

Error: Unable to interpret <c:\windows\LastGood.Tmp .scr> in the current context!

Error: Unable to interpret <c:\windows\LastGood .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\de-DE .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\da-DK .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\config .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\Com .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\ChCfg.exe .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\CatRoot2 .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\CatRoot .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\ar-SA .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\alsndmgr.wav .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\alsndmgr.cpl .scr> in the current context!

Error: Unable to interpret <c:\windows\system32\3com_dmi .scr> in the current context!

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EF05952-B48D-4944-AA91-57A6A1A48EF8}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EF05952-B48D-4944-AA91-57A6A1A48EF8}\ deleted successfully.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.

C:\WINDOWS\SET3.tmp deleted successfully.

C:\WINDOWS\SET4.tmp deleted successfully.

C:\WINDOWS\SET8.tmp deleted successfully.

C:\WINDOWS\SET9A.tmp deleted successfully.

C:\WINDOWS\SET9D.tmp deleted successfully.

C:\WINDOWS\SETA9.tmp deleted successfully.

C:\WINDOWS\System32\CONFIG.TMP deleted successfully.

========== COMMANDS ==========

 

[EMPTYFLASH]

 

User: Administrador

 

User: All Users

 

User: Default User

 

User: Douglas Nobre

->Flash cache emptied: 26430 bytes

 

User: LocalService

 

User: NetworkService

 

Total Flash Files Cleaned = 0,00 mb

 

 

[EMPTYTEMP]

 

User: Administrador

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: Douglas Nobre

->Temp folder emptied: 39998 bytes

->Temporary Internet Files folder emptied: 834841 bytes

->Java cache emptied: 319802 bytes

->Google Chrome cache emptied: 113565727 bytes

->Flash cache emptied: 0 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 483 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 110,00 mb

 

 

OTL by OldTimer - Version 3.2.6.0 log created on 06212010_212226

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

 

 

Obrigado!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Xullippa

 

<@> Baixe: < sfcfiles.zip >

<@> Descompacte-o para este diretório,em destaque: c:\windows\system32\dllcache <--

<@> Ps: Abra o Malwarebytes! --> Clique em Ferramentas.

<@> Clique em Executar ferramenta. <-- File Assassin!

<@> Na janela Open e Examinar,busque o arquivo em destaque: c:\windows\system32\sfcfiles.dll

<@> Clique em Abrir.

<@> Na mensagem,clique em Sim! --> OK.

00000000000000000000000000

oooooooooooooooooooooooooo

<@> Ps: Selecione e copie,esta informação que está no campo,para o Bloco de Notas.

<@> Salve-o,no Desktop,com o nome: CFScript.txt

 

RESTORE::c:\windows\system32\sfcfiles.dll

<@> Ps: É recomendável que esteja desconectado,ao rodar o script.

<@> Ps: Desabilite,temporariamente,seu antivírus.

<@> Ps: Não utilizem este script em outra máquina!

<@> Arraste,o CFScript.txt para o ícone/interior do ComboFix.

<@> Veja a demonstração!

 

2872959479_997d4500c4_o.gif

 

<@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.

<@> Ps: Faça o arraste,até surgir essa solicitação! ( janela )

<@> Terminando,poste: C:\ComboFix.txt

 

Abraços1

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA =/

 

 

Várias pastas do pc estão ocultas, inclusive a "system32" e ao entrar nela a outra pasta dllcache simplesmente não existe :( . E agora?

 

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA =/

 

 

Várias pastas do pc estão ocultas, inclusive a "system32" e ao entrar nela a outra pasta dllcache simplesmente não existe :( . E agora?

 

 

Abraços!

//////////\/\\\\\\\\\

Opa! Xullipa

 

<@> Copie estas informações,que estão no campo,para o Bloco de Notas.

 

@echo off

attrib -r -s -h %systemdrive%\"Windows\system32"

attrib -r -s -h %systemdrive%\"Windows\system32\dllcache"

attrib -r -s -h %systemdrive%\"Documents and Settings"

attrib -r -s -h %systemdrive%\"Arquivos de programas"

<@> Salve-as como: Fix.bat --> Envie o arquivo ao desktop.

<@> Como "Tipo de arquivo",escolha: "Todos os Arquivos"

<@> Ps: Execute-o com um duplo-clique em Fix.bat <--

<@> Aguarde! :seta: Confirme o surgimento das pastas,que estavam ocultas.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite,

 

Segue Log:

 

 

ComboFix 10-06-15.02 - Douglas Nobre 22/06/2010 22:19:20.4.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.991.571 [GMT -3:00]

Executando de: c:\documents and settings\Douglas Nobre\Desktop\ComboFix.exe

Comandos utilizados :: c:\documents and settings\Douglas Nobre\Desktop\CFScript.txt

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\docume~1\DOUGLA~1\CONFIG~1\Temp\install_flash_player.exe

 

c:\windows\system32\sfcfiles.dll . . . está infectado!!

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-05-23 to 2010-06-23 ))))))))))))))))))))))))))))

.

 

2010-06-22 00:42 . 2008-04-13 22:20 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2010-06-22 00:42 . 2001-09-06 02:50 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2010-06-22 00:42 . 2008-04-13 22:20 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll

2010-06-22 00:42 . 2001-09-06 02:50 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe

2010-06-22 00:42 . 2001-09-06 02:50 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe

2010-06-22 00:42 . 2001-09-06 02:50 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe

2010-06-22 00:42 . 2001-08-17 23:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys

2010-06-22 00:42 . 2008-04-13 12:34 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys

2010-06-22 00:42 . 2008-04-13 12:34 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys

2010-06-22 00:42 . 2008-04-13 22:20 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll

2010-06-22 00:40 . 2001-09-06 02:50 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll

2010-06-22 00:39 . 2008-04-13 22:20 73832 -c--a-w- c:\windows\system32\dllcache\slcoinst.dll

2010-06-22 00:38 . 2001-08-18 00:28 130942 -c--a-w- c:\windows\system32\dllcache\ptserlv.sys

2010-06-22 00:37 . 2001-09-06 02:49 91488 -c--a-w- c:\windows\system32\dllcache\n9i3disp.dll

2010-06-22 00:36 . 2001-08-18 00:28 797500 -c--a-w- c:\windows\system32\dllcache\ltsmt.sys

2010-06-22 00:35 . 2008-05-17 02:10 78336 -c--a-w- c:\windows\system32\dllcache\ieencode.dll

2010-06-22 00:34 . 2008-04-13 14:45 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys

2010-06-22 00:33 . 2001-08-17 23:11 29696 -c--a-w- c:\windows\system32\dllcache\dm9pci5.sys

2010-06-22 00:32 . 2001-09-06 02:12 14080 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys

2010-06-22 00:31 . 2008-04-13 22:20 870784 -c--a-w- c:\windows\system32\dllcache\ati3d1ag.dll

2010-06-22 00:30 . 2001-09-06 02:49 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll

2010-06-22 00:22 . 2010-06-22 00:22 -------- d-----w- C:\_OTL

2010-06-19 15:28 . 2010-06-19 15:35 46777415 ----a-w- C:\UsbFix_Upload_Me_HOME-97DEF26A7C.zip

2010-06-19 15:20 . 2010-06-19 15:35 -------- d-----w- C:\UsbFix

2010-06-19 15:14 . 2010-06-19 15:19 1225123 ----a-w- c:\arquivos de programas\UsbFix.exe

2010-06-17 02:11 . 2010-04-29 18:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-06-17 02:11 . 2010-04-29 18:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-06-15 22:05 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2010-06-15 22:05 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2010-06-15 22:04 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2010-06-15 22:04 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll

2010-06-15 00:54 . 2010-02-16 19:07 2150400 -c--a-w- c:\windows\system32\dllcache\ntkrnlmp.exe

2010-06-15 00:54 . 2010-02-16 19:07 2028544 -c--a-w- c:\windows\system32\dllcache\ntkrpamp.exe

2010-06-15 00:15 . 2008-04-13 21:20 45056 -c--a-w- c:\windows\system32\dllcache\nsepm.dll

2010-06-15 00:14 . 2008-04-13 21:20 42496 -c--a-w- c:\windows\system32\dllcache\davcdata.exe

2010-06-15 00:11 . 2001-10-28 17:06 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe

2010-06-14 21:43 . 2001-10-28 17:07 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll

2010-06-14 21:43 . 2001-10-28 17:07 24661 ----a-w- c:\windows\system32\spxcoins.dll

2010-06-14 21:43 . 2001-10-28 17:06 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll

2010-06-14 21:43 . 2001-10-28 17:06 13312 ----a-w- c:\windows\system32\irclass.dll

2010-06-07 23:13 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Orban

2010-06-07 23:11 . 2010-06-07 23:13 -------- d-----w- c:\arquivos de programas\Megacubo

2010-05-27 22:57 . 2008-04-13 14:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys

2010-05-27 22:57 . 2008-04-13 14:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys

2010-05-27 22:57 . 2008-04-13 14:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys

2010-05-27 22:57 . 2008-04-13 14:46 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys

2010-05-27 22:57 . 2008-04-13 14:46 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys

2010-05-27 22:57 . 2008-04-13 14:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys

2010-05-27 22:57 . 2008-04-13 14:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys

2010-05-27 22:57 . 2008-04-13 14:46 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys

2010-05-27 22:57 . 2008-04-13 14:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys

2010-05-27 22:57 . 2008-04-13 14:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys

2010-05-27 22:57 . 2004-07-09 07:27 230400 ----a-w- c:\windows\system32\dplayx.dll

2010-05-27 22:56 . 2008-01-14 19:58 19840 ----a-w- c:\windows\system32\drivers\StMp3Rec.sys

2010-05-27 22:55 . 2010-05-27 22:56 -------- d-----w- c:\arquivos de programas\Philips

2010-05-27 22:55 . 2010-05-27 22:55 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\InstallShield

2010-05-24 03:33 . 2010-05-24 03:33 503808 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcp71.dll

2010-05-24 03:33 . 2010-05-24 03:33 499712 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\jmc.dll

2010-05-24 03:33 . 2010-05-24 03:33 348160 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-417b3743-n\msvcr71.dll

2010-05-24 03:32 . 2010-05-24 03:32 61440 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-sse.dll

2010-05-24 03:32 . 2010-05-24 03:32 12800 ----a-w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7caaf742-n\decora-d3d.dll

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-22 02:57 . 2010-03-12 13:24 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Free Download Manager

2010-06-19 15:21 . 2001-10-28 17:07 49804 ----a-w- c:\windows\system32\perfc016.dat

2010-06-19 15:21 . 2001-10-28 17:07 347648 ----a-w- c:\windows\system32\perfh016.dat

2010-06-17 02:11 . 2009-12-23 00:33 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware

2010-06-15 00:12 . 2009-12-20 04:54 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços

2010-06-15 00:10 . 2009-12-20 04:53 22964 ----a-w- c:\windows\system32\emptyregdb.dat

2010-06-10 01:33 . 2009-12-23 20:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2010-05-30 19:40 . 2009-12-20 21:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus!

2010-05-27 22:56 . 2009-12-20 05:10 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2010-05-20 23:25 . 2009-12-23 01:49 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Any Video Converter

2010-05-19 01:35 . 2010-05-19 01:14 -------- d-----w- c:\arquivos de programas\Valve

2010-05-18 02:01 . 2010-05-18 02:01 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Styler

2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VisualTaskTips

2010-05-18 01:56 . 2010-05-18 01:56 -------- d-----w- c:\arquivos de programas\VistaDriveIcon

2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Styler

2010-05-18 01:55 . 2010-05-18 01:55 -------- d-----w- c:\arquivos de programas\Blaero Start Orb

2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf

2010-05-12 01:30 . 2010-05-12 01:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf

2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\PC Suite

2010-05-12 01:30 . 2010-05-12 01:21 -------- d-----w- c:\documents and settings\Douglas Nobre\Dados de aplicativos\Nokia

2010-05-12 01:29 . 2010-05-12 01:20 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Suite

2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2010-05-12 01:29 . 2010-05-12 01:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Nokia

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\DIFX

2010-05-12 01:18 . 2010-05-12 01:18 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution

2010-05-12 01:17 . 2010-05-12 01:17 95232 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe

2010-05-12 01:17 . 2010-05-12 01:17 61440 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2010-05-12 01:17 . 2010-05-12 01:17 8192 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe

2010-05-12 01:17 . 2010-05-12 01:17 10240 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe

2010-05-12 01:16 . 2010-05-12 01:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Installations

2010-05-12 00:46 . 2010-05-12 01:17 34555528 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_por_br_web(2).exe

2010-05-06 10:34 . 2008-05-17 02:10 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-02 08:08 . 2008-04-13 20:54 1851392 ----a-w- c:\windows\system32\win32k.sys

2010-04-23 22:42 . 2010-04-23 22:42 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-04-20 05:31 . 2008-04-13 21:18 285696 ----a-w- c:\windows\system32\atmfd.dll

.

 

------- Sigcheck -------

 

[-] 2008-05-17 . 1D01C384F3BA123EB6F09769DEA005AC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

.

((((((((((((((((((((((((((((( SnapShot_2010-06-19_15.09.45 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-06-22 21:07 . 2010-06-22 21:07 16384 c:\windows\Temp\Perflib_Perfdata_754.dat

- 2001-10-28 17:07 . 2010-06-15 00:19 40972 c:\windows\system32\perfc009.dat

+ 2001-10-28 17:07 . 2010-06-19 15:21 40972 c:\windows\system32\perfc009.dat

+ 2008-04-13 19:20 . 2008-04-13 21:34 52736 c:\windows\system32\dllcache\wzcsapi.dll

+ 2009-12-20 04:54 . 2009-08-06 22:24 53472 c:\windows\system32\dllcache\wuauclt.exe

+ 2001-09-05 23:50 . 2001-10-28 17:06 14336 c:\windows\system32\dllcache\wowfaxui.dll

+ 2010-06-22 00:41 . 2001-09-06 02:22 34890 c:\windows\system32\dllcache\wlandrv2.sys

+ 2010-06-22 00:41 . 2001-09-06 02:50 54272 c:\windows\system32\dllcache\wiamsmud.dll

+ 2010-06-22 00:41 . 2001-09-06 02:50 87040 c:\windows\system32\dllcache\wiafbdrv.dll

+ 2008-04-13 12:17 . 2008-04-13 21:34 83072 c:\windows\system32\dllcache\wdmaud.sys

+ 2008-04-13 19:21 . 2008-04-13 21:34 23552 c:\windows\system32\dllcache\wdmaud.drv

+ 2010-06-22 00:41 . 2008-04-13 12:34 23615 c:\windows\system32\dllcache\wch7xxnt.sys

+ 2010-06-22 00:41 . 2008-04-13 21:53 32000 c:\windows\system32\dllcache\wceusbsh.sys

+ 2010-06-22 00:41 . 2001-08-17 23:10 35871 c:\windows\system32\dllcache\wbfirdma.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 25471 c:\windows\system32\dllcache\watv10nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 22271 c:\windows\system32\dllcache\watv06nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 33599 c:\windows\system32\dllcache\watv04nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 19551 c:\windows\system32\dllcache\watv02nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 29311 c:\windows\system32\dllcache\watv01nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 11935 c:\windows\system32\dllcache\wadv11nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 11871 c:\windows\system32\dllcache\wadv09nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 11295 c:\windows\system32\dllcache\wadv08nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 11807 c:\windows\system32\dllcache\wadv07nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 11775 c:\windows\system32\dllcache\wadv05nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 12127 c:\windows\system32\dllcache\wadv02nt.sys

+ 2010-06-22 00:41 . 2008-04-13 12:34 12415 c:\windows\system32\dllcache\wadv01nt.sys

+ 2010-06-22 00:41 . 2008-04-13 14:43 14208 c:\windows\system32\dllcache\wacompen.sys

+ 2010-06-22 00:41 . 2001-08-17 23:13 16925 c:\windows\system32\dllcache\w940nd.sys

+ 2010-06-22 00:41 . 2001-08-17 23:13 19016 c:\windows\system32\dllcache\w926nd.sys

+ 2010-06-22 00:41 . 2001-08-17 23:13 19528 c:\windows\system32\dllcache\w840nd.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 64605 c:\windows\system32\dllcache\vvoice.sys

+ 2010-06-22 00:41 . 2001-08-18 00:49 24576 c:\windows\system32\dllcache\viairda.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 42240 c:\windows\system32\dllcache\viaagp.sys

+ 2010-06-22 00:41 . 2008-04-13 22:20 54784 c:\windows\system32\dllcache\vfwwdm32.dll

+ 2001-08-17 22:02 . 2001-10-28 17:06 58112 c:\windows\system32\dllcache\vdmindvd.sys

+ 2010-06-22 00:41 . 2008-04-13 22:20 11325 c:\windows\system32\dllcache\vchnt5.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 49211 c:\windows\system32\dllcache\usrvpa.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 45116 c:\windows\system32\dllcache\usrvoica.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 49209 c:\windows\system32\dllcache\usrv80a.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 41019 c:\windows\system32\dllcache\usrsvpia.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 69700 c:\windows\system32\dllcache\usrshuta.exe

+ 2001-09-05 23:50 . 2001-10-28 17:06 49211 c:\windows\system32\dllcache\usrsdpia.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 77883 c:\windows\system32\dllcache\usrrtosa.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 61508 c:\windows\system32\dllcache\usrprbda.exe

+ 2001-09-05 23:50 . 2001-10-28 17:06 77891 c:\windows\system32\dllcache\usrmlnka.exe

+ 2001-09-05 23:50 . 2001-10-28 17:06 53305 c:\windows\system32\dllcache\usrlbva.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 86073 c:\windows\system32\dllcache\usrfaxa.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 77890 c:\windows\system32\dllcache\usrdpa.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 69699 c:\windows\system32\dllcache\usrcoina.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 61500 c:\windows\system32\dllcache\usrcntra.dll

+ 2008-04-13 19:20 . 2008-04-13 21:34 76288 c:\windows\system32\dllcache\usbui.dll

+ 2008-04-13 13:45 . 2008-04-13 13:45 20608 c:\windows\system32\dllcache\usbuhci.sys

+ 2008-04-13 13:45 . 2008-04-13 13:45 26368 c:\windows\system32\dllcache\usbstor.sys

+ 2008-04-13 11:45 . 2008-04-13 21:34 26112 c:\windows\system32\dllcache\usbser.sys

+ 2010-06-22 00:41 . 2008-04-13 14:45 15104 c:\windows\system32\dllcache\usbscan.sys

+ 2010-06-22 00:41 . 2008-04-13 14:47 25856 c:\windows\system32\dllcache\usbprint.sys

+ 2010-06-22 00:41 . 2008-04-13 14:45 17152 c:\windows\system32\dllcache\usbohci.sys

+ 2008-04-13 11:45 . 2008-04-13 21:34 15872 c:\windows\system32\dllcache\usbintel.sys

+ 2008-04-13 13:45 . 2008-04-13 13:45 59520 c:\windows\system32\dllcache\usbhub.sys

+ 2008-04-13 13:45 . 2008-04-13 13:45 30208 c:\windows\system32\dllcache\usbehci.sys

+ 2008-04-13 13:45 . 2008-04-13 13:45 32128 c:\windows\system32\dllcache\usbccgp.sys

+ 2008-04-13 11:45 . 2008-04-13 21:34 25728 c:\windows\system32\dllcache\usbcamd2.sys

+ 2008-04-13 11:45 . 2008-04-13 21:34 25600 c:\windows\system32\dllcache\usbcamd.sys

+ 2010-06-22 00:41 . 2008-04-13 14:45 60032 c:\windows\system32\dllcache\usbaudio.sys

+ 2010-06-22 00:41 . 2008-04-13 14:56 12800 c:\windows\system32\dllcache\usb8023x.sys

+ 2010-06-22 00:41 . 2008-04-13 21:52 32384 c:\windows\system32\dllcache\usb101et.sys

+ 2010-06-22 00:41 . 2001-09-06 02:50 94720 c:\windows\system32\dllcache\umaxud32.dll

+ 2010-06-22 00:41 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\umaxu40.dll

+ 2010-06-22 00:41 . 2001-09-06 02:50 26624 c:\windows\system32\dllcache\umaxu22.dll

+ 2010-06-22 00:41 . 2001-09-06 02:50 69632 c:\windows\system32\dllcache\umaxu12.dll

+ 2010-06-22 00:41 . 2001-09-06 02:50 50688 c:\windows\system32\dllcache\umaxscan.dll

+ 2010-06-22 00:41 . 2001-08-18 00:58 22912 c:\windows\system32\dllcache\umaxpcls.sys

+ 2010-06-22 00:41 . 2001-09-06 02:50 50176 c:\windows\system32\dllcache\umaxp60.dll

+ 2010-06-22 00:41 . 2001-09-06 02:50 47616 c:\windows\system32\dllcache\umaxcam.dll

+ 2010-06-22 00:41 . 2001-08-18 00:52 36736 c:\windows\system32\dllcache\ultra.sys

+ 2009-12-20 01:46 . 2008-04-13 11:36 44672 c:\windows\system32\dllcache\uagp35.sys

+ 2010-06-22 00:41 . 2001-08-18 00:48 11520 c:\windows\system32\dllcache\twotrack.sys

+ 2008-04-13 11:56 . 2008-04-13 21:34 12288 c:\windows\system32\dllcache\tunmp.sys

+ 2001-08-17 22:06 . 2001-10-28 17:06 21376 c:\windows\system32\dllcache\tsbvcap.sys

+ 2010-06-22 00:40 . 2001-08-17 23:12 34375 c:\windows\system32\dllcache\tpro4.sys

+ 2010-06-22 00:40 . 2001-09-06 02:49 43008 c:\windows\system32\dllcache\tp4res.dll

+ 2010-06-22 00:40 . 2008-04-13 22:21 82944 c:\windows\system32\dllcache\tp4mon.exe

+ 2010-06-22 00:40 . 2001-09-06 02:50 31744 c:\windows\system32\dllcache\tp4.dll

+ 2001-08-17 22:01 . 2001-10-28 17:06 51712 c:\windows\system32\dllcache\tosdvd.sys

+ 2010-06-22 00:40 . 2001-08-17 23:10 28232 c:\windows\system32\dllcache\tos4mo.sys

+ 2010-06-22 00:40 . 2001-09-06 02:49 81408 c:\windows\system32\dllcache\tgiul50.dll

+ 2009-12-20 04:51 . 2008-04-13 22:21 40840 c:\windows\system32\dllcache\termdd.sys

+ 2010-06-22 00:40 . 2001-08-17 23:13 17129 c:\windows\system32\dllcache\tdkcd31.sys

+ 2010-06-22 00:40 . 2001-08-17 23:13 37961 c:\windows\system32\dllcache\tdk100b.sys

+ 2010-06-22 00:40 . 2001-08-18 00:49 30464 c:\windows\system32\dllcache\tbatm155.sys

+ 2010-06-22 00:40 . 2001-08-17 23:50 36640 c:\windows\system32\dllcache\t2r4mini.sys

+ 2008-04-13 12:15 . 2008-04-13 21:34 60800 c:\windows\system32\dllcache\sysaudio.sys

+ 2010-06-22 00:40 . 2001-08-18 01:07 32640 c:\windows\system32\dllcache\symc8xx.sys

+ 2010-06-22 00:40 . 2001-08-18 01:07 16256 c:\windows\system32\dllcache\symc810.sys

+ 2010-06-22 00:40 . 2001-08-18 01:07 30688 c:\windows\system32\dllcache\sym_u3.sys

+ 2010-06-22 00:40 . 2001-08-18 01:07 28384 c:\windows\system32\dllcache\sym_hi.sys

+ 2010-06-22 00:40 . 2001-09-06 02:50 94293 c:\windows\system32\dllcache\sxports.dll

+ 2008-04-13 11:45 . 2008-04-13 21:34 56576 c:\windows\system32\dllcache\swmidi.sys

+ 2010-06-22 00:40 . 2001-09-06 02:50 53760 c:\windows\system32\dllcache\sw_wheel.dll

+ 2010-06-22 00:40 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\sw_effct.dll

+ 2008-04-13 13:46 . 2008-04-13 13:46 15232 c:\windows\system32\dllcache\streamip.sys

+ 2008-04-13 11:45 . 2008-04-13 21:34 49408 c:\windows\system32\dllcache\stream.sys

+ 2009-12-20 01:44 . 2008-04-13 22:20 75776 c:\windows\system32\dllcache\storprop.dll

+ 2010-06-22 00:40 . 2001-09-06 02:50 53248 c:\windows\system32\dllcache\stlncoin.dll

+ 2010-06-22 00:40 . 2001-09-06 02:06 17024 c:\windows\system32\dllcache\stcusb.sys

+ 2010-06-22 00:40 . 2001-08-17 23:11 48736 c:\windows\system32\dllcache\srwlnd5.sys

+ 2010-06-22 00:40 . 2001-09-06 02:50 99328 c:\windows\system32\dllcache\srusd.dll

+ 2010-06-22 00:40 . 2001-09-06 02:50 24660 c:\windows\system32\dllcache\spxupchk.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 72192 c:\windows\system32\dllcache\sprio800.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 70656 c:\windows\system32\dllcache\sprio600.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 69632 c:\windows\system32\dllcache\spnike.dll

+ 2010-06-22 00:40 . 2001-08-18 00:51 61824 c:\windows\system32\dllcache\speed.sys

+ 2010-06-22 00:40 . 2001-08-18 01:07 19072 c:\windows\system32\dllcache\sparrow.sys

+ 2010-06-22 00:40 . 2001-08-17 23:51 37040 c:\windows\system32\dllcache\sonypi.sys

+ 2010-06-22 00:40 . 2001-08-17 23:51 20752 c:\windows\system32\dllcache\sonync.sys

+ 2008-04-13 11:46 . 2008-04-13 21:34 25344 c:\windows\system32\dllcache\sonydcam.sys

+ 2010-06-22 00:40 . 2001-08-17 23:51 58368 c:\windows\system32\dllcache\smiminib.sys

+ 2010-06-22 00:40 . 2001-08-17 23:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys

+ 2010-06-22 00:40 . 2001-09-06 02:29 36425 c:\windows\system32\dllcache\smcirda.sys

+ 2010-06-22 00:40 . 2001-08-17 23:12 24576 c:\windows\system32\dllcache\smc8000n.sys

+ 2010-06-22 00:40 . 2008-04-13 14:36 16000 c:\windows\system32\dllcache\smbbatt.sys

+ 2010-06-22 00:40 . 2001-09-06 02:50 45568 c:\windows\system32\dllcache\smb3w.dll

+ 2010-06-22 00:40 . 2001-09-06 02:50 33792 c:\windows\system32\dllcache\smb0w.dll

+ 2010-06-22 00:40 . 2001-09-06 02:50 28672 c:\windows\system32\dllcache\sma0w.dll

+ 2010-06-22 00:40 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\sm91w.dll

+ 2010-06-22 00:40 . 2008-04-13 14:23 13240 c:\windows\system32\dllcache\slwdmsup.sys

+ 2010-06-22 00:40 . 2008-04-13 22:21 73796 c:\windows\system32\dllcache\slserv.exe

+ 2010-06-22 00:40 . 2008-04-13 22:21 32866 c:\windows\system32\dllcache\slrundll.exe

+ 2010-06-22 00:40 . 2008-04-13 14:23 95424 c:\windows\system32\dllcache\slnthal.sys

+ 2008-04-13 13:46 . 2008-04-13 13:46 11136 c:\windows\system32\dllcache\slip.sys

+ 2010-06-22 00:39 . 2008-04-13 12:35 63547 c:\windows\system32\dllcache\sla30nd5.sys

+ 2010-06-22 00:39 . 2001-08-17 23:12 91294 c:\windows\system32\dllcache\skfpwin.sys

+ 2010-06-22 00:39 . 2001-09-06 02:29 94890 c:\windows\system32\dllcache\sk98xwin.sys

+ 2010-06-22 00:39 . 2001-08-17 23:50 50432 c:\windows\system32\dllcache\sisv.sys

+ 2010-06-22 00:39 . 2008-04-13 12:35 32768 c:\windows\system32\dllcache\sisnic.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 40960 c:\windows\system32\dllcache\sisagp.sys

+ 2010-06-22 00:39 . 2001-08-17 23:50 68608 c:\windows\system32\dllcache\sis6306p.sys

+ 2010-06-22 00:39 . 2001-07-22 01:29 18400 c:\windows\system32\dllcache\sgsmld.sys

+ 2010-06-22 00:39 . 2001-08-17 23:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys

+ 2010-06-22 00:39 . 2001-08-17 23:19 36480 c:\windows\system32\dllcache\sfmanm.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 11392 c:\windows\system32\dllcache\sfloppy.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 11008 c:\windows\system32\dllcache\sffp_sd.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 11904 c:\windows\system32\dllcache\sffdisk.sys

+ 2010-06-22 00:39 . 2001-09-06 02:27 18176 c:\windows\system32\dllcache\sermouse.sys

+ 2008-04-13 20:55 . 2008-04-13 20:55 65536 c:\windows\system32\dllcache\serial.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 15744 c:\windows\system32\dllcache\serenum.sys

+ 2008-04-13 21:20 . 2008-04-13 22:20 29184 c:\windows\system32\dllcache\sdhcinst.dll

+ 2008-04-13 13:36 . 2008-04-13 13:36 79232 c:\windows\system32\dllcache\sdbus.sys

+ 2010-06-22 00:39 . 2008-04-13 14:45 11520 c:\windows\system32\dllcache\scsiscan.sys

+ 2010-06-22 00:39 . 2001-08-18 00:52 11648 c:\windows\system32\dllcache\scsiprnt.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 96384 c:\windows\system32\dllcache\scsiport.sys

+ 2010-06-22 00:39 . 2001-09-06 02:27 17408 c:\windows\system32\dllcache\scr111.sys

+ 2010-06-22 00:39 . 2001-09-06 02:27 16768 c:\windows\system32\dllcache\scmstcs.sys

+ 2010-06-22 00:39 . 2001-08-18 00:51 23936 c:\windows\system32\dllcache\sccmusbm.sys

+ 2010-06-22 00:39 . 2001-09-06 02:26 24064 c:\windows\system32\dllcache\sccmn50m.sys

+ 2010-06-22 00:39 . 2008-04-13 14:40 43904 c:\windows\system32\dllcache\sbp2port.sys

+ 2010-06-22 00:39 . 2001-08-17 23:50 75392 c:\windows\system32\dllcache\s3savmxm.sys

+ 2010-06-22 00:39 . 2001-08-17 23:50 77824 c:\windows\system32\dllcache\s3sav4m.sys

+ 2010-06-22 00:39 . 2001-08-17 23:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys

+ 2010-06-22 00:39 . 2001-09-06 02:49 62496 c:\windows\system32\dllcache\s3mtrio.dll

+ 2010-06-22 00:39 . 2001-08-17 23:50 41216 c:\windows\system32\dllcache\s3mt3d.sys

+ 2010-06-22 00:39 . 2001-08-18 00:57 65664 c:\windows\system32\dllcache\s3legacy.sys

+ 2010-06-22 00:39 . 2001-09-06 02:50 83456 c:\windows\system32\dllcache\rwia450.dll

+ 2010-06-22 00:39 . 2001-09-06 02:50 80896 c:\windows\system32\dllcache\rwia430.dll

+ 2010-06-22 00:39 . 2008-04-13 22:20 29696 c:\windows\system32\dllcache\rw450ext.dll

+ 2010-06-22 00:39 . 2008-04-13 22:20 28160 c:\windows\system32\dllcache\rw430ext.dll

+ 2010-06-22 00:39 . 2008-04-13 12:35 20992 c:\windows\system32\dllcache\rtl8139.sys

+ 2010-06-22 00:39 . 2001-08-17 23:12 19017 c:\windows\system32\dllcache\rtl8029.sys

+ 2010-06-22 00:39 . 2001-08-17 23:19 30720 c:\windows\system32\dllcache\rthwcls.sys

+ 2010-06-22 00:39 . 2008-04-13 21:54 79360 c:\windows\system32\dllcache\rocket.sys

+ 2010-06-22 00:39 . 2008-04-13 14:56 30592 c:\windows\system32\dllcache\rndismpx.sys

+ 2010-06-22 00:39 . 2001-08-17 23:12 37563 c:\windows\system32\dllcache\rlnet5.sys

+ 2001-08-17 21:24 . 2001-10-28 17:06 12032 c:\windows\system32\dllcache\riodrv.sys

+ 2001-08-17 21:24 . 2001-10-28 17:06 12032 c:\windows\system32\dllcache\rio8drv.sys

+ 2010-06-22 00:39 . 2008-04-13 14:46 59136 c:\windows\system32\dllcache\rfcomm.sys

+ 2009-12-20 01:47 . 2008-04-13 18:53 58240 c:\windows\system32\dllcache\redbook.sys

+ 2010-06-22 00:39 . 2008-04-13 14:23 13776 c:\windows\system32\dllcache\recagent.sys

+ 2010-06-22 00:39 . 2001-08-18 00:51 19584 c:\windows\system32\dllcache\rasirda.sys

+ 2010-06-22 00:39 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\qvusd.dll

+ 2010-06-22 00:39 . 2001-08-18 00:52 49024 c:\windows\system32\dllcache\ql1280.sys

+ 2010-06-22 00:39 . 2001-08-18 00:52 40448 c:\windows\system32\dllcache\ql1240.sys

+ 2010-06-22 00:39 . 2001-08-18 00:52 45312 c:\windows\system32\dllcache\ql12160.sys

+ 2010-06-22 00:39 . 2001-08-18 00:52 33152 c:\windows\system32\dllcache\ql10wnt.sys

+ 2010-06-22 00:39 . 2001-08-18 00:52 40320 c:\windows\system32\dllcache\ql1080.sys

+ 2010-06-22 00:38 . 2001-09-06 02:50 35328 c:\windows\system32\dllcache\psisload.dll

+ 2010-06-22 00:38 . 2001-09-06 02:21 16512 c:\windows\system32\dllcache\pscr.sys

+ 2008-04-13 18:51 . 2008-04-13 21:34 39936 c:\windows\system32\dllcache\processr.sys

+ 2010-06-22 00:38 . 2008-04-13 14:41 17664 c:\windows\system32\dllcache\ppa3.sys

+ 2010-06-22 00:38 . 2001-08-18 00:53 17792 c:\windows\system32\dllcache\ppa.sys

+ 2008-04-13 19:20 . 2008-04-13 21:34 15360 c:\windows\system32\dllcache\pjlmon.dll

+ 2008-04-13 19:20 . 2008-04-13 21:34 35328 c:\windows\system32\dllcache\pid.dll

+ 2010-06-22 00:38 . 2001-08-18 01:07 19840 c:\windows\system32\dllcache\philtune.sys

+ 2010-06-22 00:38 . 2001-08-18 01:04 92416 c:\windows\system32\dllcache\phildec.sys

+ 2010-06-22 00:38 . 2001-08-18 01:04 75776 c:\windows\system32\dllcache\philcam1.sys

+ 2010-06-22 00:38 . 2001-09-06 02:50 16896 c:\windows\system32\dllcache\philcam1.dll

+ 2010-06-22 00:38 . 2008-04-13 14:44 28032 c:\windows\system32\dllcache\perm3.sys

+ 2010-06-22 00:38 . 2008-04-13 14:44 27904 c:\windows\system32\dllcache\perm2.sys

+ 2010-06-22 00:38 . 2001-08-18 01:07 27296 c:\windows\system32\dllcache\perc2.sys

+ 2010-06-22 00:38 . 2001-09-06 02:50 86016 c:\windows\system32\dllcache\pctspk.exe

+ 2010-06-22 00:38 . 2001-08-17 23:11 35328 c:\windows\system32\dllcache\pcntpci5.sys

+ 2010-06-22 00:38 . 2001-08-17 23:11 29769 c:\windows\system32\dllcache\pcntn5m.sys

+ 2010-06-22 00:38 . 2001-08-17 23:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys

+ 2010-06-22 00:38 . 2001-08-17 23:12 26153 c:\windows\system32\dllcache\pcmlm56.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 24960 c:\windows\system32\dllcache\pciidex.sys

+ 2008-04-13 21:02 . 2008-04-13 21:02 68992 c:\windows\system32\dllcache\pci.sys

+ 2010-06-22 00:38 . 2008-04-13 12:35 29502 c:\windows\system32\dllcache\pca200e.sys

+ 2010-06-22 00:38 . 2001-08-17 23:12 30495 c:\windows\system32\dllcache\pc100nds.sys

+ 2008-04-13 19:02 . 2008-04-13 21:34 80384 c:\windows\system32\dllcache\parport.sys

+ 2008-04-13 19:02 . 2008-04-13 21:34 46848 c:\windows\system32\dllcache\p3.sys

+ 2010-06-22 00:38 . 2001-09-06 02:50 42496 c:\windows\system32\dllcache\ovui2rc.dll

+ 2010-06-22 00:38 . 2001-09-06 02:50 44544 c:\windows\system32\dllcache\ovui2.dll

+ 2010-06-22 00:38 . 2001-08-18 01:05 25216 c:\windows\system32\dllcache\ovsound2.sys

+ 2010-06-22 00:38 . 2001-09-06 02:50 39424 c:\windows\system32\dllcache\ovcoms.exe

+ 2010-06-22 00:38 . 2001-09-06 02:50 20480 c:\windows\system32\dllcache\ovcomc.dll

+ 2010-06-22 00:38 . 2001-08-18 01:05 31872 c:\windows\system32\dllcache\ovce.sys

+ 2010-06-22 00:38 . 2001-08-18 01:05 28032 c:\windows\system32\dllcache\ovcd.sys

+ 2010-06-22 00:38 . 2001-08-18 01:05 48000 c:\windows\system32\dllcache\ovcam2.sys

+ 2010-06-22 00:38 . 2001-08-18 01:05 25088 c:\windows\system32\dllcache\ovca.sys

+ 2010-06-22 00:38 . 2001-09-06 02:15 54698 c:\windows\system32\dllcache\otcsercb.sys

+ 2010-06-22 00:38 . 2001-09-06 02:15 44009 c:\windows\system32\dllcache\otceth5.sys

+ 2010-06-22 00:38 . 2001-08-17 23:12 27209 c:\windows\system32\dllcache\otc06x5.sys

+ 2010-06-22 00:38 . 2001-08-17 23:20 54528 c:\windows\system32\dllcache\opl3sax.sys

+ 2010-06-22 00:38 . 2008-04-13 14:46 61696 c:\windows\system32\dllcache\ohci1394.sys

+ 2010-06-22 00:38 . 2008-04-13 14:54 28672 c:\windows\system32\dllcache\nscirda.sys

+ 2010-06-22 00:38 . 2001-08-17 23:20 87040 c:\windows\system32\dllcache\nm6wdm.sys

+ 2001-08-17 21:24 . 2001-10-28 17:06 12032 c:\windows\system32\dllcache\nikedrv.sys

+ 2008-04-13 11:51 . 2008-04-13 21:34 61824 c:\windows\system32\dllcache\nic1394.sys

+ 2010-06-22 00:38 . 2001-08-17 23:12 32840 c:\windows\system32\dllcache\ngrpci.sys

+ 2010-06-22 00:38 . 2001-09-06 02:05 65918 c:\windows\system32\dllcache\netflx3.sys

+ 2010-06-22 00:38 . 2001-08-17 23:50 39264 c:\windows\system32\dllcache\neo20xx.sys

+ 2010-06-22 00:38 . 2001-09-06 02:49 60480 c:\windows\system32\dllcache\neo20xx.dll

+ 2010-06-22 00:38 . 2001-08-18 00:49 15872 c:\windows\system32\dllcache\ne2000.sys

+ 2008-04-13 11:56 . 2008-04-13 21:34 14592 c:\windows\system32\dllcache\ndisuio.sys

+ 2008-04-13 11:46 . 2008-04-13 21:34 10880 c:\windows\system32\dllcache\ndisip.sys

+ 2010-06-22 00:37 . 2001-08-17 23:50 27936 c:\windows\system32\dllcache\n9i3d.sys

+ 2010-06-22 00:37 . 2001-08-17 23:50 33088 c:\windows\system32\dllcache\n9i128v2.sys

+ 2010-06-22 00:37 . 2001-09-06 02:49 59104 c:\windows\system32\dllcache\n9i128v2.dll

+ 2010-06-22 00:37 . 2001-08-17 23:50 13664 c:\windows\system32\dllcache\n9i128.sys

+ 2010-06-22 00:37 . 2001-09-06 02:49 35392 c:\windows\system32\dllcache\n9i128.dll

+ 2010-06-22 00:37 . 2001-09-06 02:28 52767 c:\windows\system32\dllcache\n1000nt5.sys

+ 2010-06-22 00:37 . 2001-09-06 02:27 76544 c:\windows\system32\dllcache\mxport.sys

+ 2010-06-22 00:37 . 2001-08-18 00:49 19968 c:\windows\system32\dllcache\mxnic.sys

+ 2010-06-22 00:37 . 2001-09-06 02:50 19968 c:\windows\system32\dllcache\mxicfg.dll

+ 2010-06-22 00:37 . 2001-09-06 02:27 22016 c:\windows\system32\dllcache\mxcard.sys

+ 2010-06-22 00:37 . 2008-04-13 14:43 12672 c:\windows\system32\dllcache\mutohpen.sys

- 2009-11-27 17:13 . 2009-11-27 17:13 17920 c:\windows\system32\dllcache\msyuv.dll

+ 2008-04-13 19:20 . 2009-11-27 17:13 17920 c:\windows\system32\dllcache\msyuv.dll

+ 2010-06-22 00:37 . 2008-04-13 14:46 49024 c:\windows\system32\dllcache\mstape.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 15488 c:\windows\system32\dllcache\mssmbios.sys

+ 2010-06-22 00:37 . 2001-08-18 00:48 12416 c:\windows\system32\dllcache\msriffwv.sys

+ 2010-06-22 00:37 . 2008-04-13 14:54 22016 c:\windows\system32\dllcache\msircomm.sys

+ 2010-06-22 00:37 . 2001-08-18 01:02 35200 c:\windows\system32\dllcache\msgame.sys

+ 2010-06-22 00:37 . 2001-08-18 00:52 17280 c:\windows\system32\dllcache\mraid35x.sys

+ 2008-04-13 11:46 . 2008-04-13 21:34 15232 c:\windows\system32\dllcache\mpe.sys

+ 2001-09-05 23:20 . 2001-10-28 17:06 12288 c:\windows\system32\dllcache\mouhid.sys

+ 2008-04-13 18:50 . 2008-04-13 21:34 23552 c:\windows\system32\dllcache\mouclass.sys

+ 2010-06-22 00:37 . 2001-08-18 00:57 16128 c:\windows\system32\dllcache\modemcsa.sys

+ 2008-04-13 18:50 . 2008-04-13 21:34 30336 c:\windows\system32\dllcache\modem.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 63744 c:\windows\system32\dllcache\mf.sys

+ 2010-06-22 00:37 . 2008-04-13 14:41 26112 c:\windows\system32\dllcache\memstpci.sys

+ 2010-06-22 00:37 . 2001-09-06 02:50 47616 c:\windows\system32\dllcache\memgrp.dll

+ 2010-06-22 00:37 . 2001-08-17 23:19 48768 c:\windows\system32\dllcache\maestro.sys

+ 2010-06-22 00:37 . 2001-09-06 02:50 59392 c:\windows\system32\dllcache\m3092dc.dll

+ 2010-06-22 00:37 . 2001-09-06 02:50 58880 c:\windows\system32\dllcache\m3091dc.dll

+ 2010-06-22 00:37 . 2001-08-17 23:49 22848 c:\windows\system32\dllcache\lwusbhid.sys

+ 2010-06-22 00:37 . 2008-04-13 12:39 20864 c:\windows\system32\dllcache\lwadihid.sys

+ 2010-06-22 00:36 . 2001-08-17 23:12 70730 c:\windows\system32\dllcache\lne100tx.sys

+ 2010-06-22 00:36 . 2001-08-17 23:12 20573 c:\windows\system32\dllcache\lne100.sys

+ 2010-06-22 00:36 . 2001-08-17 23:11 25065 c:\windows\system32\dllcache\lmndis3.sys

+ 2010-06-22 00:36 . 2001-09-06 02:11 16128 c:\windows\system32\dllcache\lit220p.sys

+ 2010-06-22 00:36 . 2008-04-13 14:40 34688 c:\windows\system32\dllcache\lbrtfdc.sys

+ 2010-06-22 00:36 . 2001-09-06 02:10 26634 c:\windows\system32\dllcache\lanepic5.sys

+ 2010-06-22 00:36 . 2001-08-17 23:12 19016 c:\windows\system32\dllcache\ktc111.sys

+ 2010-06-22 00:36 . 2001-09-06 02:50 37376 c:\windows\system32\dllcache\kousd.dll

+ 2010-06-22 00:36 . 2008-04-13 22:20 49152 c:\windows\system32\dllcache\kdsui.dll

+ 2008-04-13 20:58 . 2008-04-13 20:58 14720 c:\windows\system32\dllcache\kbdhid.sys

+ 2008-04-13 20:58 . 2008-04-13 20:58 25088 c:\windows\system32\dllcache\kbdclass.sys

- 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll

+ 2008-04-13 19:20 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll

+ 2008-04-13 20:58 . 2008-04-13 20:58 37632 c:\windows\system32\dllcache\isapnp.sys

+ 2010-06-22 00:36 . 2001-08-18 00:49 26624 c:\windows\system32\dllcache\irstusb.sys

+ 2010-06-22 00:36 . 2001-08-18 00:51 18688 c:\windows\system32\dllcache\irsir.sys

+ 2010-06-22 00:36 . 2008-04-13 22:20 28672 c:\windows\system32\dllcache\irmon.dll

+ 2010-06-22 00:36 . 2001-08-18 00:49 23552 c:\windows\system32\dllcache\irmk7.sys

+ 2010-06-22 00:36 . 2008-04-13 14:54 88192 c:\windows\system32\dllcache\irda.sys

+ 2010-06-22 00:36 . 2008-04-13 14:45 46592 c:\windows\system32\dllcache\irbus.sys

+ 2010-06-22 00:36 . 2001-08-17 23:12 45632 c:\windows\system32\dllcache\ip5515.sys

+ 2010-06-22 00:36 . 2001-09-06 02:50 90200 c:\windows\system32\dllcache\io8ports.dll

+ 2010-06-22 00:36 . 2001-08-18 00:50 38784 c:\windows\system32\dllcache\io8.sys

+ 2008-04-13 20:57 . 2008-04-13 20:57 40448 c:\windows\system32\dllcache\intelppm.sys

+ 2010-06-22 00:36 . 2001-09-06 02:05 13568 c:\windows\system32\dllcache\inport.sys

+ 2010-06-22 00:36 . 2001-08-18 00:52 16000 c:\windows\system32\dllcache\ini910u.sys

+ 2008-04-13 13:41 . 2008-04-13 13:41 42112 c:\windows\system32\dllcache\imapi.sys

+ 2010-06-22 00:35 . 2001-09-06 02:50 20480 c:\windows\system32\dllcache\icam5ext.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 45056 c:\windows\system32\dllcache\icam5com.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 62976 c:\windows\system32\dllcache\icam4ext.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 91648 c:\windows\system32\dllcache\icam4com.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 26624 c:\windows\system32\dllcache\icam3ext.dll

+ 2010-06-22 00:35 . 2001-08-18 01:06 38528 c:\windows\system32\dllcache\ibmvcap.sys

+ 2010-06-22 00:35 . 2001-08-17 23:11 28700 c:\windows\system32\dllcache\ibmexmp.sys

+ 2008-04-13 20:55 . 2008-04-13 20:55 53504 c:\windows\system32\dllcache\i8042prt.sys

+ 2010-06-22 00:35 . 2001-08-17 23:49 58592 c:\windows\system32\dllcache\i740nt5.sys

+ 2010-06-22 00:35 . 2008-04-13 14:41 18560 c:\windows\system32\dllcache\i2omp.sys

+ 2010-06-22 00:35 . 2008-04-13 22:20 32285 c:\windows\system32\dllcache\hsfcisp2.dll

+ 2010-06-22 00:35 . 2001-08-18 00:28 50751 c:\windows\system32\dllcache\hsf_tone.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 73279 c:\windows\system32\dllcache\hsf_spkp.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 44863 c:\windows\system32\dllcache\hsf_soar.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 57471 c:\windows\system32\dllcache\hsf_samp.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 67167 c:\windows\system32\dllcache\hsf_bsc2.sys

+ 2010-06-22 00:35 . 2001-09-06 02:50 19456 c:\windows\system32\dllcache\hr1w.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 13312 c:\windows\system32\dllcache\hpsjmcro.dll

+ 2010-06-22 00:35 . 2001-08-18 01:07 25952 c:\windows\system32\dllcache\hpn.sys

+ 2010-06-22 00:35 . 2001-09-06 02:50 32768 c:\windows\system32\dllcache\hpgtmcro.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 68608 c:\windows\system32\dllcache\hpgt53tk.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 31232 c:\windows\system32\dllcache\hpgt42tk.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 93696 c:\windows\system32\dllcache\hpgt42.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 48128 c:\windows\system32\dllcache\hpgt33tk.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 89088 c:\windows\system32\dllcache\hpgt33.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 83968 c:\windows\system32\dllcache\hpgt21.dll

+ 2008-04-13 13:45 . 2008-04-13 13:45 10368 c:\windows\system32\dllcache\hidusb.sys

+ 2008-04-13 19:20 . 2008-04-13 21:34 21504 c:\windows\system32\dllcache\hidserv.dll

+ 2008-04-13 13:45 . 2008-04-13 13:45 24960 c:\windows\system32\dllcache\hidparse.sys

+ 2010-06-22 00:35 . 2008-04-13 14:45 19200 c:\windows\system32\dllcache\hidir.sys

+ 2008-04-13 13:45 . 2008-04-13 13:45 36864 c:\windows\system32\dllcache\hidclass.sys

+ 2010-06-22 00:35 . 2008-04-13 21:54 25728 c:\windows\system32\dllcache\hidbth.sys

+ 2010-06-22 00:35 . 2008-04-13 14:36 20352 c:\windows\system32\dllcache\hidbatt.sys

+ 2008-04-13 19:20 . 2008-04-13 21:34 20992 c:\windows\system32\dllcache\hid.dll

+ 2010-06-22 00:35 . 2008-04-13 21:54 28544 c:\windows\system32\dllcache\grserial.sys

+ 2010-06-22 00:35 . 2001-09-06 02:23 82432 c:\windows\system32\dllcache\grclass.sys

+ 2010-06-22 00:35 . 2001-09-06 02:22 17664 c:\windows\system32\dllcache\gpr400.sys

+ 2010-06-22 00:34 . 2008-04-13 14:45 10624 c:\windows\system32\dllcache\gameenum.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 46464 c:\windows\system32\dllcache\gagp30kx.sys

+ 2010-06-22 00:34 . 2001-09-06 02:50 92160 c:\windows\system32\dllcache\fuusd.dll

+ 2001-09-05 23:20 . 2001-10-28 17:06 12416 c:\windows\system32\dllcache\fsvga.sys

+ 2010-06-22 00:34 . 2008-04-13 12:35 34173 c:\windows\system32\dllcache\forehe.sys

+ 2010-06-22 00:34 . 2001-09-06 02:50 71680 c:\windows\system32\dllcache\fnfilter.dll

+ 2008-04-13 13:40 . 2008-04-13 13:40 20480 c:\windows\system32\dllcache\flpydisk.sys

+ 2010-06-22 00:34 . 2001-08-17 23:13 27165 c:\windows\system32\dllcache\fetnd5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:10 22090 c:\windows\system32\dllcache\fem556n5.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 27392 c:\windows\system32\dllcache\fdc.sys

+ 2010-06-22 00:34 . 2001-08-17 23:12 24618 c:\windows\system32\dllcache\fa410nd5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:12 16074 c:\windows\system32\dllcache\fa312nd5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:11 11850 c:\windows\system32\dllcache\f3ab18xj.sys

+ 2010-06-22 00:34 . 2001-08-17 23:11 12362 c:\windows\system32\dllcache\f3ab18xi.sys

+ 2010-06-22 00:34 . 2001-08-17 23:12 16998 c:\windows\system32\dllcache\ex10.sys

+ 2010-06-22 00:34 . 2001-09-06 02:50 46080 c:\windows\system32\dllcache\esunib.dll

+ 2010-06-22 00:34 . 2001-09-06 02:50 46080 c:\windows\system32\dllcache\esuni.dll

+ 2010-06-22 00:34 . 2001-09-06 02:50 34816 c:\windows\system32\dllcache\esuimg.dll

+ 2010-06-22 00:34 . 2001-09-06 02:50 43008 c:\windows\system32\dllcache\esucm.dll

+ 2010-06-22 00:34 . 2001-08-17 23:19 63360 c:\windows\system32\dllcache\ess.sys

+ 2010-06-22 00:34 . 2001-08-17 23:19 72192 c:\windows\system32\dllcache\es1969.sys

+ 2010-06-22 00:34 . 2001-08-17 23:19 40704 c:\windows\system32\dllcache\es1371mp.sys

+ 2010-06-22 00:34 . 2001-08-17 23:19 37120 c:\windows\system32\dllcache\es1370mp.sys

+ 2010-06-22 00:34 . 2001-09-06 02:50 62464 c:\windows\system32\dllcache\eqnloop.exe

+ 2010-06-22 00:34 . 2001-09-06 02:50 51712 c:\windows\system32\dllcache\eqnlogr.exe

+ 2010-06-22 00:34 . 2001-09-06 02:50 53248 c:\windows\system32\dllcache\eqndiag.exe

+ 2010-06-22 00:34 . 2001-08-17 23:12 18503 c:\windows\system32\dllcache\epro4.sys

+ 2010-06-22 00:34 . 2001-08-17 23:10 19996 c:\windows\system32\dllcache\em556n4.sys

+ 2010-06-22 00:34 . 2001-08-17 23:10 25159 c:\windows\system32\dllcache\elnk3.sys

+ 2010-06-22 00:34 . 2001-08-17 23:11 70174 c:\windows\system32\dllcache\el98xn5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:11 66591 c:\windows\system32\dllcache\el90xbc5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:11 77386 c:\windows\system32\dllcache\el656nd5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:11 69194 c:\windows\system32\dllcache\el656cd5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:10 26141 c:\windows\system32\dllcache\el589nd5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:10 69692 c:\windows\system32\dllcache\el575nd5.sys

+ 2010-06-22 00:34 . 2001-08-17 23:10 24653 c:\windows\system32\dllcache\el574nd4.sys

+ 2010-06-22 00:34 . 2001-08-17 23:10 55999 c:\windows\system32\dllcache\el556nd5.sys

+ 2010-06-22 00:34 . 2001-09-06 02:11 44103 c:\windows\system32\dllcache\el515.sys

+ 2010-06-22 00:34 . 2001-08-17 23:12 19594 c:\windows\system32\dllcache\e100isa4.sys

+ 2010-06-22 00:34 . 2001-09-06 02:10 51231 c:\windows\system32\dllcache\e1000nt5.sys

+ 2008-04-13 13:38 . 2008-04-13 13:38 71168 c:\windows\system32\dllcache\dxg.sys

+ 2001-09-05 23:50 . 2001-10-28 17:06 57344 c:\windows\system32\dllcache\dvdplay.exe

+ 2008-04-13 11:45 . 2008-04-13 21:34 60160 c:\windows\system32\dllcache\drmk.sys

+ 2010-06-22 00:34 . 2001-08-18 01:07 20192 c:\windows\system32\dllcache\dpti2o.sys

+ 2010-06-22 00:34 . 2001-08-17 23:12 28062 c:\windows\system32\dllcache\dp83820.sys

+ 2010-06-22 00:34 . 2001-09-06 02:06 24064 c:\windows\system32\dllcache\dot4usb.sys

+ 2010-06-22 00:34 . 2001-08-18 00:47 12928 c:\windows\system32\dllcache\dot4prt.sys

+ 2008-04-13 19:20 . 2008-04-13 21:34 55296 c:\windows\system32\dllcache\dmutil.dll

+ 2009-12-20 05:19 . 2008-04-13 14:45 52864 c:\windows\system32\dllcache\dmusic.sys

+ 2010-06-22 00:33 . 2001-08-17 23:11 26698 c:\windows\system32\dllcache\dlh5xnd5.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 29768 c:\windows\system32\dllcache\divasu.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 37962 c:\windows\system32\dllcache\divaprop.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 38985 c:\windows\system32\dllcache\disrvsu.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 31817 c:\windows\system32\dllcache\disrvpp.dll

+ 2008-04-13 13:40 . 2008-04-13 13:40 36352 c:\windows\system32\dllcache\disk.sys

+ 2010-06-22 00:33 . 2001-08-17 23:13 91305 c:\windows\system32\dllcache\dimaint.sys

+ 2010-06-22 00:33 . 2001-09-06 02:04 42528 c:\windows\system32\dllcache\digirlpt.sys

+ 2010-06-22 00:33 . 2001-08-17 23:14 21606 c:\windows\system32\dllcache\digiisdn.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 41046 c:\windows\system32\dllcache\digiisdn.dll

+ 2010-06-22 00:33 . 2001-09-06 02:04 90717 c:\windows\system32\dllcache\digifep5.sys

+ 2010-06-22 00:33 . 2001-09-06 02:04 37895 c:\windows\system32\dllcache\digiasyn.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 65622 c:\windows\system32\dllcache\digiasyn.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 32256 c:\windows\system32\dllcache\diapi2NT.dll

+ 2010-06-22 00:33 . 2001-09-06 02:27 29659 c:\windows\system32\dllcache\dgapci.sys

+ 2010-06-22 00:33 . 2001-08-17 23:11 24649 c:\windows\system32\dllcache\dfe650d.sys

+ 2010-06-22 00:33 . 2001-08-17 23:11 24648 c:\windows\system32\dllcache\dfe650.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 24064 c:\windows\system32\dllcache\devldr32.exe

+ 2010-06-22 00:33 . 2001-08-17 23:11 20928 c:\windows\system32\dllcache\defpa.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 86528 c:\windows\system32\dllcache\dc240usd.dll

+ 2010-06-22 00:33 . 2001-08-17 23:12 63208 c:\windows\system32\dllcache\dc21x4.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 81408 c:\windows\system32\dllcache\dc210usd.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 25600 c:\windows\system32\dllcache\dc210_32.dll

+ 2010-06-22 00:33 . 2001-08-18 00:52 14720 c:\windows\system32\dllcache\dac960nt.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\cyzports.dll

+ 2010-06-22 00:33 . 2001-09-06 02:25 50560 c:\windows\system32\dllcache\cyzport.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\cyzcoins.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\cyyports.dll

+ 2010-06-22 00:33 . 2001-09-06 02:25 50816 c:\windows\system32\dllcache\cyyport.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 28672 c:\windows\system32\dllcache\cyycoins.dll

+ 2010-06-22 00:33 . 2001-09-06 02:25 15104 c:\windows\system32\dllcache\cyclom-y.sys

+ 2010-06-22 00:33 . 2001-09-06 02:25 17408 c:\windows\system32\dllcache\cyclad-z.sys

+ 2010-06-22 00:33 . 2008-04-13 12:36 48640 c:\windows\system32\dllcache\cwrwdm.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 93952 c:\windows\system32\dllcache\cwcwdm.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 72832 c:\windows\system32\dllcache\cwbwdm.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 96256 c:\windows\system32\dllcache\ctlsb16.sys

+ 2008-04-13 18:57 . 2008-04-13 21:34 40832 c:\windows\system32\dllcache\crusoe.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 42112 c:\windows\system32\dllcache\crtaud.sys

+ 2010-06-22 00:33 . 2008-04-13 14:36 10240 c:\windows\system32\dllcache\compbatt.sys

+ 2008-04-13 19:20 . 2008-04-13 21:34 49152 c:\windows\system32\dllcache\cnbjmon.dll

+ 2010-06-22 00:33 . 2001-09-06 02:18 20864 c:\windows\system32\dllcache\cmbp0wdm.sys

+ 2010-06-22 00:33 . 2008-04-13 14:36 13952 c:\windows\system32\dllcache\cmbatt.sys

+ 2010-06-22 00:33 . 2001-08-18 00:57 45696 c:\windows\system32\dllcache\cirrus.sys

+ 2010-06-22 00:33 . 2001-09-06 02:49 91264 c:\windows\system32\dllcache\cirrus.dll

+ 2010-06-22 00:33 . 2008-04-13 22:20 15423 c:\windows\system32\dllcache\ch7xxnt5.dll

+ 2010-06-22 00:33 . 2001-09-06 02:15 49182 c:\windows\system32\dllcache\cem56n5.sys

+ 2010-06-22 00:33 . 2001-09-06 02:15 22044 c:\windows\system32\dllcache\cem33n5.sys

+ 2010-06-22 00:33 . 2001-09-06 02:15 22044 c:\windows\system32\dllcache\cem28n5.sys

+ 2010-06-22 00:33 . 2001-09-06 02:15 27164 c:\windows\system32\dllcache\ce3n5.sys

+ 2010-06-22 00:33 . 2001-09-06 02:15 21530 c:\windows\system32\dllcache\ce2n5.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 62976 c:\windows\system32\dllcache\cdrom.sys

+ 2008-04-13 21:20 . 2009-08-06 22:24 96480 c:\windows\system32\dllcache\cdm.dll

+ 2001-08-17 21:52 . 2001-10-28 17:06 18688 c:\windows\system32\dllcache\cdaudio.sys

+ 2001-10-28 17:06 . 2001-10-28 17:06 13952 c:\windows\system32\dllcache\cbidf2k.sys

+ 2010-06-22 00:33 . 2001-08-17 23:13 46108 c:\windows\system32\dllcache\cben5.sys

+ 2010-06-22 00:33 . 2001-08-17 23:12 39680 c:\windows\system32\dllcache\cb325.sys

+ 2010-06-22 00:33 . 2001-08-17 23:12 37916 c:\windows\system32\dllcache\cb102.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 74240 c:\windows\system32\dllcache\camexo20.dll

+ 2010-06-22 00:32 . 2008-04-13 14:46 18944 c:\windows\system32\dllcache\bthusb.sys

+ 2008-04-13 21:20 . 2008-04-13 22:20 30208 c:\windows\system32\dllcache\bthserv.dll

+ 2010-06-22 00:32 . 2008-04-13 14:46 36480 c:\windows\system32\dllcache\bthprint.sys

+ 2010-06-22 00:32 . 2008-04-13 14:46 37888 c:\windows\system32\dllcache\bthmodem.sys

+ 2010-06-22 00:32 . 2008-04-13 14:46 17024 c:\windows\system32\dllcache\bthenum.sys

+ 2008-04-13 21:20 . 2008-04-13 22:20 20992 c:\windows\system32\dllcache\bthci.dll

+ 2010-06-22 00:32 . 2001-08-17 23:11 31529 c:\windows\system32\dllcache\brzwlan.sys

+ 2010-06-22 00:32 . 2001-08-18 00:12 10368 c:\windows\system32\dllcache\brusbscn.sys

+ 2010-06-22 00:32 . 2001-08-18 00:12 11008 c:\windows\system32\dllcache\brusbmdm.sys

+ 2010-06-22 00:32 . 2001-08-18 00:12 60416 c:\windows\system32\dllcache\brserwdm.sys

+ 2010-06-22 00:32 . 2001-09-06 02:12 39680 c:\windows\system32\dllcache\brparwdm.sys

+ 2010-06-22 00:32 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\brmfusb.dll

+ 2010-06-22 00:32 . 2001-09-06 02:50 32256 c:\windows\system32\dllcache\brmfrsmg.exe

+ 2010-06-22 00:32 . 2001-09-06 02:50 29696 c:\windows\system32\dllcache\brmflpt.dll

+ 2010-06-22 00:32 . 2001-09-06 02:50 81920 c:\windows\system32\dllcache\brmfcwia.dll

+ 2010-06-22 00:32 . 2001-09-06 02:50 15360 c:\windows\system32\dllcache\brmfbidi.dll

+ 2010-06-22 00:32 . 2001-08-18 00:12 12160 c:\windows\system32\dllcache\brfiltlo.sys

+ 2010-06-22 00:32 . 2001-09-06 02:50 12800 c:\windows\system32\dllcache\brevif.dll

+ 2010-06-22 00:32 . 2001-09-06 02:50 19456 c:\windows\system32\dllcache\brbidiif.dll

+ 2008-04-13 11:46 . 2008-04-13 21:34 11776 c:\windows\system32\dllcache\bdasup.sys

+ 2010-06-22 00:32 . 2001-08-17 23:11 26568 c:\windows\system32\dllcache\bcm4e5.sys

+ 2010-06-22 00:32 . 2001-08-17 23:11 54271 c:\windows\system32\dllcache\bcm42xx5.sys

+ 2010-06-22 00:32 . 2001-08-17 23:11 66557 c:\windows\system32\dllcache\bcm42u.sys

+ 2010-06-22 00:32 . 2008-04-13 14:36 14208 c:\windows\system32\dllcache\battc.sys

+ 2010-06-22 00:32 . 2001-08-17 23:48 36128 c:\windows\system32\dllcache\banshee.sys

+ 2010-06-22 00:32 . 2001-09-06 02:09 97184 c:\windows\system32\dllcache\b57xp32.sys

+ 2010-06-22 00:32 . 2001-08-17 23:13 89952 c:\windows\system32\dllcache\b1cbase.sys

+ 2010-06-22 00:32 . 2001-08-17 23:19 36992 c:\windows\system32\dllcache\aztw2320.sys

+ 2010-06-22 00:32 . 2001-08-17 23:13 37568 c:\windows\system32\dllcache\avmwan.sys

+ 2010-06-22 00:32 . 2001-09-06 02:50 87552 c:\windows\system32\dllcache\avmcoxp.dll

+ 2010-06-22 00:32 . 2008-04-13 14:46 13696 c:\windows\system32\dllcache\avcstrm.sys

+ 2010-06-22 00:32 . 2001-08-18 01:01 36096 c:\windows\system32\dllcache\avcaudio.sys

+ 2010-06-22 00:32 . 2008-04-13 14:46 38912 c:\windows\system32\dllcache\avc.sys

+ 2010-06-22 00:32 . 2008-04-13 22:20 17279 c:\windows\system32\dllcache\atv10nt5.dll

+ 2010-06-22 00:32 . 2008-04-13 22:20 14143 c:\windows\system32\dllcache\atv06nt5.dll

+ 2010-06-22 00:32 . 2008-04-13 22:20 25471 c:\windows\system32\dllcache\atv04nt5.dll

+ 2010-06-22 00:32 . 2008-04-13 22:20 11359 c:\windows\system32\dllcache\atv02nt5.dll

+ 2010-06-22 00:32 . 2008-04-13 22:20 21183 c:\windows\system32\dllcache\atv01nt5.dll

+ 2010-06-22 00:32 . 2001-08-17 23:49 23552 c:\windows\system32\dllcache\atixbar.sys

+ 2010-06-22 00:32 . 2001-08-17 23:49 26624 c:\windows\system32\dllcache\ativxbar.sys

+ 2010-06-22 00:32 . 2001-08-17 23:49 19456 c:\windows\system32\dllcache\ativttxx.sys

+ 2010-06-22 00:32 . 2008-04-13 22:20 32768 c:\windows\system32\dllcache\ativtmxx.dll

+ 2010-06-22 00:32 . 2001-08-17 23:49 17152 c:\windows\system32\dllcache\atitvsnd.sys

+ 2010-06-22 00:32 . 2001-08-17 23:49 17152 c:\windows\system32\dllcache\atitunep.sys

+ 2010-06-22 00:32 . 2001-08-17 23:49 26880 c:\windows\system32\dllcache\atirtsnd.sys

+ 2010-06-22 00:32 . 2001-08-17 23:49 49920 c:\windows\system32\dllcache\atirtcap.sys

+ 2010-06-22 00:32 . 2001-09-06 02:08 70656 c:\windows\system32\dllcache\atiragem.sys

+ 2010-06-22 00:32 . 2001-08-17 23:49 10240 c:\windows\system32\dllcache\atipcxxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 63488 c:\windows\system32\dllcache\atinxsxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 31744 c:\windows\system32\dllcache\atinxbxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 73216 c:\windows\system32\dllcache\atintuxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 13824 c:\windows\system32\dllcache\atinttxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 28672 c:\windows\system32\dllcache\atinsnxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 52224 c:\windows\system32\dllcache\atinraxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 14336 c:\windows\system32\dllcache\atinpdxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 13824 c:\windows\system32\dllcache\atinmdxx.sys

+ 2010-06-22 00:32 . 2008-04-13 12:34 57856 c:\windows\system32\dllcache\atinbtxx.sys

+ 2010-06-22 00:32 . 2001-09-06 02:08 75264 c:\windows\system32\dllcache\atimpae.sys

+ 2010-06-22 00:32 . 2001-09-06 02:50 37376 c:\windows\system32\dllcache\atievxx.exe

+ 2010-06-22 00:32 . 2001-08-17 23:49 46464 c:\windows\system32\dllcache\atibt829.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 34735 c:\windows\system32\dllcache\ati1xsxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 29455 c:\windows\system32\dllcache\ati1xbxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 36463 c:\windows\system32\dllcache\ati1tuxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 21343 c:\windows\system32\dllcache\ati1ttxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 26367 c:\windows\system32\dllcache\ati1snxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 63663 c:\windows\system32\dllcache\ati1rvxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 30671 c:\windows\system32\dllcache\ati1raxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 12047 c:\windows\system32\dllcache\ati1pdxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 11615 c:\windows\system32\dllcache\ati1mdxx.sys

+ 2010-06-22 00:31 . 2008-04-13 12:34 56623 c:\windows\system32\dllcache\ati1btxx.sys

+ 2010-06-22 00:31 . 2001-09-06 02:08 77824 c:\windows\system32\dllcache\ati.sys

+ 2010-06-22 00:31 . 2001-09-06 02:49 96128 c:\windows\system32\dllcache\ati.dll

+ 2008-04-13 13:40 . 2008-04-13 13:40 96512 c:\windows\system32\dllcache\atapi.sys

+ 2010-06-22 00:31 . 2001-08-17 23:12 97354 c:\windows\system32\dllcache\aspndis3.sys

+ 2010-06-22 00:31 . 2001-08-18 00:51 14848 c:\windows\system32\dllcache\asc3550.sys

+ 2010-06-22 00:31 . 2001-08-18 00:52 22400 c:\windows\system32\dllcache\asc3350p.sys

+ 2010-06-22 00:31 . 2001-08-18 00:52 26496 c:\windows\system32\dllcache\asc.sys

+ 2008-04-13 11:51 . 2008-04-13 21:34 60800 c:\windows\system32\dllcache\arp1394.sys

+ 2010-06-22 00:31 . 2008-04-13 12:35 36224 c:\windows\system32\dllcache\an983.sys

+ 2010-06-22 00:31 . 2001-08-18 00:52 12032 c:\windows\system32\dllcache\amsint.sys

+ 2008-04-13 18:51 . 2008-04-13 21:34 41856 c:\windows\system32\dllcache\amdk7.sys

+ 2008-04-13 18:51 . 2008-04-13 21:34 41472 c:\windows\system32\dllcache\amdk6.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 43008 c:\windows\system32\dllcache\amdagp.sys

+ 2010-06-22 00:31 . 2001-08-17 23:11 16969 c:\windows\system32\dllcache\amb8002.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 42752 c:\windows\system32\dllcache\alim1541.sys

+ 2010-06-22 00:31 . 2001-08-18 00:49 26624 c:\windows\system32\dllcache\alifir.sys

+ 2010-06-22 00:31 . 2001-08-17 23:11 27678 c:\windows\system32\dllcache\ali5261.sys

+ 2010-06-22 00:31 . 2001-08-18 01:07 56960 c:\windows\system32\dllcache\aic78xx.sys

+ 2010-06-22 00:31 . 2001-08-18 01:07 55168 c:\windows\system32\dllcache\aic78u2.sys

+ 2010-06-22 00:31 . 2001-08-18 00:52 12800 c:\windows\system32\dllcache\aha154x.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 44928 c:\windows\system32\dllcache\agpcpq.sys

+ 2008-04-13 11:36 . 2008-04-13 21:34 42368 c:\windows\system32\dllcache\agp440.sys

+ 2010-06-22 00:31 . 2001-08-17 23:11 46112 c:\windows\system32\dllcache\adptsf50.sys

+ 2010-06-22 00:31 . 2008-04-13 12:36 10880 c:\windows\system32\dllcache\admjoy.sys

+ 2010-06-22 00:31 . 2001-08-17 23:11 20160 c:\windows\system32\dllcache\adm8511.sys

+ 2001-10-28 17:06 . 2001-10-28 17:06 11904 c:\windows\system32\dllcache\acpiec.sys

+ 2010-06-22 00:31 . 2001-09-06 02:50 61952 c:\windows\system32\dllcache\acerscad.dll

+ 2010-06-22 00:31 . 2008-04-13 12:36 84480 c:\windows\system32\dllcache\ac97via.sys

+ 2010-06-22 00:31 . 2001-08-17 23:20 96256 c:\windows\system32\dllcache\ac97intc.sys

+ 2010-06-22 00:31 . 2001-08-18 00:52 23552 c:\windows\system32\dllcache\abp480n5.sys

+ 2010-06-22 00:31 . 2001-09-06 02:50 98304 c:\windows\system32\dllcache\a3d.dll

+ 2010-06-22 00:31 . 2001-09-06 02:49 38400 c:\windows\system32\dllcache\8514a.dll

+ 2010-06-22 00:31 . 2008-04-13 14:46 48128 c:\windows\system32\dllcache\61883.sys

+ 2010-06-22 00:31 . 2008-04-13 14:40 12288 c:\windows\system32\dllcache\4mmdat.sys

+ 2010-06-22 00:31 . 2001-08-18 01:06 11264 c:\windows\system32\dllcache\1394vdbg.sys

+ 2010-06-22 00:31 . 2008-04-13 14:46 53376 c:\windows\system32\dllcache\1394bus.sys

+ 2001-09-05 23:49 . 2001-10-28 17:06 3200 c:\windows\system32\dllcache\wowfax.dll

+ 2010-06-22 00:41 . 2008-04-13 14:36 8832 c:\windows\system32\dllcache\wmiacpi.sys

+ 2008-04-13 13:40 . 2008-04-13 13:40 5376 c:\windows\system32\dllcache\viaide.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 7556 c:\windows\system32\dllcache\usroslba.sys

+ 2001-10-28 17:07 . 2001-10-28 17:07 4736 c:\windows\system32\dllcache\usbd.sys

+ 2001-09-05 23:50 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll

- 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll

+ 2010-06-22 00:40 . 2001-09-06 02:12 4992 c:\windows\system32\dllcache\toside.sys

+ 2010-06-22 00:40 . 2001-08-18 00:52 7040 c:\windows\system32\dllcache\tandqic.sys

+ 2008-04-13 11:39 . 2008-04-13 21:34 4352 c:\windows\system32\dllcache\swenum.sys

+ 2001-09-05 23:50 . 2001-10-28 17:06 8192 c:\windows\system32\dllcache\streamci.dll

+ 2009-12-20 05:19 . 2008-04-13 14:45 6272 c:\windows\system32\dllcache\splitter.sys

+ 2010-06-22 00:40 . 2001-08-18 00:56 7552 c:\windows\system32\dllcache\sonypvu1.sys

+ 2010-06-22 00:40 . 2001-08-18 00:53 9600 c:\windows\system32\dllcache\sonymc.sys

+ 2010-06-22 00:40 . 2008-04-13 14:40 7552 c:\windows\system32\dllcache\sonyait.sys

+ 2010-06-22 00:40 . 2001-08-18 00:53 7040 c:\windows\system32\dllcache\snyaitmc.sys

+ 2010-06-22 00:40 . 2001-08-18 00:57 6784 c:\windows\system32\dllcache\smbhc.sys

+ 2010-06-22 00:40 . 2008-04-13 14:36 6912 c:\windows\system32\dllcache\smbclass.sys

+ 2010-06-22 00:40 . 2008-04-13 14:36 5888 c:\windows\system32\dllcache\smbali.sys

+ 2010-06-22 00:39 . 2008-04-13 22:20 3901 c:\windows\system32\dllcache\siint5.dll

+ 2010-06-22 00:39 . 2001-09-06 02:27 6912 c:\windows\system32\dllcache\serscan.sys

+ 2010-06-22 00:39 . 2001-08-18 00:53 6912 c:\windows\system32\dllcache\seaddsmc.sys

+ 2010-06-22 00:39 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\rsmgrstr.dll

+ 2010-06-22 00:39 . 2001-08-17 23:19 3840 c:\windows\system32\dllcache\rpfun.sys

+ 2010-06-22 00:39 . 2001-08-18 00:53 3328 c:\windows\system32\dllcache\qv2kux.sys

+ 2010-06-22 00:39 . 2008-04-13 14:40 6016 c:\windows\system32\dllcache\qic157.sys

+ 2010-06-22 00:38 . 2001-09-06 02:50 5632 c:\windows\system32\dllcache\ptpusb.dll

+ 2010-06-22 00:38 . 2008-04-13 14:40 8832 c:\windows\system32\dllcache\powerfil.sys

+ 2010-06-22 00:38 . 2001-08-18 00:53 7168 c:\windows\system32\dllcache\pnrmc.sys

+ 2010-06-22 00:38 . 2001-08-18 01:07 5504 c:\windows\system32\dllcache\perc2hib.sys

+ 2001-10-28 17:07 . 2001-10-28 17:07 3456 c:\windows\system32\dllcache\pciide.sys

+ 2001-10-28 17:07 . 2001-10-28 17:07 3456 c:\windows\system32\dllcache\oprghdlr.sys

+ 2010-06-22 00:38 . 2001-08-18 00:53 7552 c:\windows\system32\dllcache\nsmmc.sys

+ 2010-06-22 00:37 . 2001-09-06 02:50 7168 c:\windows\system32\dllcache\mxport.dll

+ 2008-04-13 11:39 . 2008-04-13 21:34 4992 c:\windows\system32\dllcache\mspqm.sys

+ 2008-04-13 11:39 . 2008-04-13 21:34 5376 c:\windows\system32\dllcache\mspclock.sys

+ 2010-06-22 00:37 . 2001-08-18 01:00 2944 c:\windows\system32\dllcache\msmpu401.sys

+ 2008-04-13 11:39 . 2008-04-13 21:34 7552 c:\windows\system32\dllcache\mskssrv.sys

+ 2010-06-22 00:37 . 2001-08-18 00:48 6016 c:\windows\system32\dllcache\msfsio.sys

+ 2010-06-22 00:37 . 2001-08-18 00:52 6528 c:\windows\system32\dllcache\miniqic.sys

+ 2010-06-22 00:37 . 2001-08-18 00:58 8320 c:\windows\system32\dllcache\memcard.sys

+ 2010-06-22 00:37 . 2001-08-18 00:52 7424 c:\windows\system32\dllcache\mammoth.sys

+ 2010-06-22 00:36 . 2008-04-13 14:40 7040 c:\windows\system32\dllcache\ltotape.sys

+ 2010-06-22 00:36 . 2001-08-18 00:53 4992 c:\windows\system32\dllcache\loop.sys

+ 2009-12-20 05:19 . 2008-04-13 22:20 4096 c:\windows\system32\dllcache\ksuser.dll

+ 2001-08-18 06:36 . 2001-10-28 17:06 8192 c:\windows\system32\dllcache\kbdkor.dll

+ 2001-08-18 06:36 . 2001-10-28 17:06 8704 c:\windows\system32\dllcache\kbdjpn.dll

+ 2008-04-13 19:18 . 2008-04-13 21:34 6144 c:\windows\system32\dllcache\kbd106.dll

+ 2001-08-17 22:55 . 2001-10-28 17:06 5632 c:\windows\system32\dllcache\kbd103.dll

+ 2001-08-17 22:55 . 2001-10-28 17:06 6144 c:\windows\system32\dllcache\kbd101c.dll

+ 2001-08-17 22:55 . 2001-10-28 17:06 6144 c:\windows\system32\dllcache\kbd101b.dll

+ 2010-06-22 00:36 . 2008-04-13 21:57 5632 c:\windows\system32\dllcache\intelide.sys

+ 2010-06-22 00:35 . 2001-09-06 02:48 9728 c:\windows\system32\dllcache\ibmsgnet.dll

+ 2010-06-22 00:35 . 2008-04-13 14:41 8576 c:\windows\system32\dllcache\i2omgmt.sys

+ 2010-06-22 00:35 . 2001-09-06 02:50 9759 c:\windows\system32\dllcache\hsf_inst.dll

+ 2010-06-22 00:35 . 2001-08-18 00:52 5760 c:\windows\system32\dllcache\hpt4qic.sys

+ 2010-06-22 00:35 . 2001-08-18 01:02 8576 c:\windows\system32\dllcache\hidgame.sys

+ 2008-04-13 21:20 . 2008-04-13 21:20 7168 c:\windows\system32\dllcache\hccoin.dll

+ 2010-06-22 00:34 . 2001-08-18 00:52 7040 c:\windows\system32\dllcache\exabyte2.sys

+ 2010-06-22 00:34 . 2001-08-18 00:46 6400 c:\windows\system32\dllcache\enum1394.sys

+ 2010-06-22 00:34 . 2001-08-18 00:53 7296 c:\windows\system32\dllcache\elmsmc.sys

+ 2008-04-13 11:45 . 2008-04-13 21:34 2944 c:\windows\system32\dllcache\drmkaud.sys

+ 2010-06-22 00:34 . 2001-08-18 00:47 8704 c:\windows\system32\dllcache\dot4scan.sys

+ 2010-06-22 00:33 . 2008-04-13 14:40 8320 c:\windows\system32\dllcache\dlttape.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 6216 c:\windows\system32\dllcache\divaci.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 6729 c:\windows\system32\dllcache\disrvci.dll

+ 2010-06-22 00:33 . 2001-08-18 00:52 7424 c:\windows\system32\dllcache\ddsmc.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 3584 c:\windows\system32\dllcache\cwcosnt5.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 3072 c:\windows\system32\dllcache\cwbmidi.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 3072 c:\windows\system32\dllcache\cwbase.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 4096 c:\windows\system32\dllcache\ctwdm32.dll

+ 2010-06-22 00:33 . 2001-08-17 23:19 3712 c:\windows\system32\dllcache\ctljystk.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 6912 c:\windows\system32\dllcache\ctlfacem.sys

+ 2010-06-22 00:33 . 2001-09-06 02:18 6656 c:\windows\system32\dllcache\cmdide.sys

+ 2010-06-22 00:33 . 2008-04-13 14:41 8192 c:\windows\system32\dllcache\changer.sys

+ 2010-06-22 00:33 . 2001-08-18 00:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys

+ 2010-06-22 00:32 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\brserif.dll

+ 2010-06-22 00:32 . 2001-09-06 02:50 5120 c:\windows\system32\dllcache\brscnrsm.dll

+ 2010-06-22 00:32 . 2001-08-18 00:12 3168 c:\windows\system32\dllcache\brparimg.sys

+ 2010-06-22 00:32 . 2001-08-18 00:12 3968 c:\windows\system32\dllcache\brfiltup.sys

+ 2010-06-22 00:32 . 2001-08-18 00:12 2944 c:\windows\system32\dllcache\brfilt.sys

+ 2010-06-22 00:32 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\brcoinst.dll

+ 2009-12-20 01:48 . 2001-08-17 21:59 3072 c:\windows\system32\dllcache\audstub.sys

+ 2010-06-22 00:32 . 2001-08-17 23:49 9472 c:\windows\system32\dllcache\ativmdcd.sys

+ 2010-06-22 00:31 . 2001-08-18 00:47 6272 c:\windows\system32\dllcache\apmbatt.sys

+ 2010-06-22 00:31 . 2001-08-18 00:51 5248 c:\windows\system32\dllcache\aliide.sys

+ 2010-06-22 00:31 . 2008-04-13 22:20 3775 c:\windows\system32\dllcache\adv11nt5.dll

+ 2010-06-22 00:31 . 2008-04-13 22:20 3711 c:\windows\system32\dllcache\adv09nt5.dll

+ 2010-06-22 00:31 . 2008-04-13 22:20 3135 c:\windows\system32\dllcache\adv08nt5.dll

+ 2010-06-22 00:31 . 2008-04-13 22:20 3647 c:\windows\system32\dllcache\adv07nt5.dll

+ 2010-06-22 00:31 . 2008-04-13 22:20 3615 c:\windows\system32\dllcache\adv05nt5.dll

+ 2010-06-22 00:31 . 2008-04-13 22:20 3967 c:\windows\system32\dllcache\adv02nt5.dll

+ 2010-06-22 00:31 . 2008-04-13 22:20 4255 c:\windows\system32\dllcache\adv01nt5.dll

+ 2010-06-22 00:31 . 2001-08-18 00:53 7424 c:\windows\system32\dllcache\adicvls.sys

- 2001-10-28 17:07 . 2010-06-15 00:19 314644 c:\windows\system32\perfh009.dat

+ 2001-10-28 17:07 . 2010-06-19 15:21 314644 c:\windows\system32\perfh009.dat

+ 2010-06-11 20:43 . 2010-06-22 21:09 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe

- 2010-06-11 20:43 . 2010-06-11 21:29 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe

+ 2008-04-13 19:20 . 2008-04-13 21:34 483840 c:\windows\system32\dllcache\wzcsvc.dll

+ 2009-12-20 04:54 . 2009-08-06 22:24 209632 c:\windows\system32\dllcache\wuweb.dll

+ 2009-12-20 04:54 . 2009-08-06 22:24 327896 c:\windows\system32\dllcache\wucltui.dll

+ 2009-12-20 04:54 . 2009-08-06 22:23 575704 c:\windows\system32\dllcache\wuapi.dll

+ 2008-04-13 21:20 . 2008-04-13 21:20 108032 c:\windows\system32\dllcache\wshbth.dll

+ 2010-06-22 00:41 . 2008-04-13 12:35 154624 c:\windows\system32\dllcache\wlluc48.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 771581 c:\windows\system32\dllcache\winacisa.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 701386 c:\windows\system32\dllcache\wdhaalba.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 397502 c:\windows\system32\dllcache\vpctcom.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 604253 c:\windows\system32\dllcache\vmodem.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 687999 c:\windows\system32\dllcache\usrwdxjs.sys

+ 2001-09-05 23:50 . 2001-10-28 17:06 102457 c:\windows\system32\dllcache\usrv42a.dll

+ 2010-06-22 00:41 . 2001-08-18 00:28 765884 c:\windows\system32\dllcache\usrti.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 113762 c:\windows\system32\dllcache\usrpda.sys

+ 2001-09-05 23:50 . 2001-10-28 17:06 323641 c:\windows\system32\dllcache\usrdtea.dll

+ 2010-06-22 00:41 . 2001-08-18 00:28 224802 c:\windows\system32\dllcache\usr1807a.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 794399 c:\windows\system32\dllcache\usr1806v.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 793598 c:\windows\system32\dllcache\usr1806.sys

+ 2010-06-22 00:41 . 2001-08-18 00:28 794654 c:\windows\system32\dllcache\usr1801.sys

+ 2010-06-22 00:41 . 2008-04-13 14:46 121984 c:\windows\system32\dllcache\usbvideo.sys

+ 2008-04-13 13:45 . 2008-04-13 13:45 143872 c:\windows\system32\dllcache\usbport.sys

+ 2010-06-22 00:41 . 2001-09-06 02:50 212480 c:\windows\system32\dllcache\um54scan.dll

+ 2010-06-22 00:41 . 2001-09-06 02:50 216576 c:\windows\system32\dllcache\um34scan.dll

+ 2010-06-22 00:40 . 2001-08-17 23:51 166784 c:\windows\system32\dllcache\tridxpm.sys

+ 2010-06-22 00:40 . 2001-08-17 23:51 159232 c:\windows\system32\dllcache\tridkbm.sys

+ 2010-06-22 00:40 . 2001-09-06 02:49 440576 c:\windows\system32\dllcache\tridkb.dll

+ 2010-06-22 00:40 . 2001-08-17 23:51 222336 c:\windows\system32\dllcache\trid3dm.sys

+ 2010-06-22 00:40 . 2001-09-06 02:49 315520 c:\windows\system32\dllcache\trid3d.dll

+ 2010-06-22 00:40 . 2001-08-18 01:02 230912 c:\windows\system32\dllcache\tosdvd03.sys

+ 2010-06-22 00:40 . 2001-08-18 01:01 241664 c:\windows\system32\dllcache\tosdvd02.sys

+ 2010-06-22 00:40 . 2001-08-17 23:14 123995 c:\windows\system32\dllcache\tjisdn.sys

+ 2010-06-22 00:40 . 2001-08-17 23:51 138528 c:\windows\system32\dllcache\tgiulnt5.sys

+ 2010-06-22 00:40 . 2008-04-13 14:40 149376 c:\windows\system32\dllcache\tffsport.sys

+ 2010-06-22 00:40 . 2001-09-06 02:49 172768 c:\windows\system32\dllcache\t2r4disp.dll

+ 2010-06-22 00:40 . 2001-08-18 00:50 103936 c:\windows\system32\dllcache\sx.sys

+ 2010-06-22 00:40 . 2001-09-06 02:50 155648 c:\windows\system32\dllcache\stlnprop.dll

+ 2010-06-22 00:40 . 2001-09-06 02:06 286432 c:\windows\system32\dllcache\stlnata.sys

+ 2010-06-22 00:40 . 2001-09-06 02:50 106584 c:\windows\system32\dllcache\spdports.dll

+ 2010-06-22 00:40 . 2001-09-06 02:50 114688 c:\windows\system32\dllcache\sonypi.dll

+ 2010-06-22 00:40 . 2001-09-06 02:49 147200 c:\windows\system32\dllcache\smidispb.dll

+ 2010-06-22 00:40 . 2008-04-13 14:23 404990 c:\windows\system32\dllcache\slntamr.sys

+ 2010-06-22 00:40 . 2008-04-13 14:23 129535 c:\windows\system32\dllcache\slnt7554.sys

+ 2010-06-22 00:40 . 2008-04-13 22:20 188508 c:\windows\system32\dllcache\slgen.dll

+ 2010-06-22 00:40 . 2008-04-13 22:20 286792 c:\windows\system32\dllcache\slextspk.dll

+ 2010-06-22 00:39 . 2001-09-06 02:49 157696 c:\windows\system32\dllcache\sisv256.dll

+ 2010-06-22 00:39 . 2001-09-06 02:50 238592 c:\windows\system32\dllcache\sisgrv.dll

+ 2010-06-22 00:39 . 2001-08-17 23:50 104064 c:\windows\system32\dllcache\sisgrp.sys

+ 2010-06-22 00:39 . 2001-09-06 02:49 150144 c:\windows\system32\dllcache\sis6306v.dll

+ 2010-06-22 00:39 . 2001-09-06 02:49 252032 c:\windows\system32\dllcache\sis300iv.dll

+ 2010-06-22 00:39 . 2001-08-17 23:50 101760 c:\windows\system32\dllcache\sis300ip.sys

+ 2010-06-22 00:39 . 2001-09-06 02:28 161632 c:\windows\system32\dllcache\sgsmusb.sys

+ 2010-06-22 00:39 . 2001-09-06 02:49 386560 c:\windows\system32\dllcache\sgiul50.dll

+ 2010-06-22 00:39 . 2001-09-06 02:50 495616 c:\windows\system32\dllcache\sblfx.dll

+ 2010-06-22 00:39 . 2001-09-06 02:49 245632 c:\windows\system32\dllcache\s3savmx.dll

+ 2010-06-22 00:39 . 2001-09-06 02:49 198400 c:\windows\system32\dllcache\s3sav4.dll

+ 2010-06-22 00:39 . 2001-09-06 02:49 179264 c:\windows\system32\dllcache\s3sav3d.dll

+ 2010-06-22 00:39 . 2001-09-06 02:49 210496 c:\windows\system32\dllcache\s3mvirge.dll

+ 2010-06-22 00:39 . 2001-09-06 02:49 182272 c:\windows\system32\dllcache\s3mt3d.dll

+ 2010-06-22 00:39 . 2001-08-17 23:50 166720 c:\windows\system32\dllcache\s3m.sys

+ 2010-06-22 00:39 . 2008-04-13 12:34 166912 c:\windows\system32\dllcache\s3gnbm.sys

+ 2010-06-22 00:39 . 2008-04-13 22:20 397056 c:\windows\system32\dllcache\s3gnb.dll

+ 2009-12-20 04:51 . 2008-04-13 14:32 196224 c:\windows\system32\dllcache\rdpdr.sys

+ 2010-06-22 00:39 . 2001-09-06 02:22 715242 c:\windows\system32\dllcache\r2mdmkxx.sys

+ 2010-06-22 00:39 . 2001-09-06 02:22 899658 c:\windows\system32\dllcache\r2mdkxga.sys

+ 2010-06-22 00:38 . 2001-08-18 00:28 112574 c:\windows\system32\dllcache\ptserlp.sys

+ 2010-06-22 00:38 . 2001-08-18 00:28 128286 c:\windows\system32\dllcache\ptserli.sys

+ 2010-06-22 00:38 . 2008-04-13 22:20 159232 c:\windows\system32\dllcache\ptpusd.dll

+ 2008-04-13 19:20 . 2008-04-13 21:34 363520 c:\windows\system32\dllcache\psisdecd.dll

+ 2008-04-13 12:19 . 2008-04-13 21:34 146048 c:\windows\system32\dllcache\portcls.sys

+ 2010-06-22 00:38 . 2001-09-06 02:50 121344 c:\windows\system32\dllcache\phvfwext.dll

+ 2010-06-22 00:38 . 2001-08-18 01:04 173696 c:\windows\system32\dllcache\philcam2.sys

+ 2010-06-22 00:38 . 2008-04-13 22:19 259328 c:\windows\system32\dllcache\perm3dd.dll

+ 2010-06-22 00:38 . 2008-04-13 22:19 211584 c:\windows\system32\dllcache\perm2dll.dll

+ 2010-06-22 00:38 . 2008-04-13 12:12 169984 c:\windows\system32\dllcache\pcx500.sys

+ 2008-04-13 21:02 . 2008-04-13 21:02 120320 c:\windows\system32\dllcache\pcmcia.sys

+ 2001-09-05 23:50 . 2001-10-28 17:06 157696 c:\windows\system32\dllcache\paqsp.dll

+ 2010-06-22 00:38 . 2001-08-18 01:05 351616 c:\windows\system32\dllcache\ovcodek2.sys

+ 2010-06-22 00:38 . 2001-09-06 02:50 116736 c:\windows\system32\dllcache\ovcodec2.dll

+ 2010-06-22 00:38 . 2001-08-17 23:50 198144 c:\windows\system32\dllcache\nv3.sys

+ 2010-06-22 00:38 . 2001-09-06 02:49 123776 c:\windows\system32\dllcache\nv3.dll

+ 2010-06-22 00:38 . 2008-04-13 14:23 180360 c:\windows\system32\dllcache\ntmtlfax.sys

+ 2010-06-22 00:38 . 2001-08-17 23:20 126080 c:\windows\system32\dllcache\nm5a2wdm.sys

+ 2010-06-22 00:38 . 2008-04-13 21:59 132695 c:\windows\system32\dllcache\netwlan5.sys

+ 2010-06-22 00:37 . 2001-09-06 02:28 129024 c:\windows\system32\dllcache\n100325.sys

+ 2010-06-22 00:37 . 2001-08-17 23:50 103296 c:\windows\system32\dllcache\mtxvideo.sys

+ 2010-06-22 00:37 . 2008-04-13 12:34 452736 c:\windows\system32\dllcache\mtxparhm.sys

+ 2010-06-22 00:37 . 2008-04-13 14:23 126686 c:\windows\system32\dllcache\mtlmnt5.sys

- 2010-06-15 01:09 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys

+ 2008-04-13 14:17 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys

+ 2010-06-22 00:37 . 2001-09-06 02:18 320384 c:\windows\system32\dllcache\mgaum.sys

+ 2010-06-22 00:37 . 2001-09-06 02:49 235648 c:\windows\system32\dllcache\mgaud.dll

+ 2001-09-05 23:50 . 2001-10-28 17:06 147968 c:\windows\system32\dllcache\mdwmdmsp.dll

+ 2010-06-22 00:37 . 2001-09-06 02:15 165290 c:\windows\system32\dllcache\mdgndis5.sys

+ 2010-06-22 00:36 . 2001-08-18 00:28 802683 c:\windows\system32\dllcache\ltsm.sys

+ 2010-06-22 00:36 . 2008-04-13 22:00 422016 c:\windows\system32\dllcache\ltmdmntt.sys

+ 2010-06-22 00:36 . 2001-09-06 02:12 577226 c:\windows\system32\dllcache\ltmdmntl.sys

+ 2010-06-22 00:36 . 2008-04-13 22:00 607196 c:\windows\system32\dllcache\ltmdmnt.sys

+ 2010-06-22 00:36 . 2001-09-06 02:12 728298 c:\windows\system32\dllcache\ltck000c.sys

+ 2008-04-13 12:16 . 2008-04-13 21:34 141056 c:\windows\system32\dllcache\ks.sys

+ 2008-04-13 11:45 . 2008-04-13 21:34 172416 c:\windows\system32\dllcache\kmixer.sys

+ 2010-06-22 00:36 . 2008-04-13 22:20 254464 c:\windows\system32\dllcache\kdsusd.dll

+ 2010-06-22 00:36 . 2008-04-13 22:21 152576 c:\windows\system32\dllcache\irftp.exe

+ 2010-06-22 00:35 . 2001-08-18 01:06 100992 c:\windows\system32\dllcache\icam5usb.sys

+ 2010-06-22 00:35 . 2001-08-18 01:06 154496 c:\windows\system32\dllcache\icam4usb.sys

+ 2010-06-22 00:35 . 2001-08-18 01:05 141056 c:\windows\system32\dllcache\icam3.sys

+ 2010-06-22 00:35 . 2001-08-17 23:12 109085 c:\windows\system32\dllcache\ibmtrp.sys

+ 2010-06-22 00:35 . 2001-08-17 23:12 100936 c:\windows\system32\dllcache\ibmtok.sys

+ 2010-06-22 00:35 . 2008-04-13 12:34 161020 c:\windows\system32\dllcache\i81xnt5.sys

+ 2010-06-22 00:35 . 2008-04-13 22:20 702845 c:\windows\system32\dllcache\i81xdnt5.dll

+ 2010-06-22 00:35 . 2001-09-06 02:49 353184 c:\windows\system32\dllcache\i740dnt5.dll

+ 2008-04-13 13:53 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys

- 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys

+ 2010-06-22 00:35 . 2008-04-13 14:23 685056 c:\windows\system32\dllcache\hsfcxts2.sys

+ 2010-06-22 00:35 . 2008-04-13 14:23 220032 c:\windows\system32\dllcache\hsfbs2s2.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 488383 c:\windows\system32\dllcache\hsf_v124.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 542879 c:\windows\system32\dllcache\hsf_msft.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 391199 c:\windows\system32\dllcache\hsf_k56k.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 115807 c:\windows\system32\dllcache\hsf_fsks.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 199711 c:\windows\system32\dllcache\hsf_faxx.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 289887 c:\windows\system32\dllcache\hsf_fall.sys

+ 2010-06-22 00:35 . 2001-08-18 00:28 150239 c:\windows\system32\dllcache\hsf_amos.sys

+ 2010-06-22 00:35 . 2001-09-06 02:50 324608 c:\windows\system32\dllcache\hpojwia.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 165888 c:\windows\system32\dllcache\hpgt53.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 126976 c:\windows\system32\dllcache\hpgt34tk.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 101376 c:\windows\system32\dllcache\hpgt34.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 123392 c:\windows\system32\dllcache\hpgt21tk.dll

+ 2010-06-22 00:35 . 2001-09-06 02:50 119296 c:\windows\system32\dllcache\hpdigwia.dll

+ 2010-06-22 00:35 . 2001-09-06 02:23 907904 c:\windows\system32\dllcache\hcf_msft.sys

+ 2010-06-22 00:34 . 2001-09-06 02:21 322560 c:\windows\system32\dllcache\g400m.sys

+ 2010-06-22 00:34 . 2001-09-06 02:21 320512 c:\windows\system32\dllcache\g200m.sys

+ 2010-06-22 00:34 . 2001-09-06 02:49 470144 c:\windows\system32\dllcache\g200d.dll

+ 2010-06-22 00:34 . 2001-08-17 23:15 454912 c:\windows\system32\dllcache\fxusbase.sys

+ 2010-06-22 00:34 . 2001-08-17 23:15 455296 c:\windows\system32\dllcache\fusbbase.sys

+ 2010-06-22 00:34 . 2001-08-17 23:15 455680 c:\windows\system32\dllcache\fus2base.sys

+ 2001-10-28 17:06 . 2001-10-28 17:06 125824 c:\windows\system32\dllcache\ftdisk.sys

+ 2008-04-13 21:21 . 2008-04-13 21:21 193024 c:\windows\system32\dllcache\fsquirt.exe

+ 2010-06-22 00:34 . 2001-08-17 23:15 442240 c:\windows\system32\dllcache\fpnpbase.sys

+ 2010-06-22 00:34 . 2001-08-17 23:14 441728 c:\windows\system32\dllcache\fpcmbase.sys

+ 2010-06-22 00:34 . 2001-08-17 23:14 444416 c:\windows\system32\dllcache\fpcibase.sys

+ 2010-06-22 00:34 . 2008-04-13 12:36 137088 c:\windows\system32\dllcache\essm2e.sys

+ 2010-06-22 00:34 . 2001-09-06 02:17 347966 c:\windows\system32\dllcache\es56tpi.sys

+ 2010-06-22 00:34 . 2001-09-06 02:17 594654 c:\windows\system32\dllcache\es56hpi.sys

+ 2010-06-22 00:34 . 2001-09-06 02:17 596095 c:\windows\system32\dllcache\es56cvmp.sys

+ 2010-06-22 00:34 . 2001-08-17 23:19 174464 c:\windows\system32\dllcache\es198x.sys

+ 2010-06-22 00:34 . 2001-09-06 02:17 629952 c:\windows\system32\dllcache\eqn.sys

+ 2010-06-22 00:34 . 2001-08-18 00:50 114944 c:\windows\system32\dllcache\epstw2k.sys

+ 2010-06-22 00:34 . 2001-08-18 00:50 144896 c:\windows\system32\dllcache\epcfw2k.sys

+ 2010-06-22 00:34 . 2001-08-17 23:19 283904 c:\windows\system32\dllcache\emu10k1m.sys

+ 2010-06-22 00:34 . 2001-09-06 02:11 173056 c:\windows\system32\dllcache\el99xn51.sys

+ 2010-06-22 00:34 . 2001-09-06 02:11 455711 c:\windows\system32\dllcache\el985n51.sys

+ 2010-06-22 00:34 . 2001-09-06 02:11 153631 c:\windows\system32\dllcache\el90xnd5.sys

+ 2010-06-22 00:34 . 2001-09-06 02:11 241238 c:\windows\system32\dllcache\el656se5.sys

+ 2010-06-22 00:34 . 2001-09-06 02:11 634166 c:\windows\system32\dllcache\el656ct5.sys

+ 2010-06-22 00:34 . 2001-09-06 02:10 117760 c:\windows\system32\dllcache\e100b325.sys

+ 2010-06-22 00:34 . 2001-08-17 23:20 334208 c:\windows\system32\dllcache\ds1wdm.sys

+ 2010-06-22 00:34 . 2008-04-13 14:39 206976 c:\windows\system32\dllcache\dot4.sys

+ 2010-06-22 00:33 . 2001-08-17 23:14 952007 c:\windows\system32\dllcache\diwan.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 236060 c:\windows\system32\dllcache\ditrace.exe

+ 2010-06-22 00:33 . 2001-09-06 02:50 622621 c:\windows\system32\dllcache\digiview.exe

+ 2010-06-22 00:33 . 2001-09-06 02:50 110621 c:\windows\system32\dllcache\digirlpt.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 102484 c:\windows\system32\dllcache\digiinf.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 159828 c:\windows\system32\dllcache\digihlc.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 229462 c:\windows\system32\dllcache\digifwrk.dll

+ 2010-06-22 00:33 . 2001-09-06 02:04 103428 c:\windows\system32\dllcache\digidxb.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 131156 c:\windows\system32\dllcache\digidbp.dll

+ 2010-06-22 00:33 . 2001-08-17 23:13 164923 c:\windows\system32\dllcache\diapi2.sys

+ 2010-06-22 00:33 . 2001-09-06 02:50 421405 c:\windows\system32\dllcache\dgconfig.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 256512 c:\windows\system32\dllcache\devcon32.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 111104 c:\windows\system32\dllcache\dc260usd.dll

+ 2010-06-22 00:33 . 2001-08-18 00:52 179584 c:\windows\system32\dllcache\dac2w2k.sys

+ 2010-06-22 00:33 . 2001-09-06 02:25 117760 c:\windows\system32\dllcache\d100ib5.sys

+ 2010-06-22 00:33 . 2001-08-17 23:19 111872 c:\windows\system32\dllcache\cwcspud.sys

+ 2010-06-22 00:33 . 2008-04-13 22:20 251904 c:\windows\system32\dllcache\ctmasetp.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 175104 c:\windows\system32\dllcache\csamsp.dll

+ 2010-06-22 00:33 . 2001-08-18 00:57 248064 c:\windows\system32\dllcache\cl546xm.sys

+ 2010-06-22 00:33 . 2001-09-06 02:49 170880 c:\windows\system32\dllcache\cl546x.dll

+ 2010-06-22 00:33 . 2001-09-06 02:49 111232 c:\windows\system32\dllcache\cl5465.dll

+ 2001-09-05 23:17 . 2001-10-28 17:06 262528 c:\windows\system32\dllcache\cinemst2.sys

+ 2010-06-22 00:33 . 2001-09-06 02:17 272640 c:\windows\system32\dllcache\cinemclc.sys

+ 2010-06-22 00:33 . 2001-09-06 02:15 715210 c:\windows\system32\dllcache\cbmdmkxx.sys

+ 2010-06-22 00:33 . 2008-04-13 22:20 121856 c:\windows\system32\dllcache\camext30.dll

+ 2010-06-22 00:33 . 2001-09-06 02:50 236032 c:\windows\system32\dllcache\camext20.dll

+ 2010-06-22 00:33 . 2001-08-18 01:04 171264 c:\windows\system32\dllcache\camdrv30.sys

+ 2010-06-22 00:33 . 2001-08-18 01:04 223232 c:\windows\system32\dllcache\camdrv21.sys

+ 2010-06-22 00:33 . 2001-08-18 01:05 314752 c:\windows\system32\dllcache\camdro21.sys

+ 2008-04-13 20:53 . 2008-06-14 17:34 272384 c:\windows\system32\dllcache\bthport.sys

- 2010-06-15 01:06 . 2008-06-14 17:34 272384 c:\windows\system32\dllcache\bthport.sys

+ 2010-06-22 00:32 . 2008-04-13 14:51 101120 c:\windows\system32\dllcache\bthpan.sys

+ 2010-06-22 00:32 . 2001-09-06 02:50 102912 c:\windows\system32\dllcache\binlsvc.dll

+ 2010-06-22 00:32 . 2001-08-18 00:28 871388 c:\windows\system32\dllcache\bcmdm.sys

+ 2010-06-22 00:32 . 2001-09-06 02:49 342336 c:\windows\system32\dllcache\banshee.dll

+ 2010-06-22 00:32 . 2001-09-06 02:50 144384 c:\windows\system32\dllcache\avmenum.dll

+ 2010-06-22 00:32 . 2008-04-13 22:20 516768 c:\windows\system32\dllcache\ativvaxx.dll

+ 2010-06-22 00:32 . 2001-09-06 02:49 104832 c:\windows\system32\dllcache\atiraged.dll

+ 2010-06-22 00:32 . 2008-04-13 12:34 104960 c:\windows\system32\dllcache\atinrvxx.sys

+ 2010-06-22 00:32 . 2001-09-06 02:08 281600 c:\windows\system32\dllcache\atimtai.sys

+ 2010-06-22 00:32 . 2001-09-06 02:08 289792 c:\windows\system32\dllcache\atimpab.sys

+ 2010-06-22 00:32 . 2001-09-06 02:49 268160 c:\windows\system32\dllcache\atidvai.dll

+ 2010-06-22 00:32 . 2001-09-06 02:49 137216 c:\windows\system32\dllcache\atidrae.dll

+ 2010-06-22 00:32 . 2001-09-06 02:49 382592 c:\windows\system32\dllcache\atidrab.dll

+ 2010-06-22 00:31 . 2008-04-13 21:52 701440 c:\windows\system32\dllcache\ati2mtag.sys

+ 2010-06-22 00:31 . 2008-04-13 21:52 327040 c:\windows\system32\dllcache\ati2mtaa.sys

+ 2010-06-22 00:31 . 2008-04-13 22:20 201728 c:\windows\system32\dllcache\ati2dvag.dll

+ 2010-06-22 00:31 . 2008-04-13 22:20 377984 c:\windows\system32\dllcache\ati2dvaa.dll

+ 2010-06-22 00:31 . 2008-04-13 22:20 229376 c:\windows\system32\dllcache\ati2cqag.dll

+ 2008-04-13 09:39 . 2008-04-13 21:34 142592 c:\windows\system32\dllcache\aec.sys

+ 2010-06-22 00:31 . 2001-08-18 01:07 101888 c:\windows\system32\dllcache\adpu160m.sys

+ 2010-06-22 00:31 . 2001-08-17 23:19 747392 c:\windows\system32\dllcache\adm8830.sys

+ 2010-06-22 00:31 . 2001-08-17 23:19 553984 c:\windows\system32\dllcache\adm8820.sys

+ 2010-06-22 00:31 . 2001-08-17 23:19 584448 c:\windows\system32\dllcache\adm8810.sys

+ 2008-04-13 20:50 . 2008-04-13 20:50 188416 c:\windows\system32\dllcache\acpi.sys

+ 2010-06-22 00:31 . 2001-08-17 23:20 297728 c:\windows\system32\dllcache\ac97sis.sys

+ 2010-06-22 00:31 . 2008-04-13 12:36 231552 c:\windows\system32\dllcache\ac97ali.sys

+ 2010-06-22 00:31 . 2001-09-06 02:50 462848 c:\windows\system32\dllcache\a3dapi.dll

+ 2010-06-22 00:31 . 2001-08-17 23:48 148352 c:\windows\system32\dllcache\3dfxvsm.sys

+ 2010-06-22 00:31 . 2001-09-06 02:49 689216 c:\windows\system32\dllcache\3dfxvs.dll

+ 2010-06-22 00:31 . 2001-08-18 00:28 762780 c:\windows\system32\dllcache\3cwmcru.sys

- 2010-01-27 01:07 . 2010-06-11 21:29 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll

+ 2010-01-27 01:07 . 2010-06-22 21:09 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll

+ 2009-12-20 04:54 . 2009-08-06 22:23 1929952 c:\windows\system32\dllcache\wuaueng.dll

+ 2010-06-22 00:38 . 2008-04-13 12:34 1897408 c:\windows\system32\dllcache\nv4_mini.sys

+ 2010-06-22 00:38 . 2008-04-13 22:20 4274816 c:\windows\system32\dllcache\nv4_disp.dll

- 2010-06-15 00:54 . 2010-02-17 17:07 2194176 c:\windows\system32\dllcache\ntoskrnl.exe

+ 2008-04-13 21:01 . 2010-02-17 17:07 2194176 c:\windows\system32\dllcache\ntoskrnl.exe

+ 2008-04-13 19:00 . 2010-02-16 19:07 2071040 c:\windows\system32\dllcache\ntkrnlpa.exe

- 2009-02-10 22:07 . 2010-02-16 19:07 2071040 c:\windows\system32\dllcache\ntkrnlpa.exe

+ 2010-06-22 00:37 . 2008-04-13 22:20 1737856 c:\windows\system32\dllcache\mtxparhd.dll

+ 2010-06-22 00:37 . 2008-04-13 14:23 1309184 c:\windows\system32\dllcache\mtlstrm.sys

+ 2009-12-20 04:52 . 2009-06-10 12:21 2066432 c:\windows\system32\dllcache\lhmstscx.dll

+ 2010-06-22 00:35 . 2008-04-13 14:23 1041536 c:\windows\system32\dllcache\hsfdpsp2.sys

+ 2010-06-22 00:34 . 2001-09-06 02:49 1733120 c:\windows\system32\dllcache\g400d.dll

+ 2010-06-22 00:32 . 2008-04-13 22:20 1888992 c:\windows\system32\dllcache\ati3duag.dll

.

-- Snapshot resetado para data atual --

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\Douglas Nobre\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-12-23 135664]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]

"VisualTaskTips"="c:\arquivos de programas\VisualTaskTips\VisualTaskTips.exe" [2008-03-09 61440]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2006-08-03 53248]

"VTTrayp"="VTtrayp.exe" [2006-08-30 180224]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]

"egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]

"GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"NeroFilterCheck"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]

"DrvIcon"="c:\arquivos de programas\VistaDriveIcon\DrvIcon.exe" [2008-04-13 49152]

"SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

c:\documents and settings\Douglas Nobre\Menu Iniciar\Programas\Inicializar\

Blaero Start Orb.lnk - c:\arquivos de programas\Blaero Start Orb\Blaero Start Orb 2.0.exe [2006-7-30 521216]

Recorte de tela e Iniciador do OneNote 2007.lnk - c:\arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

Styler.lnk - c:\arquivos de programas\Styler\Styler.exe [2007-4-15 307200]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ \0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Arquivos de programas\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=

"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=

"c:\\WINDOWS\\system32\\ftp.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

 

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/5/2009 15:47 107256]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14/5/2009 15:49 94360]

R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [14/5/2009 15:47 731840]

S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28/12/2009 20:23 715248]

S3 D301bus;GW01 USB WMC Bus Driver (WDM);c:\windows\system32\drivers\D301bus.sys [8/5/2010 12:44 83328]

S3 D301mdfl;GW01 USB WMC Modem Filter;c:\windows\system32\drivers\D301mdfl.sys [8/5/2010 12:44 14976]

S3 D301mdm;GW01 USB WMC Modem Driver;c:\windows\system32\drivers\D301mdm.sys [8/5/2010 12:44 109824]

S3 D301mgmt;GW01 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\D301mgmt.sys [8/5/2010 12:45 103808]

S3 d301nd5;GW01 USB WMC Ethernet GW (NDIS);c:\windows\system32\drivers\d301nd5.sys [8/5/2010 12:45 24832]

S3 D301obex;GW01 USB WMC OBEX Interface;c:\windows\system32\drivers\D301obex.sys [8/5/2010 12:44 99840]

S3 d301unic;GW01 USB WMC Ethernet GW (WDM);c:\windows\system32\drivers\d301unic.sys [8/5/2010 12:45 105728]

S3 ddsxeiservice;ddsxeiservice2;c:\arquivos de programas\sXe Injected\ddsxei.sys [1/2/2010 20:48 93056]

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2010-06-13 c:\windows\Tasks\Advanced WindowsCare V2 Pro.job

- c:\arquivos de programas\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe [2009-12-21 20:49]

 

2010-06-22 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07]

.

.

------- Scan Suplementar -------

.

IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm

IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm

IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm

IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\Microsoft Office\Office12\EXCEL.EXE/3000

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-06-22 22:22

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

Tempo para conclusão: 2010-06-22 22:23:35

ComboFix-quarantined-files.txt 2010-06-23 01:23

ComboFix2.txt 2010-06-20 16:51

ComboFix3.txt 2010-06-19 15:12

ComboFix4.txt 2010-06-15 22:59

 

Pré-execução: 4.596.199.424 bytes disponíveis

Pós execução: 4.586.422.272 bytes disponíveis

 

- - End Of File - - 6A7198A5D999535A378038B937E9C1B0

 

 

Obrigado!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Xullippa

 

<@> Baixe: < SystemLook > ( ...by jpshortstuff )

<@> Salve-o no desktop.

<@> Execute SystemLook.exe e,no campo,cole estas informações:

 

:filefindsfcfiles.dll 

<@> Clique,à seguir,em Look --> Aguarde!

<@> Terminando,clique em Exit.

<@> Poste o relatório: SystemLook.txt <--

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite,

 

Segue Log:

 

 

SystemLook v1.0 by jpshortstuff (11.01.10)

Log created at 22:08 on 23/06/2010 by Douglas Nobre (Administrator - Elevation successful)

 

========== filefind ==========

 

Searching for "sfcfiles.dll "

C:\WINDOWS\system32\sfcfiles.dll --a--- 1571840 bytes [02:11 17/05/2008] [02:11 17/05/2008] 1D01C384F3BA123EB6F09769DEA005AC

 

-=End Of File=-

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Xullippa

 

<@> Abra o Malwarebytes! --> Clique em Ferramentas.

<@> Clique em Executar ferramenta. <-- File Assassin!

<@> Na janela Open e Examinar,busque o arquivo em destaque:

 

<!> c:\windows\system32\sfcfiles.dll <--

 

<@> Clique em Abrir.

<@> Na mensagem,clique em Sim! --> OK.

00000000000000000000000

<@> Descompacte sfcfiles.zip,para o C:\ --> c:\sfcfiles.dll <-- Caminho!

<@> Vá em Iniciar --> Executar --> Digite: cmd --> OK

<@> Ao abrir o prompt,digite: cd\ --> Aperte Enter.

<@> Á seguir,digite: C:\>expand -r sfcfiles.dl_ --> Aperte Enter.

00000000000000000000000

<@> Ps: Selecione e copie,esta informação que está no campo,para o Bloco de Notas.

<@> Salve-o,no Desktop,com o nome: CFScript.txt

 

FMove::c:\sfcfiles.dll | c:\windows\system32\sfcfiles.dll

<@> Ps: É recomendável que esteja desconectado,ao rodar o script.

<@> Ps: Desabilite,temporariamente,seu antivírus.

<@> Ps: Não utilizem este script em outra máquina!

<@> Arraste,o CFScript.txt para o ícone/interior do ComboFix.

<@> Veja a demonstração!

 

2872959479_997d4500c4_o.gif

 

<@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.

<@> Ps: Faça o arraste,até surgir essa solicitação! ( janela )

<@> Terminando,poste: C:\ComboFix.txt

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.