Renato Utsch 24 Denunciar post Postado Setembro 1, 2010 Olá! Por favor, delete o ComboFix.exe do desktop, baixe um novo e execute novamente o ComboFix. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
wrongdoer 0 Denunciar post Postado Setembro 1, 2010 Olá! Por favor, delete o ComboFix.exe do desktop, baixe um novo e execute novamente o ComboFix. Abraços :D Ola, Quando executei o combofix ele fez a atualização do programa, mesmo assim preciso baixar um novo? e onde eu acho o combofix para download? Ps.: não me lembro onde baixei da primeira vez Abraços Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Setembro 2, 2010 Download do ComboFix: post nº 17 Precisa deletar e baixar um novo sim, pois o ComboFix tem problemas para se atualizar... Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
wrongdoer 0 Denunciar post Postado Setembro 2, 2010 Download do ComboFix: post nº 17 Precisa deletar e baixar um novo sim, pois o ComboFix tem problemas para se atualizar... Abraços :D Baixei e executei o cambofix Novo Log ComboFix 10-09-01.04 - Administrador 02/09/2010 14:14:24.5.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.188 [GMT -3:00] Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} * Criado um novo ponto de restauração . ADS - drivers: deleted 204 bytes in 1 streams. (((((((((((((((( Arquivos/Ficheiros criados de 2010-08-02 to 2010-09-02 )))))))))))))))))))))))))))) . 2010-08-09 12:30 . 2010-05-25 13:25 -------- d-----w- C:\hijack 2010-08-06 12:56 . 2010-08-06 12:56 -------- d-----w- c:\arquivos de programas\FastStone Image Viewer 2010-08-04 11:54 . 2010-08-04 11:58 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\FileZilla . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-02 12:36 . 2008-06-26 18:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DVD Shrink 2010-08-05 20:02 . 2009-07-24 14:44 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2010-08-05 19:56 . 2010-01-22 12:17 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2010-08-02 17:38 . 2010-08-02 17:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Alwil Software 2010-08-02 17:38 . 2009-11-12 10:56 -------- d-----w- c:\arquivos de programas\Alwil Software 2010-06-28 20:57 . 2010-08-02 17:40 38848 ----a-w- c:\windows\avastSS.scr 2010-06-28 20:57 . 2010-08-02 17:39 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-06-28 20:39 . 2010-08-02 17:43 312912 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2010-06-28 20:37 . 2010-08-02 17:43 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-06-28 20:37 . 2010-08-02 17:43 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-06-28 20:33 . 2009-11-12 10:57 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-06-28 20:32 . 2009-11-12 10:57 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-06-28 20:32 . 2009-11-12 10:57 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-06-28 20:32 . 2010-08-02 17:43 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-06-28 20:32 . 2009-11-12 10:57 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2004-10-01 18:00 . 2010-05-13 11:18 40960 ----a-w- c:\arquivos de programas\Uninstall_CDS.exe 2008-05-05 18:08 . 2008-05-05 18:02 848 --sha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( SnapShot@2010-05-27_17.28.19 ))))))))))))))))))))))))))))))))))))))))) . + 2010-06-02 11:13 . 2010-06-02 11:13 16384 c:\windows\Temp\Perflib_Perfdata_9cc.dat . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell] @="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}" [HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}] 2010-06-28 20:59 153184 ----a-w- c:\arquivos de programas\Alwil Software\Avast5\snxPlugins.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-10-23 90112] "NeroFilterCheck"="c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040] "GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Nokia FastStart"="c:\arquivos de programas\Nokia\Nokia Music\NokiaMusic.exe" [2008-12-03 2372840] "HP Software Update"="c:\arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152] "Document2PDF virtual printer agent"="c:\arquivos de programas\Document2PDF Sample\d2pdfagent.exe" [2010-01-28 94208] "QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2010-03-18 421888] "avast5"="c:\arquiv~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\ Adobe Gamma.lnk - c:\arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\ HP Digital Imaging Monitor.lnk - c:\arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb] 2010-05-26 13:47 335136 ----a-w- c:\arquivos de programas\GbPlugin\gbieh.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"= "c:\\Arquivos de programas\\SmartFTP Client\\SmartFTP.exe"= "c:\arquivos de programas\Microsoft ActiveSync\rapimgr.exe"= c:\arquivos de programas\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\arquivos de programas\Microsoft ActiveSync\wcescomm.exe"= c:\arquivos de programas\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\arquivos de programas\Microsoft ActiveSync\WCESMgr.exe"= c:\arquivos de programas\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Arquivos de programas\\ADPHONE3\\ADPHONE.exe"= "c:\\Arquivos de programas\\EasyPHP\\mysql\\bin\\mysqld-nt.exe"= "c:\\Arquivos de programas\\EasyPHP\\apache\\Apache.exe"= "c:\\Arquivos de programas\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "c:\\Arquivos de programas\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"= "c:\\Arquivos de programas\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"= "c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"= "c:\\Arquivos de programas\\Ares\\Ares.exe"= "c:\\Arquivos de programas\\Ipswitch\\WS_FTP 12\\wsftpgui.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [20/8/2009 10:48 45472] R0 szkg5;szkg;c:\windows\system32\drivers\SZKG.sys [12/5/2009 14:13 61328] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/8/2010 14:43 312912] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/8/2010 14:43 165456] R1 d8a4fef9-85c1-448f-a6f9-2570fb195020;d8a4fef9-85c1-448f-a6f9-2570fb195020;c:\windows\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys [16/5/2010 09:22 3584] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/8/2010 14:43 17744] R2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [20/8/2009 10:48 55072] R2 IS360service;IS360service;c:\arquivos de programas\IObit\IObit Security 360\is360srv.exe [22/1/2010 08:45 311568] R2 MailList Controller;MailList Controller;c:\arquivos de programas\Arclab\MailList Controller\amlcSVC.exe [11/11/2009 16:52 1585152] S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [30/12/2009 15:47 135664] S2 s;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [20/8/2009 10:48 55072] S2 TwonkyMedia;TwonkyMedia;c:\arquivos de programas\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\arquivos de programas\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?] S3 cpuz129;cpuz129;\??\c:\docume~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys --> c:\docume~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys [?] S3 NitroPCSrv;NitroPC Service;c:\arquivos de programas\NitroPC\NitroPCService.exe [29/5/2009 23:29 847376] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/1/2009 15:05 717296] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Conteúdo da pasta 'Tarefas Agendadas' 2010-05-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34] 2010-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-30 18:47] 2010-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-30 18:47] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.uol.com.br/ mStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Save Flash - c:\arquivos de programas\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 IE: Save YouTube Video - c:\arquivos de programas\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217 IE: Sothink SWF Catcher - c:\arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htm DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab FF - ProfilePath - c:\documents and settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\wjav1kz9.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.uol.com.br FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - component: c:\arquivos de programas\Google\Google Gears\Firefox\lib\ff35\gears.dll FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npybrowserplus_2.4.17.dll FF - plugin: c:\browserplusplugins\054b6841520a59bc7df387c379b16986\npybrowserplus_2.9.8.dll FF - plugin: c:\documents and settings\Administrador\Dados de aplicativos\Mozilla\plugins\npPxPlay.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-09-02 14:30 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_USERS\S-1-5-21-1292428093-329068152-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{19753715-5CA6-E81A-F585-35AE9F7B75DD}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iaegkndhbppjofonfa"=hex:6b,61,69,68,61,65,6f,6d,70,68,68,70,62,66,6b,6c,6c,69, 68,6e,67,6a,00,00 "haodplmmbokgnlim"=hex:6b,61,69,68,61,65,6f,6d,70,68,68,70,62,66,6b,6c,6c,69, 68,6e,67,6a,00,00 . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(688) c:\arquivos de programas\GbPlugin\gbieh.dll - - - - - - - > 'explorer.exe'(964) c:\windows\system32\WININET.dll c:\windows\system32\msi.dll c:\arquivos de programas\GbPlugin\gbieh.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Tempo para conclusão: 2010-09-02 14:39:48 ComboFix-quarantined-files.txt 2010-09-02 17:39 ComboFix2.txt 2010-05-31 11:47 ComboFix3.txt 2010-05-27 17:36 Pré-execução: 31 pasta(s) 56.422.703.104 bytes disponíveis Pós execução: 32 pasta(s) 56.410.132.480 bytes disponíveis - - End Of File - - F9166B9D075DE8280C3366753169355A Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Setembro 3, 2010 Olá! Por favor, siga o tutorial abaixo e execute o Kaspersky Removal Tool: Tutorial do Kaspersky Virus Removal Tool Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
wrongdoer 0 Denunciar post Postado Setembro 28, 2010 Olá! Por favor, siga o tutorial abaixo e execute o Kaspersky Removal Tool: Tutorial do Kaspersky Virus Removal Tool Abraços :D Cara desculpa a demora pra responder, que sufoco pra conseguir fazer esse scan, enfim, do que escaneou consegui copiar para o bloco de notas foi isso: Autoscan: malfunction (events: 1, objects: 0, time: Unknown) Autoscan: completed 14880 days ago (events: 5, objects: 1718101, time: 23:17:41) 22/9/2010 18:19:09 Task started 22/9/2010 18:28:10 Processing error C:\Arquivos de programas\Adobe\Adobe Help Center\AdobeHelpData\Cache\Photoshop\9.0\pt_BR\binary\page\la_15.png Read error 23/9/2010 02:37:47 Detected: Trojan.Win32.Swisyn.alpw C:\Documents and Settings\Administrador\Desktop\organizar\PROGRAMAS\HERITAGE.rar/HERITAGE/keygen/KeyGen.exe 23/9/2010 08:09:05 Deleted: Trojan.Win32.Swisyn.alpw C:\Documents and Settings\Administrador\Desktop\organizar\PROGRAMAS\HERITAGE.rar 23/9/2010 17:36:52 Task completed ______________________________________________________________ Cara quando eu tento copiar tudo para o bloco de notas, trava o pc ai num va de jeito nenhum, mas estive olhando e o resto está tudo com um "OK" Obrigado Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Outubro 23, 2010 Olá! Desculpe-me pela extrema demora para responder. Tivemos um problema interno com seu tópico. Caso ainda quiser continuar com seu tópico, por favor poste um novo log do DDS. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
wrongdoer 0 Denunciar post Postado Outubro 26, 2010 Olá! Desculpe-me pela extrema demora para responder. Tivemos um problema interno com seu tópico. Caso ainda quiser continuar com seu tópico, por favor poste um novo log do DDS. Abraços :D DDS DDS (Ver_10-10-21.02) - NTFSx86 Run by Administrador at 11:23:15,79 on ter 26/10/2010 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.55 [GMT -2:00] AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\ARQUIV~1\GbPlugin\GbpSv.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe C:\Arquivos de programas\Document2PDF Sample\d2pdfagent.exe C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe C:\Arquivos de programas\Microsoft ActiveSync\wcescomm.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe C:\ARQUIV~1\MI3AA1~1\rapimgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Arquivos de programas\borland\interbase\bin\ibguard.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe c:\arquivos de programas\arclab\maillist controller\amlcSVC.exe c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe C:\Arquivos de programas\Photodex\ProShowGold\ScsiAccess.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Arquivos de programas\Arquivos comuns\Ulead Systems\DVD\ULCDRSvr.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe C:\Arquivos de programas\borland\interbase\bin\ibserver.exe C:\WINDOWS\System32\alg.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe C:\Arquivos de programas\GlobalSCAPE\CuteFTP 8 Professional\cuteftppro.exe C:\Arquivos de programas\GlobalSCAPE\CuteFTP 8 Professional\ftpte.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\ARQUIV~1\Adobe\ADOBEF~2\Flash.exe C:\Arquivos de programas\Macromedia\Dreamweaver MX\Dreamweaver.exe C:\Documents and Settings\Administrador\Desktop\dds.scr C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.uol.com.br/ mStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com uSearchURL,(Default) = hxxp://www.google.com/keyword/%s BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\arquivos de programas\hp\smart web printing\hpswp_printenhancer.dll BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\arquivos de programas\hp\smart web printing\hpswp_framework.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquivos de programas\microsoft office\office12\GrooveShellExtensions.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - c:\arquivos de programas\gbplugin\gbieh.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\arquivos de programas\google\google gears\internet explorer\0.5.36.0\gears.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: IEButton Class: {f81d52bf-f2f1-4f49-bf5f-05664e803039} - c:\arquivos de programas\unh solutions\flash saving plugin\FlashSButton.dll TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\arquivos de programas\arquivos comuns\ahead\lib\NMBgMonitor.exe" uRun: [H/PC Connection Agent] "c:\arquivos de programas\microsoft activesync\wcescomm.exe" uRun: [msnmsgr] "c:\arquivos de programas\windows live\messenger\msnmsgr.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [soundMan] SOUNDMAN.EXE mRun: [NeroFilterCheck] c:\arquivos de programas\arquivos comuns\ahead\lib\NeroCheck.exe mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [sunJavaUpdateSched] "c:\arquivos de programas\arquivos comuns\java\java update\jusched.exe" mRun: [GrooveMonitor] "c:\arquivos de programas\microsoft office\office12\GrooveMonitor.exe" mRun: [HP Software Update] c:\arquivos de programas\hp\hp software update\HPWuSchd2.exe mRun: [Document2PDF virtual printer agent] "c:\arquivos de programas\document2pdf sample\d2pdfagent.exe" mRun: [uVS10 Preload] c:\arquivos de programas\ulead systems\ulead videostudio 10\uvPL.exe mRun: [samsung PanelMgr] c:\windows\samsung\panelmgr\ssmmgr.exe /autorun mRun: [QuickTime Task] "c:\arquivos de programas\quicktime\QTTask.exe" -atboottime mRun: [avast5] "c:\arquivos de programas\alwil software\avast5\avastUI.exe" /nogui dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\admini~1\menuin~1\progra~1\inicia~1\adobeg~1.lnk - c:\arquivos de programas\arquivos comuns\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\hpdigi~1.lnk - c:\arquivos de programas\hp\digital imaging\bin\hpqtra08.exe IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000 IE: Save Flash - c:\arquivos de programas\unh solutions\flash saving plugin\FlashSButton.dll/210 IE: Save YouTube Video - c:\arquivos de programas\unh solutions\flash saving plugin\FlashSButton.dll/217 IE: Sothink SWF Catcher - c:\arquivos de programas\arquivos comuns\sourcetec\swf catcher\InternetExplorer.htm IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\arquivos de programas\arquivos comuns\sourcetec\swf catcher\InternetExplorer.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\arquivos de programas\google\google gears\internet explorer\0.5.36.0\gears.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\arquiv~1\mi3aa1~1\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\arquiv~1\mi3aa1~1\INetRepl.dll IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\arquivos de programas\hp\smart web printing\hpswp_extensions.dll IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\arquivos de programas\hp\smart web printing\hpswp_extensions.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1210096320078 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquivos de programas\microsoft office\office12\GrooveSystemServices.dll Notify: GbPluginBb - c:\arquivos de programas\gbplugin\gbieh.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquivos de programas\microsoft office\office12\GrooveShellExtensions.dll SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - c:\arquivos de programas\gbplugin\gbieh.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\admini~1\dadosd~1\mozilla\firefox\profiles\wjav1kz9.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.uol.com.br FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - component: c:\arquivos de programas\google\google gears\firefox\lib\ff36\gears.dll FF - component: c:\arquivos de programas\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\arquivos de programas\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\arquivos de programas\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\arquivos de programas\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\arquivos de programas\mozilla firefox\plugins\npybrowserplus_2.4.17.dll FF - plugin: c:\browserplusplugins\054b6841520a59bc7df387c379b16986\npybrowserplus_2.9.8.dll FF - plugin: c:\documents and settings\administrador\dados de aplicativos\mozilla\plugins\npPxPlay.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); ============= SERVICES / DRIVERS =============== R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2009-8-20 45472] R0 szkg5;szkg;c:\windows\system32\drivers\SZKG.sys [2009-5-12 61328] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-20 165584] R1 d8a4fef9-85c1-448f-a6f9-2570fb195020;d8a4fef9-85c1-448f-a6f9-2570fb195020;c:\windows\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys [2010-5-16 3584] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-20 17744] R2 avast! Antivirus;avast! Antivirus;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-20 40384] R2 GbpSv;Gbp Service;c:\arquiv~1\gbplugin\GbpSv.exe [2009-8-20 55072] R2 MailList Controller;MailList Controller;c:\arquivos de programas\arclab\maillist controller\amlcSVC.exe [2009-11-11 1585152] R3 avast! Mail Scanner;avast! Mail Scanner;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-20 40384] R3 avast! Web Scanner;avast! Web Scanner;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-20 40384] S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\google\update\GoogleUpdate.exe [2009-12-30 135664] S2 s;Gbp Service;c:\arquiv~1\gbplugin\GbpSv.exe [2009-8-20 55072] S3 cpuz129;cpuz129;\??\c:\docume~1\admini~1\config~1\temp\cpuz_x32.sys --> c:\docume~1\admini~1\config~1\temp\cpuz_x32.sys [?] =============== Created Last 30 ================ 2010-10-25 12:15:50 -------- d-----w- c:\arquivos de programas\Ipswitch 2010-10-21 19:15:09 -------- d-----w- c:\docume~1\admini~1\dadosd~1\AnvSoft 2010-10-21 19:15:03 -------- d-----w- c:\arquivos de programas\AnvSoft 2010-10-20 19:20:04 38848 ----a-w- c:\windows\avastSS.scr 2010-10-20 11:49:18 162320 ----a-w- c:\arquivos de programas\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll 2010-10-14 12:38:55 719832 ----a-w- c:\arquivos de programas\mozilla firefox\mozcpp19.dll 2010-10-14 12:38:55 16856 ----a-w- c:\arquivos de programas\mozilla firefox\plugin-container.exe 2010-10-11 17:18:29 -------- d-----w- c:\arquivos de programas\DVD Shrink ==================== Find3M ==================== 2010-10-26 10:59:29 2568 --sha-w- c:\docume~1\alluse~1\dadosd~1\KGyGaAvL.sys 2010-09-08 14:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-09-08 14:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts 2004-10-01 18:00:16 40960 ----a-w- c:\arquivos de programas\Uninstall_CDS.exe ============= FINISH: 11:24:38,68 =============== _______________________________________________________________________________________________________ ATTACH UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-10-21.02) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 5/5/2008 14:38:21 System Uptime: 26/10/2010 08:01:19 (3 hours ago) Motherboard: | | K8M800-M2 Processor: AMD Sempron Processor 2600+ | Socket 940 | 1599/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 466 GiB total, 30,52 GiB free. D: is CDROM () F: is FIXED (NTFS) - 932 GiB total, 411,665 GiB free. ==== Disabled Device Manager Items ============= Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia N95 8GB Device ID: ROOT\WPD\0000 Manufacturer: Nokia Name: Nokia N95 8GB PNP Device ID: ROOT\WPD\0000 Service: WUDFRd ==== System Restore Points =================== RP624: 30/7/2010 15:16:36 - Ponto de verificação do sistema RP625: 2/5/2010 09:38:16 - Ponto de verificação do sistema RP626: 2/8/2010 14:27:07 - avast! Pro Antivirus Setup RP627: 2/8/2010 14:27:26 - avast! Pro Antivirus Setup RP628: 2/8/2010 14:38:43 - avast! Pro Antivirus Setup RP629: 3/8/2010 15:01:55 - Ponto de verificação do sistema RP630: 6/8/2010 10:35:41 - Ponto de verificação do sistema RP631: 9/8/2010 12:37:56 - Ponto de verificação do sistema RP632: 10/5/2010 12:18:16 - Ponto de verificação do sistema RP633: 11/5/2010 12:19:02 - Ponto de verificação do sistema RP634: 12/5/2010 11:31:07 - Installed Sony DVD Architect 3.0c RP635: 12/5/2010 15:12:08 - Software Distribution Service 3.0 RP636: 13/5/2010 15:37:07 - Ponto de verificação do sistema RP637: 15/5/2010 12:17:07 - Ponto de verificação do sistema RP638: 16/5/2010 13:11:38 - Ponto de verificação do sistema RP639: 17/5/2010 13:16:57 - Ponto de verificação do sistema RP640: 18/5/2010 13:30:57 - Ponto de verificação do sistema RP641: 20/5/2010 10:57:01 - Ponto de verificação do sistema RP642: 23/5/2010 09:05:23 - Installed WS_FTP RP643: 24/8/2010 16:27:21 - Ponto de verificação do sistema RP644: 27/5/2010 15:09:12 - Ponto de verificação do sistema RP645: 2/9/2010 14:10:49 - ComboFix created restore point RP646: 6/8/2010 08:34:52 - Ponto de verificação do sistema RP647: 8/8/2010 11:19:24 - Installed Ulead VideoStudio RP648: 8/8/2010 11:21:55 - Installed QuickTime RP649: 13/5/2010 09:46:05 - Ponto de verificação do sistema RP650: 17/5/2010 08:32:58 - Ponto de verificação do sistema RP651: 20/5/2010 08:29:43 - Ponto de verificação do sistema RP652: 22/9/2010 11:15:18 - Software Distribution Service 3.0 RP653: 23/9/2010 17:49:35 - Driver de impressão Samsung SCX-4200 Series instalado RP654: 23/9/2010 17:51:23 - Installed Application RP655: 23/9/2010 17:53:38 - Instalado SmarThru 4 RP656: 23/9/2010 17:54:42 - Instalado Ponto de Restauração do InstallShield RP657: 24/9/2010 08:50:33 - Removed Nokia Connectivity Cable Driver RP658: 24/9/2010 08:57:14 - Nokia Music removido. RP659: 24/9/2010 09:03:23 - Removido Nokia Home Media Server RP660: 24/9/2010 09:05:02 - Removed Nokia Map Loader. RP661: 24/9/2010 09:06:41 - Nokia Ovi Suite removido. RP662: 24/9/2010 10:23:38 - Removido Adobe Photoshop CS2 RP663: 28/5/2010 10:11:05 - Instalado Adobe Photoshop CS2 RP664: 28/9/2010 10:53:37 - Instalado Adobe Photoshop RP665: 11/10/2010 14:52:07 - Removed SmartFTP Client RP666: 11/10/2010 14:55:12 - Removido Ponto de Restauração do InstallShield RP667: 13/10/2010 11:16:16 - Removed Apple Application Support RP668: 14/10/2010 09:31:20 - Software Distribution Service 3.0 RP669: 15/10/2010 11:25:11 - Removido Adobe Photoshop CS2 RP670: 15/10/2010 11:37:47 - Instalado Adobe Photoshop CS2 RP671: 15/10/2010 11:56:46 - Removido Adobe Photoshop CS2 RP672: 15/10/2010 14:54:00 - Instalado Adobe Photoshop CS2 RP673: 15/10/2010 16:34:45 - Removed Adobe Bridge 1.0 RP674: 15/10/2010 16:36:33 - Installed Adobe Bridge 1.0 RP675: 15/10/2010 17:53:38 - Operação de restauração RP676: 18/10/2010 08:43:04 - Removido Adobe Photoshop CS2 RP677: 18/10/2007 09:25:44 - Instalado Adobe Photoshop CS2 RP678: 18/10/2010 10:03:27 - Instalado Adobe Photoshop RP679: 18/10/2010 10:07:51 - Removed Adobe Bridge 1.0 RP680: 18/10/2010 10:09:58 - Installed Adobe Bridge 1.0 RP681: 18/10/2010 10:12:14 - Installed AUM405Patch RP682: 18/10/2010 11:29:30 - Revo Uninstaller's restore point - Adobe Photoshop CS2 RP683: 18/10/2010 11:33:02 - Removido Adobe Photoshop CS2 RP684: 18/10/2010 11:53:06 - Instalado Adobe Photoshop CS2 RP685: 20/10/2010 08:35:58 - Revo Uninstaller's restore point - avast! Pro Antivirus RP686: 20/10/2010 08:36:25 - avast! Internet Security Setup RP687: 20/10/2010 08:57:33 - avast! Pro Antivirus Setup RP688: 20/10/2010 09:03:01 - Revo Uninstaller's restore point - aTube Catcher RP689: 20/10/2010 09:05:22 - Revo Uninstaller's restore point - STOPzilla RP690: 20/10/2010 09:16:27 - Revo Uninstaller's restore point - avast! Pro Antivirus RP691: 20/10/2010 09:16:51 - avast! Internet Security Setup RP692: 20/10/2010 09:46:35 - Kaspersky Anti-Virus 2010 instalado. RP693: 20/10/2010 16:40:01 - Revo Uninstaller's restore point - Kaspersky Anti-Virus 2010 RP694: 20/10/2010 16:43:54 - Kaspersky Anti-Virus 2010 removido. RP695: 20/10/2010 17:19:32 - avast! Free Antivirus Setup RP696: 28/5/2010 10:43:59 - Ponto de verificação do sistema RP697: 22/10/2010 12:20:53 - Ponto de verificação do sistema RP698: 25/10/2010 08:13:48 - Ponto de verificação do sistema RP699: 25/10/2010 09:00:45 - Revo Uninstaller's restore point - Ipswitch WS_FTP 12 RP700: 25/10/2010 09:01:11 - Removed WS_FTP RP701: 25/10/2010 09:03:33 - Revo Uninstaller's restore point - Ipswitch WS_FTP 12 RP702: 25/10/2010 10:14:47 - Installed WS_FTP RP703: 26/10/2010 08:36:09 - Revo Uninstaller's restore point - Ipswitch WS_FTP 12 RP704: 26/10/2010 08:36:45 - Removed WS_FTP ==== Installed Programs ====================== #1 DVD Ripper 8.1.1 Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge 1.0 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Common File Installer Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash CS3 Adobe Flash CS3 Professional Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Flash Player 9 ActiveX Adobe Flash Video Encoder Adobe Fonts All Adobe Help Center 1.0 Adobe Help Viewer CS3 Adobe Illustrator CS2 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe PageMaker 7.0 Adobe PDF Library Files Adobe Photoshop CS2 Adobe Reader 8.1.4 - Português Adobe Setup Adobe SING CS3 Adobe Stock Photos 1.0 Adobe Stock Photos CS3 Adobe SVG Viewer 3.0 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 ADPHONE3 Advanced SystemCare 3 AiO_Scan Any Video Converter 3.0.7 Apple Application Support Apple Software Update Ares 2.1.6 Arquivo do WinRAR Assistente de Conexão do Windows Live Atualização de Segurança para o Windows Media Player (KB952069) Atualização de Segurança para o Windows Media Player (KB973540) Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2) Atualização de Segurança para Windows Internet Explorer 7 (KB961260) Atualização de Segurança para Windows Internet Explorer 7 (KB963027) Atualização de Segurança para Windows Internet Explorer 7 (KB969897) Atualização de Segurança para Windows Internet Explorer 7 (KB972260) Atualização de Segurança para Windows XP (KB923561) Atualização de Segurança para Windows XP (KB938464-v2) Atualização de Segurança para Windows XP (KB941569) Atualização de Segurança para Windows XP (KB946648) Atualização de Segurança para Windows XP (KB950760) Atualização de Segurança para Windows XP (KB950762) Atualização de Segurança para Windows XP (KB950974) Atualização de Segurança para Windows XP (KB951066) Atualização de Segurança para Windows XP (KB951376-v2) Atualização de Segurança para Windows XP (KB951698) Atualização de Segurança para Windows XP (KB951748) Atualização de Segurança para Windows XP (KB952004) Atualização de Segurança para Windows XP (KB952954) Atualização de Segurança para Windows XP (KB954600) Atualização de Segurança para Windows XP (KB955069) Atualização de Segurança para Windows XP (KB956572) Atualização de Segurança para Windows XP (KB956802) Atualização de Segurança para Windows XP (KB956803) Atualização de Segurança para Windows XP (KB956841) Atualização de Segurança para Windows XP (KB957097) Atualização de Segurança para Windows XP (KB958644) Atualização de Segurança para Windows XP (KB958687) Atualização de Segurança para Windows XP (KB958690) Atualização de Segurança para Windows XP (KB959426) Atualização de Segurança para Windows XP (KB960225) Atualização de Segurança para Windows XP (KB960715) Atualização de Segurança para Windows XP (KB960803) Atualização de Segurança para Windows XP (KB960859) Atualização de Segurança para Windows XP (KB961371) Atualização de Segurança para Windows XP (KB961373) Atualização de Segurança para Windows XP (KB961501) Atualização de Segurança para Windows XP (KB968537) Atualização de Segurança para Windows XP (KB969898) Atualização de Segurança para Windows XP (KB970238) Atualização de Segurança para Windows XP (KB971557) Atualização de Segurança para Windows XP (KB971633) Atualização de Segurança para Windows XP (KB971657) Atualização de Segurança para Windows XP (KB973346) Atualização de Segurança para Windows XP (KB973354) Atualização de Segurança para Windows XP (KB973507) Atualização de Segurança para Windows XP (KB973869) Atualização para Windows Internet Explorer 7 (KB947518) Atualização para Windows XP (KB955839) Atualização para Windows XP (KB967715) Atualização para Windows XP (KB968389) Atualização para Windows XP (KB973815) Audacity 1.3.12 (Unicode) avast! Free Antivirus BufferChm Caricature Studio Green 3.6 CCleaner ConvertXtoDVD 4.0.9.322 CoolSMS 2.06 beta CorelDRAW Graphics Suite X4 CorelDRAW Graphics Suite X4 - Capture CorelDRAW Graphics Suite X4 - Content CorelDRAW Graphics Suite X4 - Draw CorelDRAW Graphics Suite X4 - Filters CorelDRAW Graphics Suite X4 - FontNav CorelDRAW Graphics SUite X4 - ICA CorelDRAW Graphics Suite X4 - IPM CorelDRAW Graphics Suite X4 - Lang EN CorelDRAW Graphics Suite X4 - PP CorelDRAW Graphics Suite X4 - VBA CorelDRAW® Graphics Suite X4 CorelDRAW® Graphics Suite X4 - Windows Shell Extension CustomerResearchQFolder CuteFTP 8 Professional DAEMON Tools Toolbar DeviceDiscovery DeviceManagementQFolder Dg Foto Art Gold Trial(Portuguese) dj_sf_software dj_sf_software_req DM3 Contas a Pagar & Receber for Windows DM3 Relatórios 6.2 Document2PDF Pilot 2.16.100 Trial Document2PDF Sample 1.0 DVD Shrink 3.2 DVD Solution EasyPHP 1.6 EAX Unified eMule eSupportQFolder Extensis Mask Pro 3.0 FastDictionary 2007 Ferramenta de Carregamento do Windows Live Flash Saving Plugin Flash Slideshow Maker Pro 5.00 FormatFactory 2.20 GameSpy Comrade Google Desktop Google Gears Google Toolbar for Internet Explorer Google Update Helper Guia do Dispositivo do MOTO Q gsm Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB954550-v5) Hotfix para Windows XP (KB943232-v2) Hotfix para Windows XP (KB952287) Hotfix para Windows XP (KB961118) HP Customer Participation Program 9.0 HP Deskjet Printer Driver Software 9.0 HP Image Zone 4.2 HP Imaging Device Functions 9.0 HP Photosmart Essential 2.01 HP Photosmart Essential2.01 HP PSC & OfficeJet 4.2 HP Smart Web Printing HP Solution Center 9.0 HP Update HPProductAssistant HPSSupply Instalação das DLLs no Windows Java Auto Updater Java 6 Update 20 Java 6 Update 6 LimeWire 4.18.8 Macromedia Dreamweaver MX Macromedia Extension Manager Magic ISO Maker v5.4 (build 0256) MailList Controller 7.2 R3 Free Malwarebytes' Anti-Malware MarketResearch Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft ActiveSync Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (Portuguese (Brazil)) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Portuguese (Brazil)) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 Microsoft Office Word MUI (Portuguese (Brazil)) 2007 Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12 Microsoft User-Mode Driver Framework Feature Pack 1.5 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox (3.6.11) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 6 Service Pack 2 (KB954459) Multimedia Launcher NEF Codec Nero 7 Essentials neroxml NETEagle NOD32 FiX v2.1 Nokia Connectivity Cable Driver Nokia Ovi Application Installer Nokia Ovi Application Installer 6.85.3011 Nokia Ovi Content Copier Nokia Ovi Content Copier 6.85.3011 Nokia Ovi One Touch Access Nokia Ovi One Touch Access 6.85.3011 Nokia Ovi System Utilities Nokia Ovi System Utilities 6.85.3013 Nokia Photos Nokia Software Updater NVIDIA PhysX v8.07.11 Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) PanoStandAlone PC Connectivity Solution PDF Settings Photo Story Platinum 3.5.0.12 Photodex Presenter PIXresizer 2.0.4 ProShow Gold PSSWCORE QFolder QuickTime Realtek AC'97 Audio RegCure 1.5.1.3 Revo Uninstaller 1.90 Samsung SCX-4200 Series Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2344875) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for 2007 Microsoft Office System (KB982312) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2345035) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office Outlook 2007 (KB2288953) Security Update for Microsoft Office PowerPoint 2007 (KB982158) Security Update for Microsoft Office Publisher 2007 (KB982124) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Segoe UI Shine Video To Audio Converter 3.00 Significado do seu nome SmarThru 4 SmartSound Quicktracks Plugin SolutionCenter Sony DVD Architect 3.0c Sothink SWF Decompiler Spybot - Search & Destroy Status SuperDVD Video Editor 1.8 SWF Opener The Sims 2 Toolbox TrayApp Ulead VideoStudio 10 UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office OneNote 2007 (KB980729) Update for Outlook 2007 Junk Email Filter (kb2410711) você 9.0 Runtime VideoToolkit01 Visual Basic for Applications ® Core Visual Basic for Applications ® Core - English Warmonger WebFldrs XP WebReg WinAVI Video Converter Windows Imaging Component Windows Internet Explorer 7 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live OneCare safety scanner Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows XP Service Pack 3 WordPefect Document Converter 5 Yahoo! BrowserPlus 2.9.8 ==== End Of File =========================== cara não esquenta com a demora, tudo tranquilo. abracos Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Outubro 26, 2010 Olá! Por favor, siga o tutorial no link abaixo: #### Como usar o ComboFix #### Sugiro que imprima as instruções abaixo pois não poderá lê-las enquanto utiliza a ferramenta. Siga o tutorial e execute o ComboFix. Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta. NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador. Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações. De forma alguma saia do ComboFix usando o "X" do programa. Caso queira sair, tecle "N". Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão. Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
wrongdoer 0 Denunciar post Postado Novembro 16, 2010 Log ComboFix ComboFix 10-11-15.06 - Administrador 16/11/2010 9:48:48.6.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.221 [GMT -2:00] Executando de: C:\Documents and Settings\Administrador\Desktop\ComboFix.exe * Criado um novo ponto de restauração . ADS - drivers: deleted 204 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Administrador\Meus documentos\backup registro 18-10-2010.reg C:\WINDOWS\XSxS F:\install.exe . (((((((((((((((( Arquivos/Ficheiros criados de 2010-10-16 to 2010-11-16 )))))))))))))))))))))))))))) . 2010-10-26 19:49:48 . 2010-10-26 19:49:48 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\Ipswitch 2010-10-26 19:48:45 . 2010-10-26 19:48:45 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\InstallShield 2010-10-25 12:15:50 . 2010-10-25 12:15:50 -------- d-----w- C:\Arquivos de programas\Ipswitch 2010-10-21 19:15:09 . 2010-10-21 19:15:09 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\AnvSoft 2010-10-21 19:15:03 . 2010-10-21 19:15:03 -------- d-----w- C:\Arquivos de programas\AnvSoft 2010-10-20 19:22:50 . 2010-09-07 13:47:07 17744 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys 2010-10-20 19:22:47 . 2010-09-07 13:52:03 165584 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys 2010-10-20 19:22:44 . 2010-09-07 13:47:46 23376 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys 2010-10-20 19:22:38 . 2010-09-07 13:52:25 46672 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys 2010-10-20 19:22:21 . 2010-09-07 13:47:19 100176 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys 2010-10-20 19:22:19 . 2010-09-07 13:47:16 94544 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys 2010-10-20 19:22:15 . 2010-09-07 13:46:51 28880 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys 2010-10-20 19:20:04 . 2010-09-07 14:12:17 38848 ----a-w- C:\WINDOWS\avastSS.scr 2010-10-20 19:20:03 . 2010-09-07 14:11:54 167592 ----a-w- C:\WINDOWS\system32\aswBoot.exe 2010-10-20 11:49:18 . 2009-10-20 21:34:52 162320 ----a-w- C:\Arquivos de programas\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-16 10:27:54 . 2008-12-05 18:44:33 2568 --sha-w- C:\Documents and Settings\All Users\Dados de aplicativos\KGyGaAvL.sys 2010-09-29 12:50:34 . 2009-08-20 13:48:21 45472 ----a-w- C:\WINDOWS\system32\drivers\gbpkm.sys 2010-09-15 06:50:37 . 2010-04-05 17:01:43 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll 2010-09-15 04:29:49 . 2008-06-25 17:21:32 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl 2010-09-08 14:17:46 . 2010-09-08 14:17:46 94208 ----a-w- C:\WINDOWS\system32\QuickTimeVR.qtx 2010-09-08 14:17:46 . 2010-09-08 14:17:46 69632 ----a-w- C:\WINDOWS\system32\QuickTime.qts 2004-10-01 18:00:16 . 2010-05-13 11:18:40 40960 ----a-w- C:\Arquivos de programas\Uninstall_CDS.exe . ((((((((((((((((((((((((((((( SnapShot@2010-05-27_17.28.19 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 51008 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 51008 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2007-11-07 03:19:22 . 2007-11-07 03:19:22 54272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll - 2007-11-07 05:19:20 . 2007-11-07 05:19:20 54272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 59728 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 59728 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 42832 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 42832 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 43344 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 43344 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 61264 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 61264 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 62800 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 62800 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 61760 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 61760 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 61776 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 61776 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 53568 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 53568 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 63296 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 63296 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 36688 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 36688 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 35648 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 35648 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll + 2007-11-07 03:19:16 . 2007-11-07 03:19:16 46592 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll - 2007-11-07 04:19:16 . 2007-11-07 04:19:16 46592 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll - 2007-11-07 04:19:16 . 2007-11-07 04:19:16 47104 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll + 2007-11-07 03:19:16 . 2007-11-07 03:19:16 47104 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll - 2007-11-07 04:19:28 . 2007-11-07 04:19:28 59392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll + 2007-11-07 03:19:28 . 2007-11-07 03:19:28 59392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll - 2007-11-07 04:19:28 . 2007-11-07 04:19:28 60416 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll + 2007-11-07 03:19:28 . 2007-11-07 03:19:28 60416 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll + 2007-11-07 03:19:22 . 2007-11-07 03:19:22 59392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll - 2007-11-07 04:19:22 . 2007-11-07 04:19:22 59392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll + 2007-11-07 03:19:22 . 2007-11-07 03:19:22 59392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll - 2007-11-07 04:19:22 . 2007-11-07 04:19:22 59392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll + 2007-11-07 03:19:22 . 2007-11-07 03:19:22 54272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll - 2007-11-07 04:19:22 . 2007-11-07 04:19:22 54272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll + 2007-11-07 03:19:28 . 2007-11-07 03:19:28 60928 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll - 2007-11-07 04:19:28 . 2007-11-07 04:19:28 60928 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll + 2007-11-07 03:19:16 . 2007-11-07 03:19:16 41984 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll - 2007-11-07 04:19:16 . 2007-11-07 04:19:16 41984 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll - 2007-11-07 04:19:16 . 2007-11-07 04:19:16 41472 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll + 2007-11-07 03:19:16 . 2007-11-07 03:19:16 41472 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll - 2009-07-12 03:05:16 . 2009-07-12 03:05:16 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-12 02:05:16 . 2009-07-12 02:05:16 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll - 2009-07-12 03:05:16 . 2009-07-12 03:05:16 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll + 2009-07-12 02:05:16 . 2009-07-12 02:05:16 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll + 2007-11-07 00:51:08 . 2007-11-07 00:51:08 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll - 2007-11-07 01:51:08 . 2007-11-07 01:51:08 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll + 2007-11-07 00:51:08 . 2007-11-07 00:51:08 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll - 2007-11-07 01:51:08 . 2007-11-07 01:51:08 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll + 2010-09-23 20:47:52 . 2006-08-16 01:41:33 57344 C:\WINDOWS\twain_32\Samsung\SCX4200\OEMCFG.dll - 2008-05-05 17:57:06 . 2006-08-16 01:41:33 57344 C:\WINDOWS\twain_32\Samsung\SCX4200\OEMCFG.dll + 2010-11-14 15:37:09 . 2010-11-14 15:37:09 16384 C:\WINDOWS\Temp\Perflib_Perfdata_870.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:08 22663 C:\WINDOWS\system32\SUGE1LMK.DLL + 2010-09-23 20:44:48 . 2006-08-16 03:21:53 57344 C:\WINDOWS\system32\SUGE1CI.dll + 2010-09-23 20:44:49 . 2006-08-16 03:22:15 56484 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1tk.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:14 55919 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1sw.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:13 60418 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1sp.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:12 58023 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1ru.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:11 60576 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1pt.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:10 57738 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1po.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:09 55509 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1nr.dat + 2010-09-23 20:44:49 . 2006-08-21 05:20:36 53248 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1lf.DLL + 2010-09-23 20:44:49 . 2006-08-16 03:22:07 52152 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1kr.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:22:06 59629 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1it.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:04 58266 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1hu.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:03 60870 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1gr.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:03 63448 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1fn.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:02 56897 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1fi.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:01 54540 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1en.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:22:00 56903 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1el.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:21:59 58928 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1dt.dat + 2010-09-23 20:44:49 . 2006-08-16 03:21:58 56653 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1dn.dat + 2010-09-23 20:44:49 . 2006-08-16 03:21:57 56425 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1cz.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:21:56 46592 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1ct.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:21:55 46805 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1cp.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:21:52 59879 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1bp.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:22:15 56484 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1tk.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:14 55919 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1sw.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:13 60418 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1sp.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:12 58023 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1ru.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:11 60576 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1pt.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:10 57738 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1po.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:09 55509 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1nr.dat + 2010-09-23 20:44:49 . 2006-08-21 05:20:36 53248 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1lf.DLL + 2010-09-23 20:44:49 . 2006-08-16 03:22:07 52152 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1kr.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:22:06 59629 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1it.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:04 58266 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1hu.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:03 60870 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1gr.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:03 63448 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1fn.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:02 56897 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1fi.dat + 2010-09-23 20:44:49 . 2006-08-16 03:22:01 54540 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1en.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:22:00 56903 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1el.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:21:59 58928 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1dt.dat + 2010-09-23 20:44:49 . 2006-08-16 03:21:58 56653 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1dn.dat + 2010-09-23 20:44:49 . 2006-08-16 03:21:57 56425 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1cz.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:21:56 46592 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1ct.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:21:55 46805 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1cp.DAT + 2010-09-23 20:44:49 . 2006-08-16 03:21:52 59879 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1bp.DAT + 2007-09-09 00:20:54 . 2006-08-16 03:22:15 56484 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1tk.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:14 55919 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1sw.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:13 60418 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1sp.dat + 2007-09-09 00:20:54 . 2006-08-16 03:22:12 58023 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1ru.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:11 60576 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1pt.dat + 2007-09-09 00:20:54 . 2006-08-16 03:22:10 57738 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1po.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:09 55509 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1nr.dat + 2007-09-09 00:20:51 . 2006-08-21 05:20:36 53248 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1lf.dll + 2007-09-09 00:20:54 . 2006-08-16 03:22:07 52152 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1kr.dat - 2007-09-09 00:20:54 . 2009-10-06 03:40:16 52152 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1kr.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:06 59629 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1it.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:04 58266 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1hu.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:03 60870 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1gr.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:03 63448 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1fn.dat + 2007-09-09 00:20:53 . 2006-08-16 03:22:02 56897 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1fi.dat + 2007-09-09 00:20:52 . 2006-08-16 03:22:01 54540 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1en.dat - 2007-09-09 00:20:52 . 2009-10-06 03:40:04 54540 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1en.dat + 2007-09-09 00:20:54 . 2006-08-16 03:22:00 56903 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1el.dat + 2007-09-09 00:20:53 . 2006-08-16 03:21:59 58928 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1dt.dat + 2007-09-09 00:20:52 . 2006-08-16 03:21:58 56653 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1dn.dat + 2007-09-09 00:20:54 . 2006-08-16 03:21:57 56425 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1cz.dat + 2007-09-09 00:20:54 . 2006-08-16 03:21:56 46592 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1ct.dat + 2007-09-09 00:20:54 . 2006-08-16 03:21:55 46805 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1cp.dat + 2007-09-09 00:20:54 . 2006-08-16 03:21:52 59879 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1bp.dat + 2001-10-28 12:07:18 . 2010-10-29 10:15:57 84872 C:\WINDOWS\system32\perfc016.dat + 2001-10-28 12:07:18 . 2010-10-29 10:15:57 73048 C:\WINDOWS\system32\perfc009.dat + 2010-09-23 20:58:12 . 2006-08-18 20:44:48 44032 C:\WINDOWS\system32\lttwn13n.dll + 2010-09-23 20:58:07 . 2006-08-18 20:44:46 32256 C:\WINDOWS\system32\lttmb13n.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 77312 C:\WINDOWS\system32\LTTLB13n.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 67072 C:\WINDOWS\system32\ltpdg13n.dll + 2010-09-23 20:58:06 . 2006-08-18 20:44:46 51712 C:\WINDOWS\system32\ltlst13n.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 69632 C:\WINDOWS\system32\ltbar13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:50 87552 C:\WINDOWS\system32\lfpsd13s.dll + 2010-09-23 20:58:07 . 2006-08-18 20:44:48 57344 C:\WINDOWS\system32\lfpsd13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:48 43008 C:\WINDOWS\system32\LFPNM13s.dll + 2010-09-23 20:58:07 . 2006-08-18 20:44:48 31232 C:\WINDOWS\system32\LFPNM13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:48 37888 C:\WINDOWS\system32\lfpcx13s.dll + 2010-09-23 20:58:09 . 2006-08-18 20:44:48 26624 C:\WINDOWS\system32\lfpcx13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:48 32256 C:\WINDOWS\system32\lfpcd13s.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 19968 C:\WINDOWS\system32\lfpcd13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:48 31744 C:\WINDOWS\system32\lfmsp13s.dll + 2010-09-23 20:58:07 . 2006-08-18 20:44:48 18944 C:\WINDOWS\system32\lfmsp13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:48 99840 C:\WINDOWS\system32\lfjbg13s.dll + 2010-09-23 20:58:07 . 2006-08-18 20:44:48 90112 C:\WINDOWS\system32\lfjbg13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:50 32768 C:\WINDOWS\system32\lfitg13s.dll + 2010-09-23 20:58:20 . 2006-08-18 20:44:50 19968 C:\WINDOWS\system32\lfitg13n.dll + 2010-09-23 20:58:20 . 2006-08-18 20:44:50 32768 C:\WINDOWS\system32\lfimg13s.dll + 2010-09-23 20:58:20 . 2006-08-18 20:44:50 20992 C:\WINDOWS\system32\lfimg13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:50 40448 C:\WINDOWS\system32\lfiff13s.dll + 2010-09-23 20:58:20 . 2006-08-18 20:44:50 27648 C:\WINDOWS\system32\lfiff13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:50 86528 C:\WINDOWS\system32\lffax13s.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:50 73728 C:\WINDOWS\system32\lffax13n.dll + 2010-09-23 20:58:18 . 2006-08-18 20:44:48 57856 C:\WINDOWS\system32\lfeps13s.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 47616 C:\WINDOWS\system32\lfeps13n.dll + 2010-09-23 20:58:18 . 2006-08-18 20:44:48 37376 C:\WINDOWS\system32\lfclp13s.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 31744 C:\WINDOWS\system32\lfclp13n.dll + 2010-09-23 20:58:18 . 2006-08-18 20:44:48 43008 C:\WINDOWS\system32\lfbmp13s.dll + 2010-09-23 20:58:07 . 2006-08-18 20:44:48 30208 C:\WINDOWS\system32\lfbmp13n.dll + 2010-09-23 20:58:18 . 2006-08-18 20:44:48 31744 C:\WINDOWS\system32\lfavi13s.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 19968 C:\WINDOWS\system32\lfavi13n.dll + 2010-09-23 20:58:18 . 2006-08-18 20:44:48 36864 C:\WINDOWS\system32\lfani13s.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 25600 C:\WINDOWS\system32\lfani13n.dll - 2010-05-19 14:56:35 . 2009-12-30 14:30:48 22016 C:\WINDOWS\system32\DRVSTORE\ccdcmbo_516D579ED050312AA4F326AAC39589D9E632CB24\ccdcmbo.sys + 2010-09-24 11:50:28 . 2009-12-30 14:30:48 22016 C:\WINDOWS\system32\DRVSTORE\ccdcmbo_516D579ED050312AA4F326AAC39589D9E632CB24\ccdcmbo.sys + 2010-09-24 11:50:26 . 2009-12-30 14:30:48 91136 C:\WINDOWS\system32\DRVSTORE\ccdcmb_516D579ED050312AA4F326AAC39589D9E632CB24\nmwcdcls.dll - 2010-05-19 14:56:34 . 2009-12-30 14:30:48 91136 C:\WINDOWS\system32\DRVSTORE\ccdcmb_516D579ED050312AA4F326AAC39589D9E632CB24\nmwcdcls.dll - 2010-05-19 14:56:34 . 2010-01-21 17:53:16 18048 C:\WINDOWS\system32\DRVSTORE\ccdcmb_516D579ED050312AA4F326AAC39589D9E632CB24\ccdcmb.sys + 2010-09-24 11:50:26 . 2010-01-21 17:53:16 18048 C:\WINDOWS\system32\DRVSTORE\ccdcmb_516D579ED050312AA4F326AAC39589D9E632CB24\ccdcmb.sys + 2010-09-23 20:44:08 . 2006-08-16 03:22:15 56484 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1tk.dat + 2010-09-23 20:44:08 . 2006-08-16 03:22:14 55919 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1sw.dat + 2010-09-23 20:44:08 . 2006-08-16 03:22:13 60418 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1sp.dat + 2010-09-23 20:44:08 . 2006-08-16 03:22:12 58023 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1ru.dat + 2010-09-23 20:44:08 . 2006-08-16 03:22:11 60576 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1pt.dat + 2010-09-23 20:44:08 . 2006-08-16 03:22:10 57738 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1po.dat + 2010-09-23 20:44:08 . 2006-08-16 03:22:09 55509 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1nr.dat + 2010-09-23 20:44:07 . 2006-08-16 03:22:08 22663 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1lmk.dll + 2010-09-23 20:44:07 . 2006-08-21 05:20:36 53248 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1lf.dll + 2010-09-23 20:44:07 . 2006-08-16 03:22:07 52152 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1kr.dat + 2010-09-23 20:44:07 . 2006-08-16 03:22:06 59629 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1it.dat + 2010-09-23 20:44:07 . 2006-08-16 03:22:04 58266 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1hu.dat + 2010-09-23 20:44:07 . 2006-08-16 03:22:03 60870 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1gr.dat + 2010-09-23 20:44:07 . 2006-08-16 03:22:03 63448 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1fn.dat + 2010-09-23 20:44:07 . 2006-08-16 03:22:02 56897 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1fi.dat + 2010-09-23 20:44:07 . 2006-08-16 03:22:01 54540 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1en.dat + 2010-09-23 20:44:07 . 2006-08-16 03:22:00 56903 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1el.dat + 2010-09-23 20:44:06 . 2006-08-16 03:21:59 58928 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1dt.dat + 2010-09-23 20:44:06 . 2006-08-16 03:21:58 56653 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1dn.dat + 2010-09-23 20:44:06 . 2006-08-16 03:21:57 56425 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1cz.dat + 2010-09-23 20:44:06 . 2006-08-16 03:21:56 46592 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1ct.dat + 2010-09-23 20:44:06 . 2006-08-16 03:21:55 46805 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1cp.dat + 2010-09-23 20:44:04 . 2006-08-16 03:21:53 57344 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1CI.dll + 2010-09-23 20:44:06 . 2006-08-16 03:21:52 59879 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1bp.dat + 2010-09-23 20:59:25 . 2006-08-16 03:04:44 41984 C:\WINDOWS\system32\drivers\DgivEcpXP.sys - 2008-05-05 17:39:18 . 2009-09-04 11:46:27 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2010-05-15 12:49:22 . 2010-05-15 12:49:21 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-05-05 17:39:18 . 2009-09-04 11:46:27 32768 C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat + 2008-05-05 17:39:18 . 2010-05-15 12:49:21 32768 C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat + 2008-05-05 17:39:18 . 2010-05-15 12:49:21 32768 C:\WINDOWS\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat - 2008-05-05 17:39:18 . 2009-09-04 11:46:27 32768 C:\WINDOWS\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat + 2010-09-23 20:52:42 . 2006-08-16 03:10:54 24576 C:\WINDOWS\Samsung\PanelMgr\SPaddon.exe + 2010-10-18 11:13:07 . 2010-10-18 11:13:07 21504 C:\WINDOWS\Installer\3196c8.msi - 2008-05-05 18:45:32 . 2008-05-05 18:45:32 65536 C:\WINDOWS\Installer\{E9787678-551D-4478-9682-DBB587257110}\ProgramMenuShortcut_E9787678103300008E670000000001_1.exe + 2010-10-18 14:01:25 . 2010-10-18 14:01:26 65536 C:\WINDOWS\Installer\{E9787678-551D-4478-9682-DBB587257110}\ProgramMenuShortcut_E9787678103300008E670000000001_1.exe + 2010-10-18 14:01:25 . 2010-10-18 14:01:25 65536 C:\WINDOWS\Installer\{E9787678-551D-4478-9682-DBB587257110}\AppLanuchShortcut_E9787678103300008E67000000000001_1.exe - 2008-05-05 18:45:32 . 2008-05-05 18:45:32 65536 C:\WINDOWS\Installer\{E9787678-551D-4478-9682-DBB587257110}\AppLanuchShortcut_E9787678103300008E67000000000001_1.exe + 2007-10-18 12:29:06 . 2010-10-18 13:57:21 61440 C:\WINDOWS\Installer\{B74D4E10-6884-0000-0000-000000000101}\NewShortcut2_B74D4E10103300000000000000000001.exe - 2008-05-05 18:44:49 . 2008-05-05 18:44:49 61440 C:\WINDOWS\Installer\{B74D4E10-6884-0000-0000-000000000101}\NewShortcut2_B74D4E10103300000000000000000001.exe + 2010-10-18 13:57:21 . 2010-10-18 13:57:21 65536 C:\WINDOWS\Installer\{B74D4E10-6884-0000-0000-000000000101}\BridgeCommonShortcut_B74D4E101033000000000001_1.exe - 2008-05-05 18:44:49 . 2008-05-05 18:44:49 65536 C:\WINDOWS\Installer\{B74D4E10-6884-0000-0000-000000000101}\BridgeCommonShortcut_B74D4E101033000000000001_1.exe - 2008-05-05 18:44:49 . 2008-05-05 18:44:49 65536 C:\WINDOWS\Installer\{B74D4E10-6884-0000-0000-000000000101}\AdobeBridge_B74D4E10103300000000000000000001_1.exe + 2010-10-18 13:57:21 . 2010-10-18 13:57:21 65536 C:\WINDOWS\Installer\{B74D4E10-6884-0000-0000-000000000101}\AdobeBridge_B74D4E10103300000000000000000001_1.exe + 2009-11-13 10:37:27 . 2010-11-11 10:25:51 35088 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2009-11-13 10:37:27 . 2010-05-12 18:39:29 35088 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2009-11-13 10:37:26 . 2010-11-11 10:25:51 18704 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-11-13 10:37:26 . 2010-05-12 18:39:28 18704 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-11-13 10:37:26 . 2010-05-12 18:39:28 20240 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2009-11-13 10:37:26 . 2010-11-11 10:25:51 20240 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2010-10-18 13:55:22 . 2010-10-18 13:55:22 65536 C:\WINDOWS\Installer\{236BB7C4-4419-42FD-0416-1E257A25E34D}\NewShortcut1_236BB7C4441942FD04091E257A25E34D.exe - 2008-05-05 18:41:46 . 2008-05-05 18:41:46 65536 C:\WINDOWS\Installer\{236BB7C4-4419-42FD-0416-1E257A25E34D}\NewShortcut1_236BB7C4441942FD04091E257A25E34D.exe + 2010-09-24 11:50:32 . 2009-12-30 14:25:12 8320 C:\WINDOWS\system32\DRVSTORE\nmwcdnsuc_516D579ED050312AA4F326AAC39589D9E632CB24\nmwcdnsuc.sys - 2010-05-19 14:56:39 . 2009-12-30 14:25:12 8320 C:\WINDOWS\system32\DRVSTORE\nmwcdnsuc_516D579ED050312AA4F326AAC39589D9E632CB24\nmwcdnsuc.sys + 2010-09-24 11:50:29 . 2009-12-30 14:30:48 7936 C:\WINDOWS\system32\DRVSTORE\ccdcmbm_516D579ED050312AA4F326AAC39589D9E632CB24\usbser_lowerflt.sys - 2010-05-19 14:56:36 . 2009-12-30 14:30:48 7936 C:\WINDOWS\system32\DRVSTORE\ccdcmbm_516D579ED050312AA4F326AAC39589D9E632CB24\usbser_lowerflt.sys - 2010-05-19 14:56:37 . 2009-12-30 14:30:56 7936 C:\WINDOWS\system32\DRVSTORE\ccdcmbcj_516D579ED050312AA4F326AAC39589D9E632CB24\usbser_lowerfltj.sys + 2010-09-24 11:50:30 . 2009-12-30 14:30:56 7936 C:\WINDOWS\system32\DRVSTORE\ccdcmbcj_516D579ED050312AA4F326AAC39589D9E632CB24\usbser_lowerfltj.sys + 2004-08-04 00:44:06 . 2002-12-11 18:16:58 7680 C:\WINDOWS\system32\dllcache\asferror.dll + 2004-08-04 00:44:06 . 2002-12-11 18:16:58 7680 C:\WINDOWS\system32\asferror.dll + 2010-08-08 14:39:55 . 2002-12-11 18:16:58 7680 C:\WINDOWS\RegisteredPackages\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}\asferror.dll - 2009-07-12 03:02:02 . 2009-07-12 03:02:02 653120 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll + 2009-07-12 02:02:02 . 2009-07-12 02:02:02 653120 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 569664 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 569664 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - 2009-07-12 03:05:16 . 2009-07-12 03:05:16 225280 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll + 2009-07-12 02:05:16 . 2009-07-12 02:05:16 225280 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll + 2007-11-07 03:19:34 . 2007-11-07 03:19:34 655872 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - 2007-11-07 05:19:32 . 2007-11-07 05:19:32 655872 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - 2007-11-07 05:19:32 . 2007-11-07 05:19:32 568832 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 03:19:34 . 2007-11-07 03:19:34 568832 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-06 22:23:58 . 2007-11-06 22:23:58 224768 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll - 2007-11-07 00:23:56 . 2007-11-07 00:23:56 224768 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2009-07-12 02:02:00 . 2009-07-12 02:02:00 159032 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - 2009-07-12 03:02:00 . 2009-07-12 03:02:00 159032 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - 2007-11-07 04:19:32 . 2007-11-07 04:19:32 161784 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll + 2007-11-07 03:19:32 . 2007-11-07 03:19:32 161784 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll + 2002-11-06 05:10:14 . 2002-11-06 05:10:14 167936 C:\WINDOWS\system32\wmserror.dll + 2002-11-06 05:45:32 . 2002-11-06 05:45:32 327680 C:\WINDOWS\system32\windows media\server\wmsservertypelib.dll + 2004-01-30 18:07:46 . 2004-01-30 18:07:46 245408 C:\WINDOWS\system32\unicows.dll + 2010-09-23 20:44:48 . 2006-08-16 03:21:53 151552 C:\WINDOWS\system32\SUGE1CI.exe + 2010-09-23 20:44:48 . 2006-08-21 05:20:40 655360 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1UM.DLL + 2010-09-23 20:44:50 . 2006-08-21 05:20:39 224252 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1UI.DLL + 2010-09-23 20:44:49 . 2006-08-16 03:22:17 835584 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1U2.DLL + 2010-09-23 20:44:48 . 2006-08-16 03:22:16 606208 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1U.DLL + 2010-09-23 20:44:48 . 2006-08-16 03:22:09 208896 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1M.DLL + 2010-09-23 20:44:48 . 2006-08-21 05:20:33 204800 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1CM.DLL + 2010-09-23 20:44:48 . 2006-08-21 05:20:31 835952 C:\WINDOWS\system32\spool\drivers\w32x86\SUGE1.DLL + 2010-09-23 20:44:48 . 2006-08-21 05:20:40 655360 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1UM.DLL + 2010-09-23 20:44:50 . 2006-08-21 05:20:39 224252 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1UI.DLL + 2010-09-23 20:44:49 . 2006-08-16 03:22:17 835584 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1U2.DLL + 2010-09-23 20:44:48 . 2006-08-16 03:22:16 606208 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1U.DLL + 2010-09-23 20:44:48 . 2006-08-16 03:22:09 208896 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1M.DLL + 2010-09-23 20:44:48 . 2006-08-21 05:20:33 204800 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1CM.DLL + 2010-09-23 20:44:48 . 2006-08-21 05:20:31 835952 C:\WINDOWS\system32\spool\drivers\w32x86\samsungscx_4200_serid388\SUGE1.DLL + 2007-09-09 00:20:51 . 2006-08-21 05:20:40 655360 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1um.dll + 2007-09-09 00:20:49 . 2006-08-16 03:22:17 835584 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1u2.dll - 2007-09-09 00:20:49 . 2009-10-06 03:40:34 835584 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1u2.dll + 2007-09-09 00:20:48 . 2006-08-16 03:22:16 606208 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1u.dll + 2007-09-09 00:20:50 . 2006-08-21 05:20:33 204800 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1cm.dll - 2007-09-09 00:20:50 . 2009-10-06 03:39:50 204800 C:\WINDOWS\system32\spool\drivers\w32x86\3\suge1cm.dll + 2007-09-09 00:20:47 . 2006-08-21 05:20:31 835952 C:\WINDOWS\system32\spool\drivers\w32x86\3\SUGE1.DLL + 2010-09-23 20:59:24 . 2006-08-16 03:05:48 163840 C:\WINDOWS\system32\SecSNMP.dll + 2001-10-28 12:07:18 . 2010-10-29 10:15:57 481768 C:\WINDOWS\system32\perfh016.dat + 2001-10-28 12:07:18 . 2010-10-29 10:15:57 446006 C:\WINDOWS\system32\perfh009.dat + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 212480 C:\WINDOWS\system32\PCDLIB32.DLL + 2010-11-08 10:15:34 . 2010-11-08 10:15:34 233936 C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe + 2010-09-23 20:58:21 . 2006-08-18 20:44:46 465408 C:\WINDOWS\system32\LTRPR13n.DLL + 2010-09-23 20:58:21 . 2006-08-18 20:44:46 326144 C:\WINDOWS\system32\LTRIO13N.DLL + 2010-09-23 20:58:20 . 2006-08-18 20:44:46 931840 C:\WINDOWS\system32\LTR13N.DLL + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 158720 C:\WINDOWS\system32\Ltpnt13n.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 114176 C:\WINDOWS\system32\LTOCR13n.dll + 2010-09-23 20:58:06 . 2006-08-18 20:44:46 453120 C:\WINDOWS\system32\ltkrn13n.dll + 2010-09-23 20:58:06 . 2006-08-18 20:44:46 445440 C:\WINDOWS\system32\ltimg13n.dll + 2010-09-23 20:58:06 . 2006-08-18 20:44:46 154112 C:\WINDOWS\system32\ltfil13n.DLL + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 206848 C:\WINDOWS\system32\ltefx13n.dll + 2010-09-23 20:58:06 . 2006-08-18 20:44:46 265216 C:\WINDOWS\system32\LTDIS13n.dll + 2010-09-23 20:58:16 . 2006-08-18 20:44:50 152064 C:\WINDOWS\system32\lftif13s.dll + 2010-09-23 20:58:07 . 2006-08-18 20:44:48 142848 C:\WINDOWS\system32\lftif13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:48 187392 C:\WINDOWS\system32\Lfpng13s.dll + 2010-09-23 20:58:07 . 2006-08-18 20:44:48 182784 C:\WINDOWS\system32\Lfpng13n.dll + 2010-09-23 20:58:19 . 2006-08-18 20:44:48 249856 C:\WINDOWS\system32\LFJ2K13s.dll + 2010-09-23 20:58:08 . 2006-08-18 20:44:48 246272 C:\WINDOWS\system32\LFJ2K13n.dll + 2010-09-23 20:58:18 . 2006-08-18 20:44:48 406016 C:\WINDOWS\system32\LFCMP13s.DLL + 2010-09-23 20:58:07 . 2006-08-18 20:44:48 388608 C:\WINDOWS\system32\LFCMP13n.DLL + 2010-11-04 10:30:39 . 2010-09-15 06:50:52 153376 C:\WINDOWS\system32\javaws.exe - 2010-04-05 17:01:43 . 2010-04-12 20:29:27 153376 C:\WINDOWS\system32\javaws.exe + 2010-11-04 10:30:39 . 2010-09-15 06:50:51 145184 C:\WINDOWS\system32\javaw.exe - 2010-04-05 17:01:43 . 2010-04-12 20:29:26 145184 C:\WINDOWS\system32\javaw.exe - 2010-04-05 17:01:43 . 2010-04-12 20:29:25 145184 C:\WINDOWS\system32\java.exe + 2010-11-04 10:30:39 . 2010-09-15 06:50:49 145184 C:\WINDOWS\system32\java.exe - 2010-05-19 14:56:38 . 2009-12-30 14:25:12 137344 C:\WINDOWS\system32\DRVSTORE\nmwcdnsu_516D579ED050312AA4F326AAC39589D9E632CB24\nmwcdnsu.sys + 2010-09-24 11:50:31 . 2009-12-30 14:25:12 137344 C:\WINDOWS\system32\DRVSTORE\nmwcdnsu_516D579ED050312AA4F326AAC39589D9E632CB24\nmwcdnsu.sys + 2010-09-24 11:50:26 . 2009-12-30 14:30:50 660480 C:\WINDOWS\system32\DRVSTORE\ccdcmb_516D579ED050312AA4F326AAC39589D9E632CB24\nmwcdcocls.dll - 2010-05-19 14:56:34 . 2009-12-30 14:30:50 660480 C:\WINDOWS\system32\DRVSTORE\ccdcmb_516D579ED050312AA4F326AAC39589D9E632CB24\nmwcdcocls.dll + 2010-09-23 20:44:05 . 2006-08-21 05:20:40 655360 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1UM.dll + 2010-09-23 20:44:09 . 2006-08-21 05:20:39 224252 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1ui.dll + 2010-09-23 20:44:08 . 2006-08-16 03:22:17 835584 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1u2.dll + 2010-09-23 20:44:05 . 2006-08-16 03:22:16 606208 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1U.dll + 2010-09-23 20:44:05 . 2006-08-16 03:22:09 208896 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1M.DLL + 2010-09-23 20:44:05 . 2006-08-21 05:20:33 204800 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1CM.dll + 2010-09-23 20:44:05 . 2006-08-16 03:21:53 151552 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1CI.exe + 2010-09-23 20:44:04 . 2006-08-21 05:20:31 835952 C:\WINDOWS\system32\drivers\SAMSUNG\Samsung SCX-4200 Series\SUGE1.dll + 2010-09-23 20:52:49 . 2006-12-26 00:32:20 462848 C:\WINDOWS\ssndii.exe + 2010-09-23 20:52:41 . 2006-08-16 03:10:55 503808 C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe + 2010-08-08 14:40:21 . 2002-11-06 05:45:32 327680 C:\WINDOWS\RegisteredPackages\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\wmsservertypelib.dll + 2010-08-08 14:40:21 . 2002-11-06 05:10:14 167936 C:\WINDOWS\RegisteredPackages\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\wmserror.dll + 2010-08-08 14:41:52 . 2010-08-08 14:41:52 884224 C:\WINDOWS\Installer\bf60f9.msi + 2010-10-13 14:15:50 . 2010-10-13 14:15:50 807936 C:\WINDOWS\Installer\a1e5bb.msi + 2010-11-04 10:32:06 . 2010-11-04 10:32:06 180224 C:\WINDOWS\Installer\9a035.msi + 2010-10-18 13:59:24 . 2010-10-18 13:59:24 618496 C:\WINDOWS\Installer\44c19f.msi + 2010-08-04 18:13:04 . 2010-08-04 18:13:04 686080 C:\WINDOWS\Installer\14dd29.msp + 2009-11-13 10:37:27 . 2010-11-11 10:25:51 888080 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2009-11-13 10:37:27 . 2010-05-12 18:39:29 888080 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2009-11-13 10:37:26 . 2010-05-12 18:39:28 272648 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2009-11-13 10:37:26 . 2010-11-11 10:25:51 272648 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-11-13 10:37:26 . 2010-05-12 18:39:27 922384 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-11-13 10:37:26 . 2010-11-11 10:25:50 922384 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-11-13 10:37:26 . 2010-11-11 10:25:50 845584 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2009-11-13 10:37:26 . 2010-05-12 18:39:27 845584 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-11-13 10:37:26 . 2010-11-11 10:25:50 217864 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-11-13 10:37:26 . 2010-05-12 18:39:27 217864 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-11-13 10:37:25 . 2010-05-12 18:39:27 184080 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2009-11-13 10:37:25 . 2010-11-11 10:25:50 184080 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2009-11-13 10:37:25 . 2010-11-11 10:25:50 159504 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2009-11-13 10:37:25 . 2010-05-12 18:39:27 159504 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2004-12-03 14:26:26 . 2004-12-03 14:26:26 356352 C:\WINDOWS\eSellerateEngine.dll + 2009-07-12 02:02:02 . 2009-07-12 02:02:02 3780424 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - 2009-07-12 03:02:02 . 2009-07-12 03:02:02 3780424 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll + 2009-07-12 02:02:02 . 2009-07-12 02:02:02 3765048 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll - 2009-07-12 03:02:02 . 2009-07-12 03:02:02 3765048 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll + 2007-11-07 03:19:38 . 2007-11-07 03:19:38 1162744 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll - 2007-11-07 04:19:38 . 2007-11-07 04:19:38 1162744 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll + 2007-11-07 03:19:38 . 2007-11-07 03:19:38 1156600 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll - 2007-11-07 04:19:38 . 2007-11-07 04:19:38 1156600 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll + 2010-01-27 01:07:32 . 2010-11-08 10:15:33 5971408 C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll + 2010-09-23 20:58:05 . 2006-08-18 20:44:46 1009664 C:\WINDOWS\system32\Ltwvc13n.dll + 2010-09-23 20:58:06 . 2006-08-18 20:44:46 1402368 C:\WINDOWS\system32\ltdlg13n.dll + 2010-09-23 20:58:09 . 2006-08-18 20:44:48 1693696 C:\WINDOWS\system32\LTCLR13n.dll + 2008-05-05 12:39:31 . 2010-11-12 16:08:16 2523760 C:\WINDOWS\system32\FNTCACHE.DAT + 2010-09-24 11:50:26 . 2009-10-06 14:55:50 1112288 C:\WINDOWS\system32\DRVSTORE\ccdcmb_516D579ED050312AA4F326AAC39589D9E632CB24\wdfcoinstaller01007.dll - 2010-05-19 14:56:34 . 2009-10-06 14:55:50 1112288 C:\WINDOWS\system32\DRVSTORE\ccdcmb_516D579ED050312AA4F326AAC39589D9E632CB24\wdfcoinstaller01007.dll + 2010-08-08 14:40:33 . 2010-08-08 14:40:33 1479168 C:\WINDOWS\Installer\bf60f0.msi + 2010-10-13 14:12:27 . 2010-10-13 14:12:28 9472000 C:\WINDOWS\Installer\a1e54e.msi + 2010-09-17 08:04:16 . 2010-09-17 08:04:16 9401856 C:\WINDOWS\Installer\8d8d9.msp + 2010-10-21 20:12:42 . 2010-10-21 20:12:42 3359744 C:\WINDOWS\Installer\8d8c2.msp + 2010-10-07 20:43:04 . 2010-10-07 20:43:04 1980416 C:\WINDOWS\Installer\8d8ab.msp + 2010-08-13 21:01:28 . 2010-08-13 21:01:28 8993280 C:\WINDOWS\Installer\4744c4.msp + 2010-08-13 20:59:46 . 2010-08-13 20:59:46 8182272 C:\WINDOWS\Installer\4744ad.msp + 2010-08-13 21:02:20 . 2010-08-13 21:02:20 2545664 C:\WINDOWS\Installer\474496.msp + 2010-08-13 21:00:36 . 2010-08-13 21:00:36 9404928 C:\WINDOWS\Installer\47447f.msp + 2010-09-17 09:06:50 . 2010-09-17 09:06:50 3355648 C:\WINDOWS\Installer\474467.msp + 2010-10-18 14:04:04 . 2010-10-18 14:04:04 1472000 C:\WINDOWS\Installer\44c1ab.msi + 2010-10-18 14:01:24 . 2010-10-18 14:01:24 3139072 C:\WINDOWS\Installer\44c1a5.msi + 2010-10-18 13:57:18 . 2010-10-18 13:57:19 3862016 C:\WINDOWS\Installer\44c197.msi + 2010-10-18 13:55:20 . 2010-10-18 13:55:21 5266944 C:\WINDOWS\Installer\44c18f.msi + 2010-08-19 20:57:46 . 2010-08-19 20:57:46 3395584 C:\WINDOWS\Installer\14dd12.msp + 2007-10-18 12:29:06 . 2010-10-18 13:57:20 1904640 C:\WINDOWS\Installer\{B74D4E10-6884-0000-0000-000000000101}\ESLaunchShortcut_B74D4E10103300000000000000000001.exe - 2008-05-05 18:44:49 . 2008-05-05 18:44:49 1904640 C:\WINDOWS\Installer\{B74D4E10-6884-0000-0000-000000000101}\ESLaunchShortcut_B74D4E10103300000000000000000001.exe + 2009-11-13 10:37:25 . 2010-11-11 10:25:50 1172240 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2009-11-13 10:37:25 . 2010-05-12 18:39:26 1172240 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-11-13 10:37:25 . 2010-11-11 10:25:49 1165584 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2009-11-13 10:37:25 . 2010-05-12 18:39:26 1165584 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2008-11-10 04:41:04 . 2008-11-10 04:41:04 2014584 C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PPTVIEW.EXE + 2010-10-15 20:43:24 . 2010-10-15 20:51:55 17960808 C:\WINDOWS\system32\Restore\rstrlog.dat + 2002-12-11 22:39:08 . 2002-12-11 22:39:08 10995712 C:\WINDOWS\Installer\WMEncoder.msi + 2010-07-23 04:04:08 . 2010-07-23 04:04:08 11395072 C:\WINDOWS\Installer\14dcfb.msp . -- Snapshot resetado para data atual -- . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 12:21:08 153136] "msnmsgr"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 18:44:26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-10-23 19:18:30 90112] "NeroFilterCheck"="C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2007-03-01 17:57:24 153136] "Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 03:04:34 39792] "GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 13:44:34 31072] "HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 00:34:40 49152] "Document2PDF virtual printer agent"="C:\Arquivos de programas\Document2PDF Sample\d2pdfagent.exe" [2010-01-28 12:33:54 94208] "Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe" [2006-08-16 03:10:55 503808] "QuickTime Task"="C:\Arquivos de programas\QuickTime\QTTask.exe" [2010-09-08 14:17:42 421888] "avast5"="C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2010-09-07 14:12:02 2838912] "SunJavaUpdateSched"="C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-05-14 13:44:46 248552] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45:32 15360] C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\ Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\ HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb] 2010-09-29 12:49:22 342304 ----a-w- C:\Arquivos de programas\GbPlugin\gbieh.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "C:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"= "C:\Arquivos de programas\Microsoft ActiveSync\rapimgr.exe"= C:\Arquivos de programas\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Arquivos de programas\Microsoft ActiveSync\wcescomm.exe"= C:\Arquivos de programas\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Arquivos de programas\Microsoft ActiveSync\WCESMgr.exe"= C:\Arquivos de programas\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Arquivos de programas\\ADPHONE3\\ADPHONE.exe"= "C:\\Arquivos de programas\\EasyPHP\\mysql\\bin\\mysqld-nt.exe"= "C:\\Arquivos de programas\\EasyPHP\\apache\\Apache.exe"= "C:\\Arquivos de programas\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "C:\\Arquivos de programas\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\LimeWire\\LimeWire.exe"= "C:\\Arquivos de programas\\Ares\\Ares.exe"= "C:\\Arquivos de programas\\Ipswitch\\WS_FTP 12\\wsftpgui.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 GbpKm;Gbp KernelMode;C:\WINDOWS\system32\drivers\gbpkm.sys [20/8/2009 11:48:21 45472] R0 szkg5;szkg;C:\WINDOWS\system32\drivers\SZKG.sys [12/5/2009 15:13:12 61328] R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [20/10/2010 17:22:47 165584] R1 d8a4fef9-85c1-448f-a6f9-2570fb195020;d8a4fef9-85c1-448f-a6f9-2570fb195020;C:\WINDOWS\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys [16/5/2010 10:22:10 3584] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [20/10/2010 17:22:50 17744] R2 GbpSv;Gbp Service;C:\ARQUIV~1\GbPlugin\GbpSv.exe [20/8/2009 11:48:18 55072] R2 MailList Controller;MailList Controller;C:\Arquivos de programas\Arclab\MailList Controller\amlcSVC.exe [11/11/2009 17:52:16 1585152] S2 gupdate;Google Update Service (gupdate);C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [30/12/2009 16:47:46 135664] S2 s;Gbp Service;C:\ARQUIV~1\GbPlugin\GbpSv.exe [20/8/2009 11:48:18 55072] S3 cpuz129;cpuz129;\??\C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys --> C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys [?] S4 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [18/1/2009 16:05:46 717296] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Conteúdo da pasta 'Tarefas Agendadas' 2010-11-10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34:12 . 2008-07-30 15:34:12] 2010-11-16 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-30 18:47:46 . 2009-12-30 18:47:10] 2010-11-16 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-30 18:47:46 . 2009-12-30 18:47:10] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.uol.com.br/ mStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: E&xportar para o Microsoft Excel - C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Save Flash - C:\Arquivos de programas\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 IE: Save YouTube Video - C:\Arquivos de programas\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217 DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab FF - ProfilePath - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\wjav1kz9.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.uol.com.br FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - component: C:\Arquivos de programas\Google\Google Gears\Firefox\lib\ff36\gears.dll FF - component: C:\Arquivos de programas\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: C:\Arquivos de programas\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Arquivos de programas\Mozilla Firefox\plugins\npybrowserplus_2.4.17.dll FF - plugin: C:\BrowserPlusPlugins\054b6841520a59bc7df387c379b16986\npybrowserplus_2.9.8.dll FF - plugin: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\plugins\npPxPlay.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified C:\Arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); C:\Arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-11-16 10:03:53 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_USERS\S-1-5-21-1292428093-329068152-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{19753715-5CA6-E81A-F585-35AE9F7B75DD}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iaegkndhbppjofonfa"=hex:6b,61,69,68,61,65,6f,6d,70,68,68,70,62,66,6b,6c,6c,69, 68,6e,67,6a,00,00 "haodplmmbokgnlim"=hex:6b,61,69,68,61,65,6f,6d,70,68,68,70,62,66,6b,6c,6c,69, 68,6e,67,6a,00,00 . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(660) C:\Arquivos de programas\GbPlugin\gbieh.dll . Tempo para conclusão: 2010-11-16 10:08:52 ComboFix-quarantined-files.txt 2010-11-16 12:08:42 ComboFix2.txt 2010-05-31 11:47:00 ComboFix3.txt 2010-05-27 17:36:48 Pré-execução: 31 pasta(s) 27.771.113.472 bytes disponíveis Pós execução: 32 pasta(s) 27.807.010.816 bytes disponíveis - - End Of File - - F8CCEA3E3FE2C68309060E15E0E50315 Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Novembro 20, 2010 Olá! Me desculpe pela demora para responder. Por favor, poste um novo log do DDS, juntamente com um novo log do ComboFix (Primeiro execute o ComboFix > depois o DDS) Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
wrongdoer 0 Denunciar post Postado Novembro 22, 2010 Olá! Me desculpe pela demora para responder. Por favor, poste um novo log do DDS, juntamente com um novo log do ComboFix (Primeiro execute o ComboFix > depois o DDS) Abraços :D Log ComboFix ComboFix 10-11-22.01 - Administrador 22/11/2010 16:19:53.8.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.221 [GMT -2:00] Executando de: C:\Documents and Settings\Administrador\Desktop\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} * AV residente está ativo . ADS - drivers: deleted 204 bytes in 1 streams. (((((((((((((((( Arquivos/Ficheiros criados de 2010-10-22 to 2010-11-22 )))))))))))))))))))))))))))) . 2010-11-22 11:54:06 . 2010-11-22 11:54:07 -------- d-----w- C:\Arquivos de programas\Fotosizer 2010-11-16 12:44:52 . 2010-11-16 12:50:21 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\GlobalSCAPE 2010-10-26 19:49:48 . 2010-10-26 19:49:48 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\Ipswitch 2010-10-26 19:48:45 . 2010-10-26 19:48:45 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\InstallShield 2010-10-25 12:15:50 . 2010-10-25 12:15:50 -------- d-----w- C:\Arquivos de programas\Ipswitch . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-19 11:01:41 . 2008-12-05 18:44:33 2568 --sha-w- C:\Documents and Settings\All Users\Dados de aplicativos\KGyGaAvL.sys 2010-09-29 12:50:34 . 2009-08-20 13:48:21 45472 ----a-w- C:\WINDOWS\system32\drivers\gbpkm.sys 2010-09-15 06:50:37 . 2010-04-05 17:01:43 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll 2010-09-15 04:29:49 . 2008-06-25 17:21:32 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl 2010-09-08 14:17:46 . 2010-09-08 14:17:46 94208 ----a-w- C:\WINDOWS\system32\QuickTimeVR.qtx 2010-09-08 14:17:46 . 2010-09-08 14:17:46 69632 ----a-w- C:\WINDOWS\system32\QuickTime.qts 2010-09-07 14:12:17 . 2010-10-20 19:20:04 38848 ----a-w- C:\WINDOWS\avastSS.scr 2010-09-07 14:11:54 . 2010-10-20 19:20:03 167592 ----a-w- C:\WINDOWS\system32\aswBoot.exe 2010-09-07 13:52:25 . 2010-10-20 19:22:38 46672 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys 2010-09-07 13:52:03 . 2010-10-20 19:22:47 165584 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys 2010-09-07 13:47:46 . 2010-10-20 19:22:44 23376 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys 2010-09-07 13:47:19 . 2010-10-20 19:22:21 100176 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys 2010-09-07 13:47:16 . 2010-10-20 19:22:19 94544 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys 2010-09-07 13:47:07 . 2010-10-20 19:22:50 17744 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys 2010-09-07 13:46:51 . 2010-10-20 19:22:15 28880 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys 2004-10-01 18:00:16 . 2010-05-13 11:18:40 40960 ----a-w- C:\Arquivos de programas\Uninstall_CDS.exe . ((((((((((((((((((((((((((((( SnapShot_2010-11-16_12.03.56 ))))))))))))))))))))))))))))))))))))))))) . + 2010-11-22 10:12:40 . 2010-11-22 10:12:40 16384 C:\WINDOWS\Temp\Perflib_Perfdata_854.dat - 2001-10-28 12:07:18 . 2010-10-29 10:15:57 84872 C:\WINDOWS\system32\perfc016.dat + 2001-10-28 12:07:18 . 2010-11-18 10:02:17 84872 C:\WINDOWS\system32\perfc016.dat - 2001-10-28 12:07:18 . 2010-10-29 10:15:57 73048 C:\WINDOWS\system32\perfc009.dat + 2001-10-28 12:07:18 . 2010-11-18 10:02:17 73048 C:\WINDOWS\system32\perfc009.dat + 2001-10-28 12:07:18 . 2010-11-18 10:02:17 481768 C:\WINDOWS\system32\perfh016.dat - 2001-10-28 12:07:18 . 2010-10-29 10:15:57 481768 C:\WINDOWS\system32\perfh016.dat - 2001-10-28 12:07:18 . 2010-10-29 10:15:57 446006 C:\WINDOWS\system32\perfh009.dat + 2001-10-28 12:07:18 . 2010-11-18 10:02:17 446006 C:\WINDOWS\system32\perfh009.dat . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 12:21:08 153136] "msnmsgr"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 18:44:26 3883840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-10-23 19:18:30 90112] "NeroFilterCheck"="C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2007-03-01 17:57:24 153136] "Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 03:04:34 39792] "GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 13:44:34 31072] "HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 00:34:40 49152] "Document2PDF virtual printer agent"="C:\Arquivos de programas\Document2PDF Sample\d2pdfagent.exe" [2010-01-28 12:33:54 94208] "Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe" [2006-08-16 03:10:55 503808] "QuickTime Task"="C:\Arquivos de programas\QuickTime\QTTask.exe" [2010-09-08 14:17:42 421888] "avast5"="C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2010-09-07 14:12:02 2838912] "SunJavaUpdateSched"="C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-05-14 13:44:46 248552] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45:32 15360] C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\ Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\ HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb] 2010-09-29 12:49:22 342304 ----a-w- C:\Arquivos de programas\GbPlugin\gbieh.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "C:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"= "C:\Arquivos de programas\Microsoft ActiveSync\rapimgr.exe"= C:\Arquivos de programas\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Arquivos de programas\Microsoft ActiveSync\wcescomm.exe"= C:\Arquivos de programas\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Arquivos de programas\Microsoft ActiveSync\WCESMgr.exe"= C:\Arquivos de programas\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Arquivos de programas\\ADPHONE3\\ADPHONE.exe"= "C:\\Arquivos de programas\\EasyPHP\\mysql\\bin\\mysqld-nt.exe"= "C:\\Arquivos de programas\\EasyPHP\\apache\\Apache.exe"= "C:\\Arquivos de programas\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "C:\\Arquivos de programas\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\LimeWire\\LimeWire.exe"= "C:\\Arquivos de programas\\Ares\\Ares.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 GbpKm;Gbp KernelMode;C:\WINDOWS\system32\drivers\gbpkm.sys [20/8/2009 11:48:21 45472] R0 szkg5;szkg;C:\WINDOWS\system32\drivers\SZKG.sys [12/5/2009 15:13:12 61328] R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [20/10/2010 17:22:47 165584] R1 d8a4fef9-85c1-448f-a6f9-2570fb195020;d8a4fef9-85c1-448f-a6f9-2570fb195020;C:\WINDOWS\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys [16/5/2010 10:22:10 3584] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [20/10/2010 17:22:50 17744] R2 GbpSv;Gbp Service;C:\ARQUIV~1\GbPlugin\GbpSv.exe [20/8/2009 11:48:18 55072] R2 MailList Controller;MailList Controller;C:\Arquivos de programas\Arclab\MailList Controller\amlcSVC.exe [11/11/2009 17:52:16 1585152] S2 gupdate;Google Update Service (gupdate);C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [30/12/2009 16:47:46 135664] S2 s;Gbp Service;C:\ARQUIV~1\GbPlugin\GbpSv.exe [20/8/2009 11:48:18 55072] S3 cpuz129;cpuz129;\??\C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys --> C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\cpuz_x32.sys [?] S4 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [18/1/2009 16:05:46 717296] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Conteúdo da pasta 'Tarefas Agendadas' 2010-06-30 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34:12 . 2008-07-30 15:34:12] 2010-11-22 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-30 18:47:46 . 2009-12-30 18:47:10] 2010-11-22 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-30 18:47:46 . 2009-12-30 18:47:10] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.uol.com.br/ mStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: E&xportar para o Microsoft Excel - C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Save Flash - C:\Arquivos de programas\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 IE: Save YouTube Video - C:\Arquivos de programas\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217 DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab FF - ProfilePath - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\wjav1kz9.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.uol.com.br FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - component: C:\Arquivos de programas\Google\Google Gears\Firefox\lib\ff36\gears.dll FF - component: C:\Arquivos de programas\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: C:\Arquivos de programas\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Arquivos de programas\Mozilla Firefox\plugins\npybrowserplus_2.4.17.dll FF - plugin: C:\BrowserPlusPlugins\054b6841520a59bc7df387c379b16986\npybrowserplus_2.9.8.dll FF - plugin: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\plugins\npPxPlay.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional C:\Arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified C:\Arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); C:\Arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-11-22 16:32:12 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_USERS\S-1-5-21-1292428093-329068152-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{19753715-5CA6-E81A-F585-35AE9F7B75DD}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iaegkndhbppjofonfa"=hex:6b,61,69,68,61,65,6f,6d,70,68,68,70,62,66,6b,6c,6c,69, 68,6e,67,6a,00,00 "haodplmmbokgnlim"=hex:6b,61,69,68,61,65,6f,6d,70,68,68,70,62,66,6b,6c,6c,69, 68,6e,67,6a,00,00 . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'winlogon.exe'(660) C:\Arquivos de programas\GbPlugin\gbieh.dll - - - - - - - > 'explorer.exe'(3040) C:\WINDOWS\system32\WININET.dll C:\Arquivos de programas\GbPlugin\gbieh.dll C:\WINDOWS\system32\msi.dll C:\WINDOWS\system32\WPDShServiceObj.dll C:\WINDOWS\system32\PortableDeviceTypes.dll C:\WINDOWS\system32\PortableDeviceApi.dll . Tempo para conclusão: 2010-11-22 16:38:19 ComboFix-quarantined-files.txt 2010-11-22 18:38:15 ComboFix2.txt 2010-11-22 18:08:35 ComboFix3.txt 2010-11-16 12:08:53 ComboFix4.txt 2010-05-31 11:47:00 ComboFix5.txt 2010-11-22 18:16:23 Pré-execução: 31 pasta(s) 19.681.009.664 bytes disponíveis Pós execução: 32 pasta(s) 19.612.516.352 bytes disponíveis Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 157072D83D2AFDF79DFF790825BBC933 ____________________________________________________________________________________________________________ Log DDS DDS (Ver_10-11-10.01) - NTFSx86 Run by Administrador at 16:39:13,79 on seg 22/11/2010 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.176 [GMT -2:00] AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\ARQUIV~1\GbPlugin\GbpSv.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe C:\Arquivos de programas\Document2PDF Sample\d2pdfagent.exe C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe C:\Arquivos de programas\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Google\Update\1.2.183.39\GoogleCrashHandler.exe svchost.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Arquivos de programas\borland\interbase\bin\ibguard.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe c:\arquivos de programas\arclab\maillist controller\amlcSVC.exe c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe C:\Arquivos de programas\borland\interbase\bin\ibserver.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\Arquivos de programas\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe C:\Documents and Settings\Administrador\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.uol.com.br/ mStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com uSearchURL,(Default) = hxxp://www.google.com/keyword/%s BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\arquivos de programas\hp\smart web printing\hpswp_printenhancer.dll BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\arquivos de programas\hp\smart web printing\hpswp_framework.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquivos de programas\microsoft office\office12\GrooveShellExtensions.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - c:\arquivos de programas\gbplugin\gbieh.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\arquivos de programas\google\google gears\internet explorer\0.5.36.0\gears.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: IEButton Class: {f81d52bf-f2f1-4f49-bf5f-05664e803039} - c:\arquivos de programas\unh solutions\flash saving plugin\FlashSButton.dll TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\arquivos de programas\arquivos comuns\ahead\lib\NMBgMonitor.exe" uRun: [H/PC Connection Agent] "c:\arquivos de programas\microsoft activesync\wcescomm.exe" uRun: [msnmsgr] "c:\arquivos de programas\windows live\messenger\msnmsgr.exe" /background mRun: [soundMan] SOUNDMAN.EXE mRun: [NeroFilterCheck] c:\arquivos de programas\arquivos comuns\ahead\lib\NeroCheck.exe mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [GrooveMonitor] "c:\arquivos de programas\microsoft office\office12\GrooveMonitor.exe" mRun: [HP Software Update] c:\arquivos de programas\hp\hp software update\HPWuSchd2.exe mRun: [Document2PDF virtual printer agent] "c:\arquivos de programas\document2pdf sample\d2pdfagent.exe" mRun: [samsung PanelMgr] c:\windows\samsung\panelmgr\ssmmgr.exe /autorun mRun: [QuickTime Task] "c:\arquivos de programas\quicktime\QTTask.exe" -atboottime mRun: [avast5] "c:\arquivos de programas\alwil software\avast5\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "c:\arquivos de programas\arquivos comuns\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\admini~1\menuin~1\progra~1\inicia~1\adobeg~1.lnk - c:\arquivos de programas\arquivos comuns\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\hpdigi~1.lnk - c:\arquivos de programas\hp\digital imaging\bin\hpqtra08.exe IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000 IE: Save Flash - c:\arquivos de programas\unh solutions\flash saving plugin\FlashSButton.dll/210 IE: Save YouTube Video - c:\arquivos de programas\unh solutions\flash saving plugin\FlashSButton.dll/217 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\arquivos de programas\google\google gears\internet explorer\0.5.36.0\gears.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\arquiv~1\mi3aa1~1\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\arquiv~1\mi3aa1~1\INetRepl.dll IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\arquivos de programas\hp\smart web printing\hpswp_extensions.dll IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\arquivos de programas\hp\smart web printing\hpswp_extensions.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1210096320078 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquivos de programas\microsoft office\office12\GrooveSystemServices.dll Notify: GbPluginBb - c:\arquivos de programas\gbplugin\gbieh.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquivos de programas\microsoft office\office12\GrooveShellExtensions.dll SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - c:\arquivos de programas\gbplugin\gbieh.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\admini~1\dadosd~1\mozilla\firefox\profiles\wjav1kz9.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.uol.com.br FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - component: c:\arquivos de programas\google\google gears\firefox\lib\ff36\gears.dll FF - component: c:\arquivos de programas\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\arquivos de programas\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\arquivos de programas\mozilla firefox\plugins\npybrowserplus_2.4.17.dll FF - plugin: c:\browserplusplugins\054b6841520a59bc7df387c379b16986\npybrowserplus_2.9.8.dll FF - plugin: c:\documents and settings\administrador\dados de aplicativos\mozilla\plugins\npPxPlay.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); ============= SERVICES / DRIVERS =============== R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2009-8-20 45472] R0 szkg5;szkg;c:\windows\system32\drivers\SZKG.sys [2009-5-12 61328] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-20 165584] R1 d8a4fef9-85c1-448f-a6f9-2570fb195020;d8a4fef9-85c1-448f-a6f9-2570fb195020;c:\windows\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys [2010-5-16 3584] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-20 17744] R2 avast! Antivirus;avast! Antivirus;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-20 40384] R2 GbpSv;Gbp Service;c:\arquiv~1\gbplugin\GbpSv.exe [2009-8-20 55072] R2 MailList Controller;MailList Controller;c:\arquivos de programas\arclab\maillist controller\amlcSVC.exe [2009-11-11 1585152] S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\google\update\GoogleUpdate.exe [2009-12-30 135664] S2 s;Gbp Service;c:\arquiv~1\gbplugin\GbpSv.exe [2009-8-20 55072] S3 avast! Mail Scanner;avast! Mail Scanner;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-20 40384] S3 avast! Web Scanner;avast! Web Scanner;c:\arquivos de programas\alwil software\avast5\AvastSvc.exe [2010-10-20 40384] S3 cpuz129;cpuz129;\??\c:\docume~1\admini~1\config~1\temp\cpuz_x32.sys --> c:\docume~1\admini~1\config~1\temp\cpuz_x32.sys [?] =============== Created Last 30 ================ 2010-11-22 18:39:13 -------- d-----w- C:\67F.tmp 2010-11-22 11:54:06 -------- d-----w- c:\arquivos de programas\Fotosizer 2010-11-16 12:44:52 -------- d-----w- c:\docume~1\alluse~1\dadosd~1\GlobalSCAPE 2010-10-25 12:15:50 -------- d-----w- c:\arquivos de programas\Ipswitch ==================== Find3M ==================== 2010-11-19 11:01:41 2568 --sha-w- c:\docume~1\alluse~1\dadosd~1\KGyGaAvL.sys 2010-11-08 03:20:24 89088 ----a-w- c:\windows\MBR.exe 2010-09-15 06:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-15 04:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-09-08 14:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-09-08 14:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-09-07 14:12:17 38848 ----a-w- c:\windows\avastSS.scr 2004-10-01 18:00:16 40960 ----a-w- c:\arquivos de programas\Uninstall_CDS.exe ============= FINISH: 16:39:54,00 =============== ___________________________________________________________________________________________________________ Log Attach UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-11-10.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 5/5/2008 14:38:21 System Uptime: 22/11/2010 08:11:30 (8 hours ago) Motherboard: | | K8M800-M2 Processor: AMD Sempron Processor 2600+ | Socket 940 | 1599/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 466 GiB total, 18,296 GiB free. D: is CDROM () F: is FIXED (NTFS) - 932 GiB total, 376,289 GiB free. ==== Disabled Device Manager Items ============= Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia N95 8GB Device ID: ROOT\WPD\0000 Manufacturer: Nokia Name: Nokia N95 8GB PNP Device ID: ROOT\WPD\0000 Service: WUDFRd ==== System Restore Points =================== RP643: 24/8/2010 16:27:21 - Ponto de verificação do sistema RP644: 27/5/2010 15:09:12 - Ponto de verificação do sistema RP645: 2/9/2010 14:10:49 - ComboFix created restore point RP646: 6/8/2010 08:34:52 - Ponto de verificação do sistema RP647: 8/8/2010 11:19:24 - Installed Ulead VideoStudio RP648: 8/8/2010 11:21:55 - Installed QuickTime RP649: 13/5/2010 09:46:05 - Ponto de verificação do sistema RP650: 17/5/2010 08:32:58 - Ponto de verificação do sistema RP651: 20/5/2010 08:29:43 - Ponto de verificação do sistema RP652: 22/9/2010 11:15:18 - Software Distribution Service 3.0 RP653: 23/9/2010 17:49:35 - Driver de impressão Samsung SCX-4200 Series instalado RP654: 23/9/2010 17:51:23 - Installed Application RP655: 23/9/2010 17:53:38 - Instalado SmarThru 4 RP656: 23/9/2010 17:54:42 - Instalado Ponto de Restauração do InstallShield RP657: 24/9/2010 08:50:33 - Removed Nokia Connectivity Cable Driver RP658: 24/9/2010 08:57:14 - Nokia Music removido. RP659: 24/9/2010 09:03:23 - Removido Nokia Home Media Server RP660: 24/9/2010 09:05:02 - Removed Nokia Map Loader. RP661: 24/9/2010 09:06:41 - Nokia Ovi Suite removido. RP662: 24/9/2010 10:23:38 - Removido Adobe Photoshop CS2 RP663: 28/5/2010 10:11:05 - Instalado Adobe Photoshop CS2 RP664: 28/9/2010 10:53:37 - Instalado Adobe Photoshop RP665: 11/10/2010 14:52:07 - Removed SmartFTP Client RP666: 11/10/2010 14:55:12 - Removido Ponto de Restauração do InstallShield RP667: 13/10/2010 11:16:16 - Removed Apple Application Support RP668: 14/10/2010 09:31:20 - Software Distribution Service 3.0 RP669: 15/10/2010 11:25:11 - Removido Adobe Photoshop CS2 RP670: 15/10/2010 11:37:47 - Instalado Adobe Photoshop CS2 RP671: 15/10/2010 11:56:46 - Removido Adobe Photoshop CS2 RP672: 15/10/2010 14:54:00 - Instalado Adobe Photoshop CS2 RP673: 15/10/2010 16:34:45 - Removed Adobe Bridge 1.0 RP674: 15/10/2010 16:36:33 - Installed Adobe Bridge 1.0 RP675: 15/10/2010 17:53:38 - Operação de restauração RP676: 18/10/2010 08:43:04 - Removido Adobe Photoshop CS2 RP677: 18/10/2007 09:25:44 - Instalado Adobe Photoshop CS2 RP678: 18/10/2010 10:03:27 - Instalado Adobe Photoshop RP679: 18/10/2010 10:07:51 - Removed Adobe Bridge 1.0 RP680: 18/10/2010 10:09:58 - Installed Adobe Bridge 1.0 RP681: 18/10/2010 10:12:14 - Installed AUM405Patch RP682: 18/10/2010 11:29:30 - Revo Uninstaller's restore point - Adobe Photoshop CS2 RP683: 18/10/2010 11:33:02 - Removido Adobe Photoshop CS2 RP684: 18/10/2010 11:53:06 - Instalado Adobe Photoshop CS2 RP685: 20/10/2010 08:35:58 - Revo Uninstaller's restore point - avast! Pro Antivirus RP686: 20/10/2010 08:36:25 - avast! Internet Security Setup RP687: 20/10/2010 08:57:33 - avast! Pro Antivirus Setup RP688: 20/10/2010 09:03:01 - Revo Uninstaller's restore point - aTube Catcher RP689: 20/10/2010 09:05:22 - Revo Uninstaller's restore point - STOPzilla RP690: 20/10/2010 09:16:27 - Revo Uninstaller's restore point - avast! Pro Antivirus RP691: 20/10/2010 09:16:51 - avast! Internet Security Setup RP692: 20/10/2010 09:46:35 - Kaspersky Anti-Virus 2010 instalado. RP693: 20/10/2010 16:40:01 - Revo Uninstaller's restore point - Kaspersky Anti-Virus 2010 RP694: 20/10/2010 16:43:54 - Kaspersky Anti-Virus 2010 removido. RP695: 20/10/2010 17:19:32 - avast! Free Antivirus Setup RP696: 28/5/2010 10:43:59 - Ponto de verificação do sistema RP697: 22/10/2010 12:20:53 - Ponto de verificação do sistema RP698: 25/10/2010 08:13:48 - Ponto de verificação do sistema RP699: 25/10/2010 09:00:45 - Revo Uninstaller's restore point - Ipswitch WS_FTP 12 RP700: 25/10/2010 09:01:11 - Removed WS_FTP RP701: 25/10/2010 09:03:33 - Revo Uninstaller's restore point - Ipswitch WS_FTP 12 RP702: 25/10/2010 10:14:47 - Installed WS_FTP RP703: 26/10/2010 08:36:09 - Revo Uninstaller's restore point - Ipswitch WS_FTP 12 RP704: 26/10/2010 08:36:45 - Removed WS_FTP RP705: 26/10/2010 17:49:15 - Installed WS_FTP RP706: 27/10/2010 08:28:53 - Installed WS_FTP RP707: 27/6/2010 12:29:43 - Ponto de verificação do sistema RP708: 28/10/2010 09:35:00 - Ponto de verificação do sistema RP709: 29/10/2010 12:18:08 - Ponto de verificação do sistema RP710: 1/11/2010 12:27:31 - Ponto de verificação do sistema RP711: 3/11/2010 12:18:33 - Ponto de verificação do sistema RP712: 4/11/2010 08:26:50 - Instalado Java 6 Update 22 RP713: 30/6/2010 12:19:48 - Ponto de verificação do sistema RP714: 8/11/2010 12:23:56 - Ponto de verificação do sistema RP715: 25/6/2010 12:28:18 - Ponto de verificação do sistema RP716: 10/11/2010 12:21:12 - Ponto de verificação do sistema RP717: 11/11/2010 08:15:54 - Software Distribution Service 3.0 RP718: 12/11/2010 11:23:39 - Revo Uninstaller's restore point - Google Gears RP719: 12/11/2010 11:35:08 - Revo Uninstaller's restore point - Audacity 1.3.12 (Unicode) RP720: 12/11/2010 11:42:41 - Revo Uninstaller's restore point - Sothink SWF Decompiler RP721: 12/11/2010 11:52:10 - Revo Uninstaller's restore point - Nokia Ovi Application Installer 6.85.3011 RP722: 12/11/2010 11:54:39 - Revo Uninstaller's restore point - Nokia Photos RP723: 12/11/2010 11:56:32 - Nokia Photos removido. RP724: 12/11/2010 11:59:20 - Revo Uninstaller's restore point - Nokia Ovi System Utilities 6.85.3013 RP725: 12/11/2010 14:02:35 - Revo Uninstaller's restore point - Nokia Ovi Content Copier 6.85.3011 RP726: 12/11/2010 14:59:13 - Revo Uninstaller's restore point - Ulead VideoStudio 10 RP727: 12/11/2010 15:00:36 - Removed Ulead VideoStudio RP728: 12/11/2010 15:05:26 - Revo Uninstaller's restore point - Nokia Ovi One Touch Access 6.85.3011 RP729: 12/11/2010 15:08:25 - Revo Uninstaller's restore point - Nokia Software Updater RP730: 12/11/2010 15:09:35 - Removed Nokia Software Updater. RP731: 14/11/2010 13:55:24 - Ponto de verificação do sistema RP732: 16/11/2010 09:45:10 - ComboFix created restore point RP733: 1/7/2010 08:07:05 - Ponto de verificação do sistema RP734: 18/11/2010 09:21:20 - Ponto de verificação do sistema RP735: 19/11/2010 12:16:35 - Ponto de verificação do sistema RP736: 19/11/2010 15:16:48 - Installed Zen Image Resizer RP737: 19/11/2010 15:18:33 - Revo Uninstaller's restore point - Zen Image Resizer RP738: 19/11/2010 15:18:55 - Removed Zen Image Resizer RP739: 22/11/2010 12:17:44 - Ponto de verificação do sistema ==== Installed Programs ====================== #1 DVD Ripper 8.1.1 Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge 1.0 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Common File Installer Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash CS3 Adobe Flash CS3 Professional Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Flash Player 9 ActiveX Adobe Flash Video Encoder Adobe Fonts All Adobe Help Center 1.0 Adobe Help Viewer CS3 Adobe Illustrator CS2 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe PageMaker 7.0 Adobe PDF Library Files Adobe Photoshop CS2 Adobe Reader 8.1.4 - Português Adobe Setup Adobe SING CS3 Adobe Stock Photos 1.0 Adobe Stock Photos CS3 Adobe SVG Viewer 3.0 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 ADPHONE3 Advanced SystemCare 3 AiO_Scan Any Video Converter 3.0.7 Apple Application Support Apple Software Update Ares 2.1.6 Arquivo do WinRAR Assistente de Conexão do Windows Live Atualização de Segurança para o Windows Media Player (KB952069) Atualização de Segurança para o Windows Media Player (KB973540) Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2) Atualização de Segurança para Windows Internet Explorer 7 (KB961260) Atualização de Segurança para Windows Internet Explorer 7 (KB963027) Atualização de Segurança para Windows Internet Explorer 7 (KB969897) Atualização de Segurança para Windows Internet Explorer 7 (KB972260) Atualização de Segurança para Windows XP (KB923561) Atualização de Segurança para Windows XP (KB938464-v2) Atualização de Segurança para Windows XP (KB941569) Atualização de Segurança para Windows XP (KB946648) Atualização de Segurança para Windows XP (KB950760) Atualização de Segurança para Windows XP (KB950762) Atualização de Segurança para Windows XP (KB950974) Atualização de Segurança para Windows XP (KB951066) Atualização de Segurança para Windows XP (KB951376-v2) Atualização de Segurança para Windows XP (KB951698) Atualização de Segurança para Windows XP (KB951748) Atualização de Segurança para Windows XP (KB952004) Atualização de Segurança para Windows XP (KB952954) Atualização de Segurança para Windows XP (KB954600) Atualização de Segurança para Windows XP (KB955069) Atualização de Segurança para Windows XP (KB956572) Atualização de Segurança para Windows XP (KB956802) Atualização de Segurança para Windows XP (KB956803) Atualização de Segurança para Windows XP (KB956841) Atualização de Segurança para Windows XP (KB957097) Atualização de Segurança para Windows XP (KB958644) Atualização de Segurança para Windows XP (KB958687) Atualização de Segurança para Windows XP (KB958690) Atualização de Segurança para Windows XP (KB959426) Atualização de Segurança para Windows XP (KB960225) Atualização de Segurança para Windows XP (KB960715) Atualização de Segurança para Windows XP (KB960803) Atualização de Segurança para Windows XP (KB960859) Atualização de Segurança para Windows XP (KB961371) Atualização de Segurança para Windows XP (KB961373) Atualização de Segurança para Windows XP (KB961501) Atualização de Segurança para Windows XP (KB968537) Atualização de Segurança para Windows XP (KB969898) Atualização de Segurança para Windows XP (KB970238) Atualização de Segurança para Windows XP (KB971557) Atualização de Segurança para Windows XP (KB971633) Atualização de Segurança para Windows XP (KB971657) Atualização de Segurança para Windows XP (KB973346) Atualização de Segurança para Windows XP (KB973354) Atualização de Segurança para Windows XP (KB973507) Atualização de Segurança para Windows XP (KB973869) Atualização para Windows Internet Explorer 7 (KB947518) Atualização para Windows XP (KB955839) Atualização para Windows XP (KB967715) Atualização para Windows XP (KB968389) Atualização para Windows XP (KB973815) avast! Free Antivirus BufferChm Caricature Studio Green 3.6 CCleaner ConvertXtoDVD 4.0.9.322 CoolSMS 2.06 beta CorelDRAW Graphics Suite X4 CorelDRAW Graphics Suite X4 - Capture CorelDRAW Graphics Suite X4 - Content CorelDRAW Graphics Suite X4 - Draw CorelDRAW Graphics Suite X4 - Filters CorelDRAW Graphics Suite X4 - FontNav CorelDRAW Graphics SUite X4 - ICA CorelDRAW Graphics Suite X4 - IPM CorelDRAW Graphics Suite X4 - Lang EN CorelDRAW Graphics Suite X4 - PP CorelDRAW Graphics Suite X4 - VBA CorelDRAW® Graphics Suite X4 CorelDRAW® Graphics Suite X4 - Windows Shell Extension CustomerResearchQFolder CuteFTP 8 Professional DAEMON Tools Toolbar DeviceDiscovery DeviceManagementQFolder Dg Foto Art Gold Trial(Portuguese) dj_sf_software dj_sf_software_req DM3 Contas a Pagar & Receber for Windows DM3 Relatórios 6.2 Document2PDF Pilot 2.16.100 Trial Document2PDF Sample 1.0 DVD Shrink 3.2 DVD Solution EasyPHP 1.6 EAX Unified eMule eSupportQFolder Extensis Mask Pro 3.0 FastDictionary 2007 Ferramenta de Carregamento do Windows Live Flash Saving Plugin Flash Slideshow Maker Pro 5.00 FormatFactory 2.20 Fotosizer 1.29 GameSpy Comrade Google Desktop Google Gears Google Toolbar for Internet Explorer Google Update Helper Guia do Dispositivo do MOTO Q gsm Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB954550-v5) Hotfix para Windows XP (KB943232-v2) Hotfix para Windows XP (KB952287) Hotfix para Windows XP (KB961118) HP Customer Participation Program 9.0 HP Deskjet Printer Driver Software 9.0 HP Image Zone 4.2 HP Imaging Device Functions 9.0 HP Photosmart Essential 2.01 HP Photosmart Essential2.01 HP PSC & OfficeJet 4.2 HP Smart Web Printing HP Solution Center 9.0 HP Update HPProductAssistant HPSSupply Instalação das DLLs no Windows Ipswitch WS_FTP 12 Java Auto Updater Java 6 Update 22 Java 6 Update 6 LimeWire 4.18.8 Macromedia Dreamweaver MX Macromedia Extension Manager Magic ISO Maker v5.4 (build 0256) MailList Controller 7.2 R3 Free Malwarebytes' Anti-Malware MarketResearch Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft ActiveSync Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (Portuguese (Brazil)) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Portuguese (Brazil)) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 Microsoft Office Word MUI (Portuguese (Brazil)) 2007 Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12 Microsoft User-Mode Driver Framework Feature Pack 1.5 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox (3.6.12) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 6 Service Pack 2 (KB954459) Multimedia Launcher NEF Codec Nero 7 Essentials neroxml NETEagle NOD32 FiX v2.1 Nokia Connectivity Cable Driver NVIDIA PhysX v8.07.11 Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) PanoStandAlone PC Connectivity Solution PDF Settings Photo Story Platinum 3.5.0.12 Photodex Presenter PIXresizer 2.0.4 ProShow Gold PSSWCORE QFolder QuickTime Realtek AC'97 Audio RegCure 1.5.1.3 Revo Uninstaller 1.90 Samsung SCX-4200 Series Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2289158) Security Update for 2007 Microsoft Office System (KB2344875) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2345035) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office Outlook 2007 (KB2288953) Security Update for Microsoft Office PowerPoint 2007 (KB982158) Security Update for Microsoft Office PowerPoint Viewer (KB2413381) Security Update for Microsoft Office Publisher 2007 (KB982124) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Segoe UI Shine Video To Audio Converter 3.00 Significado do seu nome SmarThru 4 SmartSound Quicktracks Plugin SolutionCenter Sony DVD Architect 3.0c Spybot - Search & Destroy Status SuperDVD Video Editor 1.8 SWF Opener The Sims 2 Toolbox TrayApp UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office OneNote 2007 (KB980729) Update for Outlook 2007 Junk Email Filter (KB2443839) você 9.0 Runtime VideoToolkit01 Visual Basic for Applications ® Core Visual Basic for Applications ® Core - English Warmonger WebFldrs XP WebReg WinAVI Video Converter Windows Imaging Component Windows Internet Explorer 7 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live OneCare safety scanner Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows XP Service Pack 3 WordPefect Document Converter 5 Yahoo! BrowserPlus 2.9.8 ==== End Of File =========================== Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Dezembro 3, 2010 Olá! Desculpe-me pela extrema demora para responder. Provas de final de ano, sabe como é né? Se dejeja continuar a remoção repita os passos que eu lhe dei no meu último post. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Janeiro 2, 2011 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
