Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
dalibri

Por favor me ajudem ... estou enviando meu log do HijackThis

Recommended Posts

dalibri    0

Não sei o que aconteceu mas peguei os Trojans VanBot-k e Agent-GGM e o Avast não para de achar cada vez mais trojans com nomes diferentes um do outro :( . Queria saber como eu poderia resolver isto. Desde já agredeço.

Ai está o LOG do HijackThis:

Logfile of HijackThis v1.99.1

Scan saved at 22:43:10, on 5/5/2007

Platform: Windows 2000 SP2 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\Explorer.EXE

C:\WINNT\loadqm.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\CDC\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [LoadQM] loadqm.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINNT\System32\Isass.exe

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [MSConfig] D:\Arquivos\Arquivos do Sistema\msconfig.exe /auto

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: Download all links using BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddLink.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177816761984

O20 - AppInit_DLLs: MsgPlusLoader.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Serviço administrativo do gerenciador de disco lógico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

Aguardo a solução.^_^

Compartilhar este post


Link para o post
Compartilhar em outros sites
msayago    2

Olá, Baixe o BankerFix

# Dê um duplo-clique no bankerfix.exe

# Se você está executando ela pela primeira vez, uma mensagem pedindo para confirmar a existência de conexão com a Internet será exibida. Clique em OK.

# Quando o BankerFix estiver instalado, uma mensagem de confirmação irá aparecer. Clique em OK para executá-lo ou Cancelar para sair

# Se você executá-lo, uma janela de texto simples irá aparecer na tela.

# Feche todas as janelas e programas, com exceção do Banker Fix

# Clique na janela do BankerFix e aperte qualquer tecla. O BankerFix faz o resto sozinho

# Você irá receber uma mensagem informando se nenhum problema foi encontrado, se algum problema foi encontrado e solucionado ou se alguns arquivos infectados não puderam ser removidos

Depois "envie" um novo log do Hijack This e o "relatorio.txt" do Banker Fix que está em C:\LinhaDefensiva

Compartilhar este post


Link para o post
Compartilhar em outros sites
dalibri    0
  • Autor do tópico
  • Relatório.txt:

    BankerFix 2.3 - Removedor de Bankers

    Linha Defensiva - http://www.linhadefensiva.org

    http://www.linhadefensiva.org/bankerfix/

    Data: 6/5/2007 - 0:11

    -------------------------------------------------------

    Lista de Definição: 2007-05-04-1

    =======================================================

    Log do FoxFix

    =======================================================

    Iniciando Log do PV

    -----------------------------------

    Killing '*'

    Arquivos a remover

    -----------------------------------

    Arquivos ruins restantes

    -----------------------------------

    Reg Importado

    -----------------------------------

    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    Hijackthis:

    Logfile of HijackThis v1.99.1

    Scan saved at 00:16:35, on 6/5/2007

    Platform: Windows 2000 SP2 (WinNT 5.00.2195)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINNT\System32\smss.exe

    C:\WINNT\system32\winlogon.exe

    C:\WINNT\system32\services.exe

    C:\WINNT\system32\lsass.exe

    C:\WINNT\system32\svchost.exe

    C:\WINNT\system32\spoolsv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

    C:\WINNT\System32\svchost.exe

    C:\WINNT\system32\MSTask.exe

    C:\WINNT\system32\stisvc.exe

    C:\WINNT\System32\WBEM\WinMgmt.exe

    C:\WINNT\Explorer.EXE

    C:\WINNT\loadqm.exe

    C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

    C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

    C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

    C:\Documents and Settings\CDC\Desktop\HijackThis.exe

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

    O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

    O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

    O4 - HKLM\..\Run: [LoadQM] loadqm.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINNT\System32\Isass.exe

    O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

    O4 - HKLM\..\Run: [MSConfig] D:\Arquivos\Arquivos do Sistema\msconfig.exe /auto

    O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

    O8 - Extra context menu item: Download all links using BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddAllLink.htm

    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddVideo.htm

    O8 - Extra context menu item: Download link using &BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddLink.htm

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177816761984

    O20 - AppInit_DLLs: MsgPlusLoader.dll

    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

    O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

    O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

    O23 - Service: Serviço administrativo do gerenciador de disco lógico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    msayago    2

    Olá faça download do KillBox

    Salve numa pasta em C:/

    Abra o KillBox e marque o Delete on Reboot. Insira na caixa Full Path of File to Delete, esta linha:

    C:\WINNT\System32\Isass.exe

    Clique no botão Single File, clique no botão vermelho com o X, e ao perguntar Reboot Now? Confirme.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    dalibri    0
  • Autor do tópico
  • Eu fiz isso que você flou com o lsass.exe e mesmo assim o VanBot-k continua...

    Vou mandar o log atualizado do HijackThis:

    Logfile of HijackThis v1.99.1

    Scan saved at 12:29:10, on 6/5/2007

    Platform: Windows 2000 SP2 (WinNT 5.00.2195)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINNT\System32\smss.exe

    C:\WINNT\system32\winlogon.exe

    C:\WINNT\system32\services.exe

    C:\WINNT\system32\lsass.exe

    C:\WINNT\system32\svchost.exe

    C:\WINNT\system32\spoolsv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

    C:\WINNT\System32\svchost.exe

    C:\WINNT\system32\MSTask.exe

    C:\WINNT\system32\stisvc.exe

    C:\WINNT\System32\WBEM\WinMgmt.exe

    C:\WINNT\Explorer.EXE

    C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

    C:\WINNT\loadqm.exe

    C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

    C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

    C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

    C:\Documents and Settings\CDC\Desktop\HijackThis.exe

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

    O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

    O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

    O4 - HKLM\..\Run: [LoadQM] loadqm.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINNT\System32\Isass.exe

    O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

    O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

    O8 - Extra context menu item: Download all links using BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddAllLink.htm

    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddVideo.htm

    O8 - Extra context menu item: Download link using &BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddLink.htm

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177816761984

    O20 - AppInit_DLLs: MsgPlusLoader.dll

    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

    O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

    O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

    O23 - Service: Serviço administrativo do gerenciador de disco lógico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

    Espero sua resposta.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    msayago    2

    Ele voltou :/, tente de novo com o Banker Fix e o KillBox em modo de segurança.

    Em seguida reinicie em modo normal e poste o log do BankerFix e do Hijack This.

    O arquivo é o C:\WINNT\System32\Isass.exe

    Para entrar em modo de segurança reinicie o pc e fique apertando o botão F8 (ou F5 em alguns casos)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    dalibri    0
  • Autor do tópico
  • Fiz isso q você flou ... ai estão os logs:

    Bankerfix:

    BankerFix 2.3 - Removedor de Bankers

    Linha Defensiva - http://www.linhadefensiva.org

    http://www.linhadefensiva.org/bankerfix/

    Data: 6/5/2007 - 15:27

    -------------------------------------------------------

    Lista de Definição: 2007-05-04-1

    =======================================================

    Log do FoxFix

    =======================================================

    Iniciando Log do PV

    -----------------------------------

    Killing '*'

    Arquivos a remover

    -----------------------------------

    Arquivos ruins restantes

    -----------------------------------

    Reg Importado

    -----------------------------------

    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    HijackThis:

    Logfile of HijackThis v1.99.1

    Scan saved at 15:34:16, on 6/5/2007

    Platform: Windows 2000 SP4 (WinNT 5.00.2195)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINNT\System32\smss.exe

    C:\WINNT\system32\winlogon.exe

    C:\WINNT\system32\services.exe

    C:\WINNT\system32\lsass.exe

    C:\WINNT\system32\svchost.exe

    C:\WINNT\system32\spoolsv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

    C:\WINNT\System32\svchost.exe

    C:\WINNT\system32\stisvc.exe

    C:\WINNT\System32\WBEM\WinMgmt.exe

    C:\WINNT\system32\svchost.exe

    C:\WINNT\Explorer.EXE

    C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

    C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

    C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

    C:\Documents and Settings\CDC\Desktop\HijackThis.exe

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

    O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

    O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

    O4 - HKLM\..\Run: [LoadQM] loadqm.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINNT\System32\Isass.exe

    O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

    O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

    O8 - Extra context menu item: Download all links using BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddAllLink.htm

    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddVideo.htm

    O8 - Extra context menu item: Download link using &BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddLink.htm

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll

    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177816761984

    O20 - AppInit_DLLs: MsgPlusLoader.dll

    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

    O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

    O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

    O23 - Service: Serviço administrativo do gerenciador de disco lógico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

    Estão limpos?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    msayago    2

    Ainda não :/,

    - Baixe o Combofix;

    - Feche todas as janelas abertas e execute a Ferramenta ComboFix.

    Digite a opção para continuar e <ENTER>.

    Não abra, nem feche nenhum programa até terminar o scan. Aguarde pacientemente...

    - Reiniciando em modo normal...

    - Log reservado: C:\ComboFix.txt... Cole-o na sequência.

    E com o Hijack This selecione depois aperte o botão Fix Checked nessa entrada:

    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINNT\System32\Isass.exe

    Mas e o problema com o VanBot-k e Agent-GGM já desapareceu ? o arquivo já poderia ter sido desinfectado.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    dalibri    0
  • Autor do tópico
  • Tem certeza q é Isass e não Lsass? acho q esse Lsass não é vírus não! :confused:

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    dalibri    0
  • Autor do tópico
  • É C:\WINNT\System32\Isass.exe mesmo até você pode procurar no log do Hijack This. E ver aqui mais sobre ele

    Joga no Word pra você ve ... é Lsass (lsass) e não Isass ... e aproveitando ai vai o log do ComboFix:

    "CDC" - Sun 2007-05-06 16:14:50 Service Pack 4

    ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\CDC\Desktop\"

    ((((((((((((((((((((((((((((((( Files Created from 2007-04-06 to 2007-05-06 ))))))))))))))))))))))))))))))))))

    2007-05-06 16:03 <DIR> d-------- C:\kav

    2007-05-06 15:30 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_1f0.dat

    2007-05-06 15:01 98,064 --a------ C:\WINNT\system32\comrepl.dll

    2007-05-06 15:01 972,560 --a------ C:\WINNT\system32\sfcfiles.dll

    2007-05-06 15:01 97,040 --a------ C:\WINNT\system32\clbcatex.dll

    2007-05-06 15:01 96,016 --a------ C:\WINNT\system32\msdtclog.dll

    2007-05-06 15:01 92,432 --a------ C:\WINNT\system32\dnsrslvr.dll

    2007-05-06 15:01 76,048 --a------ C:\WINNT\system32\cryptsvc.dll

    2007-05-06 15:01 69,904 --a------ C:\WINNT\system32\browser.dll

    2007-05-06 15:01 630,544 --a------ C:\WINNT\system32\comuid.dll

    2007-05-06 15:01 61,200 --a------ C:\WINNT\system32\CRYPTNET.DLL

    2007-05-06 15:01 58,128 --a------ C:\WINNT\system32\w32tm.exe

    2007-05-06 15:01 552,720 --a------ C:\WINNT\system32\clbcatq.dll

    2007-05-06 15:01 547,088 --a------ C:\WINNT\system32\CRYPT32.DLL

    2007-05-06 15:01 54,544 --a------ C:\WINNT\system32\mpr.dll

    2007-05-06 15:01 52,496 --a------ C:\WINNT\system32\mtxclu.dll

    2007-05-06 15:01 51,984 --a------ C:\WINNT\system32\w32time.dll

    2007-05-06 15:01 47,888 --a------ C:\WINNT\system32\EVENTLOG.DLL

    2007-05-06 15:01 449,808 --a------ C:\WINNT\system32\rpcrt4.dll

    2007-05-06 15:01 443,152 --a------ C:\WINNT\system32\ipnathlp.dll

    2007-05-06 15:01 41,744 --a------ C:\WINNT\system32\colbact.dll

    2007-05-06 15:01 398,608 --a------ C:\WINNT\system32\txfaux.dll

    2007-05-06 15:01 389,904 --a------ C:\WINNT\system32\USERENV.DLL

    2007-05-06 15:01 371,472 --a------ C:\WINNT\system32\NETLOGON.DLL

    2007-05-06 15:01 37,136 --a------ C:\WINNT\system32\mf3216.dll

    2007-05-06 15:01 35,600 --a------ C:\WINNT\system32\mtxlegih.dll

    2007-05-06 15:01 311,296 --a------ C:\WINNT\system32\winhttp.dll

    2007-05-06 15:01 26,896 --a------ C:\WINNT\system32\mtxdm.dll

    2007-05-06 15:01 257,296 --a------ C:\WINNT\system32\scesrv.dll

    2007-05-06 15:01 247,056 --a------ C:\WINNT\system32\CMD.EXE

    2007-05-06 15:01 240,400 --a------ C:\WINNT\system32\es.dll

    2007-05-06 15:01 210,192 --a------ C:\WINNT\system32\kerberos.dll

    2007-05-06 15:01 18,704 --a------ C:\WINNT\system32\xolehlp.dll

    2007-05-06 15:01 17,168 --a------ C:\WINNT\system32\seclogon.dll

    2007-05-06 15:01 169,232 --a------ C:\WINNT\system32\catsrv.dll

    2007-05-06 15:01 167,184 --a------ C:\WINNT\system32\WINTRUST.DLL

    2007-05-06 15:01 153,872 --a------ C:\WINNT\system32\msdtcui.dll

    2007-05-06 15:01 143,120 --a------ C:\WINNT\system32\SCHANNEL.DLL

    2007-05-06 15:01 116,496 --a------ C:\WINNT\system32\PSBASE.DLL

    2007-05-06 15:01 113,936 --a------ C:\WINNT\system32\scecli.dll

    2007-05-06 15:01 1,813,736 -ra------ C:\WINNT\system32\dtcsetup.exe

    2007-05-06 15:01 1,139,984 --a------ C:\WINNT\system32\msdtctm.dll

    2007-05-06 15:01 1,028,880 --a------ C:\WINNT\system32\ntdsa.dll

    2007-05-06 15:00 831,760 --a------ C:\WINNT\system32\mswdat10.dll

    2007-05-06 15:00 725,776 --a------ C:\WINNT\system32\msdtcprx.dll

    2007-05-06 15:00 614,429 --a------ C:\WINNT\system32\mswstr10.dll

    2007-05-06 15:00 595,728 --a------ C:\WINNT\system32\catsrvut.dll

    2007-05-06 15:00 553,232 --a------ C:\WINNT\system32\msrepl40.dll

    2007-05-06 15:00 53,520 --a------ C:\WINNT\system32\msjter40.dll

    2007-05-06 15:00 512,272 --a------ C:\WINNT\system32\msexch40.dll

    2007-05-06 15:00 422,160 --a------ C:\WINNT\system32\msrd2x40.dll

    2007-05-06 15:00 380,957 --a------ C:\WINNT\system32\expsrv.dll

    2007-05-06 15:00 352,528 --a------ C:\WINNT\system32\msjetoledb40.dll

    2007-05-06 15:00 348,432 --a------ C:\WINNT\system32\mspbde40.dll

    2007-05-06 15:00 319,760 --a------ C:\WINNT\system32\msexcl40.dll

    2007-05-06 15:00 315,664 --a------ C:\WINNT\system32\msrd3x40.dll

    2007-05-06 15:00 30,749 --a------ C:\WINNT\system32\vbajet32.dll

    2007-05-06 15:00 258,320 --a------ C:\WINNT\system32\mstext40.dll

    2007-05-06 15:00 241,936 --a------ C:\WINNT\system32\msjtes40.dll

    2007-05-06 15:00 213,264 --a------ C:\WINNT\system32\msltus40.dll

    2007-05-06 15:00 176,157 --a------ C:\WINNT\system32\msjint40.dll

    2007-05-06 15:00 120,592 --a------ C:\WINNT\system32\mtxoci.dll

    2007-05-06 15:00 1,507,600 --a------ C:\WINNT\system32\msjet40.dll

    2007-05-06 15:00 1,469,200 --a------ C:\WINNT\system32\comsvcs.dll

    2007-05-06 14:59 90,384 --a------ C:\WINNT\system32\psxss.exe

    2007-05-06 14:59 28,432 --a------ C:\WINNT\system32\umandlg.dll

    2007-05-06 14:59 123,392 --a------ C:\WINNT\system32\itss.dll

    2007-05-06 14:59 <DIR> d-------- C:\Arquivos de programas\Common Files

    2007-05-06 14:58 46,352 --a------ C:\WINNT\system32\BASESRV.DLL

    2007-05-06 14:58 359,696 --a------ C:\WINNT\system32\MSGINA.DLL

    2007-05-06 14:58 29,456 --a------ C:\WINNT\system32\VDMDBG.DLL

    2007-05-06 14:58 240,912 --a------ C:\WINNT\system32\wow32.dll

    2007-05-06 14:58 231,184 --a------ C:\WINNT\system32\GDI32.DLL

    2007-05-06 14:58 184,592 --a------ C:\WINNT\system32\WINLOGON.EXE

    2007-05-06 14:58 14,096 --a------ C:\WINNT\system32\ntvdmd.dll

    2007-05-06 14:58 112,912 --a------ C:\WINNT\system32\NETDDE.EXE

    2007-05-06 14:57 581,904 --a------ C:\WINNT\system32\hypertrm.dll

    2007-05-06 14:57 515,344 --a------ C:\WINNT\system32\LSASRV.DLL

    2007-05-06 14:56 68,880 --a------ C:\WINNT\system32\ciodm.dll

    2007-05-06 14:56 68,608 --a------ C:\WINNT\system32\hlink.dll

    2007-05-06 14:56 380,688 --a------ C:\WINNT\system32\USER32.DLL

    2007-05-06 14:55 278,528 --------- C:\WINNT\system32\sp3res.dll

    2007-05-06 14:03 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_1f4.dat

    2007-05-06 13:53 9,216 --------- C:\WINNT\system32\wuauserv.dll

    2007-05-06 13:53 77,584 --------- C:\WINNT\system32\gpresult.exe

    2007-05-06 13:53 6,928 --------- C:\WINNT\system32\perfvd.exe

    2007-05-06 13:53 6,416 --------- C:\WINNT\system32\hccoin.dll

    2007-05-06 13:53 57,296 --a------ C:\WINNT\system32\drivers\irda.sys

    2007-05-06 13:53 55,056 --------- C:\WINNT\system32\authz.dll

    2007-05-06 13:53 52,496 --------- C:\WINNT\system32\wzcdlg.dll

    2007-05-06 13:53 49,776 --------- C:\WINNT\system32\drivers\usbhub20.sys

    2007-05-06 13:53 48,200 --------- C:\WINNT\system32\scrdx86.dll

    2007-05-06 13:53 48,200 --------- C:\WINNT\system32\scrdenrl.dll

    2007-05-06 13:53 45,840 --------- C:\WINNT\system32\msmqprop.exe

    2007-05-06 13:53 39,936 --a------ C:\WINNT\system32\msisip.dll

    2007-05-06 13:53 34,816 --------- C:\WINNT\system32\msiregmv.exe

    2007-05-06 13:53 34,576 --------- C:\WINNT\system32\wzcsetup.exe

    2007-05-06 13:53 29,968 --------- C:\WINNT\system32\wzcsapi.dll

    2007-05-06 13:53 29,184 --a------ C:\WINNT\system32\msxmlr.dll

    2007-05-06 13:53 245,248 --a------ C:\WINNT\system32\qmgr.dll

    2007-05-06 13:53 24,336 --------- C:\WINNT\system32\ftpqfe.exe

    2007-05-06 13:53 20,208 --------- C:\WINNT\system32\drivers\msircomm.sys

    2007-05-06 13:53 196,880 --------- C:\WINNT\system32\wzcsvc.dll

    2007-05-06 13:53 193,024 --------- C:\WINNT\system32\wuaueng.dll

    2007-05-06 13:53 19,728 --------- C:\WINNT\system32\drivers\usbehci.sys

    2007-05-06 13:53 18,704 --------- C:\WINNT\system32\sp4iis.exe

    2007-05-06 13:53 18,432 --a------ C:\WINNT\system32\qmgrprxy.dll

    2007-05-06 13:53 147,216 --a------ C:\WINNT\system32\dssenh.dll

    2007-05-06 13:53 143,872 --------- C:\WINNT\system32\wuauclt.exe

    2007-05-06 13:53 138,288 --------- C:\WINNT\system32\drivers\usbport.sys

    2007-05-06 13:53 134,928 --a------ C:\WINNT\system32\rsaenh.dll

    2007-05-06 13:53 13,072 --------- C:\WINNT\system32\spiisupd.exe

    2007-05-06 13:53 11,984 --------- C:\WINNT\system32\drivers\ndisuio.sys

    2007-05-06 13:53 11,536 --------- C:\WINNT\system32\sptsupd.exe

    2007-05-06 13:53 10,288 --------- C:\WINNT\system32\drivers\irenum.sys

    2007-05-06 13:53 <DIR> d-------- C:\WINNT\system32\ie_de

    2007-05-06 13:53 <DIR> d-------- C:\WINNT\system32\CertSrv

    2007-05-06 13:52 98,304 --a------ C:\WINNT\system32\odbcint.dll

    2007-05-06 13:52 977,680 --a------ C:\WINNT\system32\vfpodbc.dll

    2007-05-06 13:52 97,040 --a------ C:\WINNT\system32\rtm.dll

    2007-05-06 13:52 96,560 --a------ C:\WINNT\system32\sfc.dll

    2007-05-06 13:52 95,504 --a------ C:\WINNT\system32\netman.dll

    2007-05-06 13:52 92,432 --a------ C:\WINNT\system32\xactsrv.dll

    2007-05-06 13:52 90,896 --a------ C:\WINNT\system32\TASKMGR.EXE

    2007-05-06 13:52 90,384 --a------ C:\WINNT\system32\trkwks.dll

    2007-05-06 13:52 89,600 --a------ C:\WINNT\system32\nlhtml.dll

    2007-05-06 13:52 86,800 --a------ C:\WINNT\system32\smlogsvc.exe

    2007-05-06 13:52 83,888 --a------ C:\WINNT\system32\vga.dll

    2007-05-06 13:52 81,680 --a------ C:\WINNT\system32\stobject.dll

    2007-05-06 13:52 80,144 --a------ C:\WINNT\system32\winscard.dll

    2007-05-06 13:52 8,464 --a------ C:\WINNT\system32\wshirda.dll

    2007-05-06 13:52 79,632 --a------ C:\WINNT\system32\ntdskcc.dll

    2007-05-06 13:52 77,584 --a------ C:\WINNT\system32\scripto.dll

    2007-05-06 13:52 77,072 --a------ C:\WINNT\system32\rsvpsp.dll

    2007-05-06 13:52 74,512 --a------ C:\WINNT\system32\wmicore.dll

    2007-05-06 13:52 74,000 --a------ C:\WINNT\system32\netui0.dll

    2007-05-06 13:52 71,440 --a------ C:\WINNT\system32\unimdmat.dll

    2007-05-06 13:52 70,928 --a------ C:\WINNT\system32\olethk32.dll

    2007-05-06 13:52 7,440 --a------ C:\WINNT\system32\svcpack.dll

    2007-05-06 13:52 7,440 --a------ C:\WINNT\system32\sensapi.dll

    2007-05-06 13:52 692,496 --a------ C:\WINNT\system32\OPENGL32.DLL

    2007-05-06 13:52 69,904 --a------ C:\WINNT\system32\ws2_32.dll

    2007-05-06 13:52 69,392 --a------ C:\WINNT\system32\shim.dll

    2007-05-06 13:52 68,368 --a------ C:\WINNT\system32\regsvc.exe

    2007-05-06 13:52 67,344 --a------ C:\WINNT\system32\ntdsetup.dll

    2007-05-06 13:52 65,601 --a------ C:\WINNT\system32\servdeps.dll

    2007-05-06 13:52 63,248 --a------ C:\WINNT\system32\RASSCRPT.DLL

    2007-05-06 13:52 62,736 --a------ C:\WINNT\system32\sstext3d.scr

    2007-05-06 13:52 62,224 --a------ C:\WINNT\system32\stisvc.exe

    2007-05-06 13:52 60,688 --a------ C:\WINNT\system32\RASCHAP.DLL

    2007-05-06 13:52 6,928 --a------ C:\WINNT\system32\skdll.dll

    2007-05-06 13:52 59,152 --a------ C:\WINNT\system32\winfax.dll

    2007-05-06 13:52 58,640 --a------ C:\WINNT\system32\ocmanage.dll

    2007-05-06 13:52 58,128 --a------ C:\WINNT\system32\wlnotify.dll

    2007-05-06 13:52 57,616 --a------ C:\WINNT\system32\odbcji32.dll

    2007-05-06 13:52 57,616 --a------ C:\WINNT\system32\ntdsapi.dll

    2007-05-06 13:52 55,056 --a------ C:\WINNT\system32\tlntsess.exe

    2007-05-06 13:52 53,520 --a------ C:\WINNT\system32\packager.exe

    2007-05-06 13:52 53,520 --a------ C:\WINNT\system32\ntmsapi.dll

    2007-05-06 13:52 481,040 --a------ C:\WINNT\system32\netshell.dll

    2007-05-06 13:52 48,912 --a------ C:\WINNT\system32\secur32.dll

    2007-05-06 13:52 47,888 --a------ C:\WINNT\system32\ssbezier.scr

    2007-05-06 13:52 46,864 --a------ C:\WINNT\system32\rsm.exe

    2007-05-06 13:52 45,840 --a------ C:\WINNT\system32\skeys.exe

    2007-05-06 13:52 448,272 --a------ C:\WINNT\system32\oakley.dll

    2007-05-06 13:52 444,176 --a------ C:\WINNT\system32\oieng400.dll

    2007-05-06 13:52 42,768 --a------ C:\WINNT\system32\webhits.dll

    2007-05-06 13:52 42,256 --a------ C:\WINNT\system32\sti.dll

    2007-05-06 13:52 419,600 --a------ C:\WINNT\system32\ssmaze.scr

    2007-05-06 13:52 41,744 --a------ C:\WINNT\system32\tcpmon.dll

    2007-05-06 13:52 41,744 --a------ C:\WINNT\system32\ssflwbox.scr

    2007-05-06 13:52 41,232 --a------ C:\WINNT\system32\odbcconf.exe

    2007-05-06 13:52 41,232 --a------ C:\WINNT\system32\odbcconf.dll

    2007-05-06 13:52 402,704 --a------ C:\WINNT\system32\ntmssvc.dll

    2007-05-06 13:52 40,720 --a------ C:\WINNT\system32\RESUTILS.DLL

    2007-05-06 13:52 4,368 --a------ C:\WINNT\system32\winver.exe

    2007-05-06 13:52 39,696 --a------ C:\WINNT\system32\wsnmp32.dll

    2007-05-06 13:52 39,184 --a------ C:\WINNT\system32\winsta.dll

    2007-05-06 13:52 39,184 --a------ C:\WINNT\system32\ssmarque.scr

    2007-05-06 13:52 38,160 --a------ C:\WINNT\system32\sens.dll

    2007-05-06 13:52 376,592 --a------ C:\WINNT\system32\tapi3.dll

    2007-05-06 13:52 37,136 --a------ C:\WINNT\system32\ODBCAD32.exe

    2007-05-06 13:52 36,624 --a------ C:\WINNT\system32\ssmyst.scr

    2007-05-06 13:52 36,624 --a------ C:\WINNT\system32\RNR20.DLL

    2007-05-06 13:52 36,112 --a------ C:\WINNT\system32\storprop.dll

    2007-05-06 13:52 36,112 --a------ C:\WINNT\system32\regapi.dll

    2007-05-06 13:52 35,648 --a------ C:\WINNT\system32\ntio411.sys

    2007-05-06 13:52 35,408 --a------ C:\WINNT\system32\ntio412.sys

    2007-05-06 13:52 34,544 --a------ C:\WINNT\system32\ntio804.sys

    2007-05-06 13:52 34,544 --a------ C:\WINNT\system32\ntio404.sys

    2007-05-06 13:52 33,824 --a------ C:\WINNT\system32\NTIO.SYS

    2007-05-06 13:52 33,552 --a------ C:\WINNT\system32\shmgrate.exe

    2007-05-06 13:52 33,040 --a------ C:\WINNT\system32\ssstars.scr

    2007-05-06 13:52 32,016 --a------ C:\WINNT\system32\ntdsatq.dll

    2007-05-06 13:52 315,664 --a------ C:\WINNT\system32\usp10.dll

    2007-05-06 13:52 31,504 --a------ C:\WINNT\system32\traffic.dll

    2007-05-06 13:52 29,968 --a------ C:\WINNT\system32\wpnpinst.exe

    2007-05-06 13:52 29,968 --a------ C:\WINNT\system32\profmap.dll

    2007-05-06 13:52 29,968 --a------ C:\WINNT\system32\perfproc.dll

    2007-05-06 13:52 29,968 --a------ C:\WINNT\system32\ntdsbsrv.dll

    2007-05-06 13:52 289,552 --a------ C:\WINNT\system32\smlogcfg.dll

    2007-05-06 13:52 28,432 --a------ C:\WINNT\system32\scrnsave.scr

    2007-05-06 13:52 28,432 --a------ C:\WINNT\system32\ntdsbcli.dll

    2007-05-06 13:52 28,400 --a------ C:\WINNT\system32\wupdinfo.dll

    2007-05-06 13:52 274,704 --a------ C:\WINNT\winhlp32.exe

    2007-05-06 13:52 270,608 --a------ C:\WINNT\system32\odbcjt32.dll

    2007-05-06 13:52 27,408 --a------ C:\WINNT\system32\NETSTAT.EXE

    2007-05-06 13:52 26,896 --a------ C:\WINNT\system32\utildll.dll

    2007-05-06 13:52 251,664 --a------ C:\WINNT\system32\winsmon.dll

    2007-05-06 13:52 25,360 --a------ C:\WINNT\system32\rsfsaps.dll

    2007-05-06 13:52 25,360 --a------ C:\WINNT\system32\rapilib.dll

    2007-05-06 13:52 25,360 --a------ C:\WINNT\system32\perfdisk.dll

    2007-05-06 13:52 246,544 --a------ C:\WINNT\system32\strmdll.dll

    2007-05-06 13:52 245,520 --a------ C:\WINNT\explorer.exe

    2007-05-06 13:52 24,848 --a------ C:\WINNT\system32\sqlwid.dll

    2007-05-06 13:52 24,848 --a------ C:\WINNT\system32\ODBC32GT.dll

    2007-05-06 13:52 24,336 --a------ C:\WINNT\system32\wsock32.dll

    2007-05-06 13:52 24,336 --a------ C:\WINNT\system32\rpcns4.dll

    2007-05-06 13:52 222,480 --a------ C:\WINNT\system32\osk.exe

    2007-05-06 13:52 22,800 --a------ C:\WINNT\system32\utilman.exe

    2007-05-06 13:52 22,800 --a------ C:\WINNT\system32\routeext.dll

    2007-05-06 13:52 215,312 --a------ C:\WINNT\system32\snmpsnap.dll

    2007-05-06 13:52 215,312 --a------ C:\WINNT\system32\objsel.dll

    2007-05-06 13:52 21,776 --a------ C:\WINNT\system32\sclgntfy.dll

    2007-05-06 13:52 21,264 --a------ C:\WINNT\system32\stimon.exe

    2007-05-06 13:52 200,976 --a------ C:\WINNT\system32\odbccu32.dll

    2007-05-06 13:52 20,752 --a------ C:\WINNT\system32\odtext32.dll

    2007-05-06 13:52 20,752 --a------ C:\WINNT\system32\odpdx32.dll

    2007-05-06 13:52 20,752 --a------ C:\WINNT\system32\odfox32.dll

    2007-05-06 13:52 20,752 --a------ C:\WINNT\system32\odexl32.dll

    2007-05-06 13:52 20,752 --a------ C:\WINNT\system32\oddbse32.dll

    2007-05-06 13:52 198,928 --a------ C:\WINNT\system32\rasppp.dll

    2007-05-06 13:52 197,904 --a------ C:\WINNT\winrep.exe

    2007-05-06 13:52 196,880 --a------ C:\WINNT\system32\odbccr32.dll

    2007-05-06 13:52 187,664 --a------ C:\WINNT\system32\thumbvw.dll

    2007-05-06 13:52 186,640 --a------ C:\WINNT\system32\tlntsvr.exe

    2007-05-06 13:52 18,192 --a------ C:\WINNT\system32\tftp.exe

    2007-05-06 13:52 176,912 --a------ C:\WINNT\system32\rsvp.exe

    2007-05-06 13:52 176,912 --a------ C:\WINNT\system32\netplwiz.dll

    2007-05-06 13:52 174,712 --a------ C:\WINNT\system32\XENROLL.DLL

    2007-05-06 13:52 174,352 --a------ C:\WINNT\system32\ntmsdba.dll

    2007-05-06 13:52 173,328 --a------ C:\WINNT\system32\tapisrv.dll

    2007-05-06 13:52 172,816 --a------ C:\WINNT\system32\ntdsutil.exe

    2007-05-06 13:52 17,680 --a------ C:\WINNT\system32\wshtcpip.dll

    2007-05-06 13:52 17,680 --a------ C:\WINNT\system32\SNMPAPI.DLL

    2007-05-06 13:52 17,680 --a------ C:\WINNT\system32\secedit.exe

    2007-05-06 13:52 164,112 --a------ C:\WINNT\system32\OLEPRO32.DLL

    2007-05-06 13:52 162,576 --a------ C:\WINNT\system32\WLDAP32.DLL

    2007-05-06 13:52 160,016 --a------ C:\WINNT\system32\rasmontr.dll

    2007-05-06 13:52 16,144 --a------ C:\WINNT\system32\version.dll

    2007-05-06 13:52 155,920 --a------ C:\WINNT\system32\wavemsp.dll

    2007-05-06 13:52 155,920 --a------ C:\WINNT\system32\ODBCTRAC.dll

    2007-05-06 13:52 153,360 --a------ C:\WINNT\system32\pdh.dll

    2007-05-06 13:52 15,120 --a------ C:\WINNT\system32\sisbkup.dll

    2007-05-06 13:52 15,120 --a------ C:\WINNT\system32\rsh.exe

    2007-05-06 13:52 147,216 --a------ C:\WINNT\system32\polstore.dll

    2007-05-06 13:52 143,120 --a------ C:\WINNT\system32\regedt32.exe

    2007-05-06 13:52 14,608 --a------ C:\WINNT\system32\uniplat.dll

    2007-05-06 13:52 14,608 --a------ C:\WINNT\system32\RASSAPI.DLL

    2007-05-06 13:52 138,000 --a------ C:\WINNT\system32\ss3dfo.scr

    2007-05-06 13:52 13,584 --a------ C:\WINNT\system32\powrprof.dll

    2007-05-06 13:52 13,072 --a------ C:\WINNT\system32\tcpmib.dll

    2007-05-06 13:52 126,736 --a------ C:\WINNT\system32\TAPI32.DLL

    2007-05-06 13:52 115,472 --a------ C:\WINNT\system32\newdev.dll

    2007-05-06 13:52 114,448 --a------ C:\WINNT\system32\polagent.dll

    2007-05-06 13:52 110,080 --a------ C:\WINNT\system32\offfilt.dll

    2007-05-06 13:52 11,536 --a------ C:\WINNT\system32\usbmon.dll

    2007-05-06 13:52 11,024 --a------ C:\WINNT\system32\REGSVR32.EXE

    2007-05-06 13:52 108,304 --a------ C:\WINNT\system32\sndrec32.exe

    2007-05-06 13:52 108,304 --a------ C:\WINNT\system32\rsnotify.exe

    2007-05-06 13:52 108,304 --a------ C:\WINNT\system32\oleprn.dll

    2007-05-06 13:52 105,232 --a------ C:\WINNT\system32\rend.dll

    2007-05-06 13:52 103,184 --a------ C:\WINNT\system32\NTMARTA.DLL

    2007-05-06 13:52 102,160 --a------ C:\WINNT\system32\sspipes.scr

    2007-05-06 13:52 101,136 --a------ C:\WINNT\system32\rastls.dll

    2007-05-06 13:52 10,752 --a------ C:\WINNT\hh.exe

    2007-05-06 13:52 10,512 --a------ C:\WINNT\system32\runas.exe

    2007-05-06 13:52 10,000 --a------ C:\WINNT\system32\wshatm.dll

    2007-05-06 13:52 1,431,312 --a------ C:\WINNT\system32\query.dll

    2007-05-06 13:51 97,040 --a------ C:\WINNT\system32\iasrad.dll

    2007-05-06 13:51 96,528 --a------ C:\WINNT\system32\imm32.dll

    2007-05-06 13:51 95,504 --a------ C:\WINNT\system32\FAXSVC.EXE

    2007-05-06 13:51 94,992 --a------ C:\WINNT\system32\faxadmin.dll

    2007-05-06 13:51 92,944 --a------ C:\WINNT\system32\dskquota.dll

    2007-05-06 13:51 92,032 --a------ C:\WINNT\system32\KRNL386.EXE

    2007-05-06 13:51 847,872 --a------ C:\WINNT\system32\msimsg.dll

    2007-05-06 13:51 843,024 --a------ C:\WINNT\system32\mmcndmgr.dll

    2007-05-06 13:51 82,704 --a------ C:\WINNT\system32\cmnquery.dll

    2007-05-06 13:51 80,656 --a------ C:\WINNT\system32\faxcom.dll

    2007-05-06 13:51 8,976 --a------ C:\WINNT\system32\autolfn.exe

    2007-05-06 13:51 79,120 --a------ C:\WINNT\system32\avifil32.dll

    2007-05-06 13:51 78,608 --a------ C:\WINNT\system32\msw3prt.dll

    2007-05-06 13:51 78,608 --a------ C:\WINNT\system32\hotplug.dll

    2007-05-06 13:51 76,048 --a------ C:\WINNT\system32\mdhcp.dll

    2007-05-06 13:51 75,536 --a------ C:\WINNT\system32\iasads.dll

    2007-05-06 13:51 74,810 --a------ C:\WINNT\system32\atl.dll

    2007-05-06 13:51 74,512 --a------ C:\WINNT\system32\isign32.dll

    2007-05-06 13:51 74,512 --a------ C:\WINNT\system32\irmon.dll

    2007-05-06 13:51 74,512 --a------ C:\WINNT\system32\dsauth.dll

    2007-05-06 13:51 7,440 --a------ C:\WINNT\system32\msswchx.exe

    2007-05-06 13:51 7,440 --a------ C:\WINNT\system32\control.exe

    2007-05-06 13:51 69,904 --a------ C:\WINNT\system32\mprddm.dll

    2007-05-06 13:51 68,880 --a------ C:\WINNT\system32\LOADPERF.DLL

    2007-05-06 13:51 67,344 --a------ C:\WINNT\system32\inetpp.dll

    2007-05-06 13:51 66,832 --a------ C:\WINNT\system32\mswsock.dll

    2007-05-06 13:51 64,512 --a------ C:\WINNT\system32\msiexec.exe

    2007-05-06 13:51 62,224 --a------ C:\WINNT\system32\dfrgfat.exe

    2007-05-06 13:51 605,456 --a------ C:\WINNT\system32\mmc.exe

    2007-05-06 13:51 60,688 --a------ C:\WINNT\system32\iassvcs.dll

    2007-05-06 13:51 60,176 --a------ C:\WINNT\system32\iasnap.dll

    2007-05-06 13:51 57,616 --a------ C:\WINNT\system32\mydocs.dll

    2007-05-06 13:51 56,080 --a------ C:\WINNT\system32\mprui.dll

    2007-05-06 13:51 552,720 --a------ C:\WINNT\system32\netcfgx.dll

    2007-05-06 13:51 55,568 --a------ C:\WINNT\system32\esentutl.exe

    2007-05-06 13:51 55,568 --a------ C:\WINNT\system32\CLUSAPI.DLL

    2007-05-06 13:51 52,516 --a------ C:\WINNT\system32\command.com

    2007-05-06 13:51 514,320 --a------ C:\WINNT\system32\msxml.dll

    2007-05-06 13:51 51,472 --a------ C:\WINNT\system32\fdeploy.dll

    2007-05-06 13:51 50,448 --a------ C:\WINNT\system32\ixsso.dll

    2007-05-06 13:51 5,904 --a------ C:\WINNT\system32\dllhst3g.exe

    2007-05-06 13:51 499,229 --a------ C:\WINNT\system32\dxmasf.dll

    2007-05-06 13:51 48,400 --a------ C:\WINNT\system32\loghours.dll

    2007-05-06 13:51 47,376 --a------ C:\WINNT\system32\mprdim.dll

    2007-05-06 13:51 47,376 --a------ C:\WINNT\system32\dmutil.dll

    2007-05-06 13:51 47,104 --a------ C:\WINNT\system32\MSPRIVS.DLL

    2007-05-06 13:51 46,352 --a------ C:\WINNT\system32\cmstp.exe

    2007-05-06 13:51 44,304 --a------ C:\WINNT\system32\magnify.exe

    2007-05-06 13:51 44,304 --a------ C:\WINNT\system32\cryptdll.dll

    2007-05-06 13:51 426,768 --a------ C:\WINNT\system32\certmgr.dll

    2007-05-06 13:51 42,809 --a------ C:\WINNT\system32\key01.sys

    2007-05-06 13:51 42,768 --a------ C:\WINNT\system32\dfrgsnap.dll

    2007-05-06 13:51 42,537 --a------ C:\WINNT\system32\KEYBOARD.SYS

    2007-05-06 13:51 42,256 --a------ C:\WINNT\system32\dsfolder.dll

    2007-05-06 13:51 402,704 --a------ C:\WINNT\system32\cdonts.dll

    2007-05-06 13:51 4,880 --a------ C:\WINNT\system32\NDDEAPIR.EXE

    2007-05-06 13:51 4,368 --a------ C:\WINNT\system32\IPROP.DLL

    2007-05-06 13:51 4,126 --a------ C:\WINNT\system32\msdxmlc.dll

    2007-05-06 13:51 374,032 --a------ C:\WINNT\system32\JET500.DLL

    2007-05-06 13:51 37,888 --a------ C:\WINNT\system32\hhsetup.dll

    2007-05-06 13:51 36,624 --a------ C:\WINNT\system32\cipher.exe

    2007-05-06 13:51 35,088 --a------ C:\WINNT\system32\MSSIGN32.DLL

    2007-05-06 13:51 33,040 --a------ C:\WINNT\system32\dbmsspxn.dll

    2007-05-06 13:51 33,040 --a------ C:\WINNT\system32\dbmsadsn.dll

    2007-05-06 13:51 325,904 --a------ C:\WINNT\system32\dhcpmon.dll

    2007-05-06 13:51 316,176 --a------ C:\WINNT\system32\dmconfig.dll

    2007-05-06 13:51 31,504 --a------ C:\WINNT\system32\atmlib.dll

    2007-05-06 13:51 307,472 --a------ C:\WINNT\system32\gpedit.dll

    2007-05-06 13:51 305,664 --a------ C:\WINNT\system32\msihnd.dll

    2007-05-06 13:51 304,912 --a------ C:\WINNT\system32\dsprop.dll

    2007-05-06 13:51 3,856 --a------ C:\WINNT\system32\COMCAT.DLL

    2007-05-06 13:51 299,792 --a------ C:\WINNT\system32\filemgmt.dll

    2007-05-06 13:51 291,888 --a------ C:\WINNT\system32\atmfd.dll

    2007-05-06 13:51 29,456 --a------ C:\WINNT\system32\INETMIB1.DLL

    2007-05-06 13:51 29,456 --a------ C:\WINNT\system32\dssec.dll

    2007-05-06 13:51 28,944 --a------ C:\WINNT\system32\iasacct.dll

    2007-05-06 13:51 27,408 --a------ C:\WINNT\system32\findstr.exe

    2007-05-06 13:51 269,584 --a------ C:\WINNT\system32\iassdo.dll

    2007-05-06 13:51 267,536 --a------ C:\WINNT\system32\dxmrtp.dll

    2007-05-06 13:51 25,872 --a------ C:\WINNT\system32\narrator.exe

    2007-05-06 13:51 25,872 --a------ C:\WINNT\system32\LODCTR.EXE

    2007-05-06 13:51 25,872 --a------ C:\WINNT\system32\conime.exe

    2007-05-06 13:51 246,032 --a------ C:\WINNT\system32\localsec.dll

    2007-05-06 13:51 246,032 --a------ C:\WINNT\system32\cscui.dll

    2007-05-06 13:51 245,008 --a------ C:\WINNT\system32\icm32.dll

    2007-05-06 13:51 24,848 --a------ C:\WINNT\system32\msdart32.dll

    2007-05-06 13:51 24,848 --a------ C:\WINNT\system32\ds32gt.dll

    2007-05-06 13:51 24,336 --a------ C:\WINNT\system32\at.exe

    2007-05-06 13:51 236,304 --a------ C:\WINNT\system32\msclus.dll

    2007-05-06 13:51 229,648 --a------ C:\WINNT\system32\avtapi.dll

    2007-05-06 13:51 228,112 --a------ C:\WINNT\system32\devmgr.dll

    2007-05-06 13:51 22,800 --a------ C:\WINNT\system32\dfsshlex.dll

    2007-05-06 13:51 22,288 --a------ C:\WINNT\system32\cmutil.dll

    2007-05-06 13:51 219,920 --a------ C:\WINNT\system32\confmsp.dll

    2007-05-06 13:51 21,776 --a------ C:\WINNT\system32\HTICONS.DLL

    2007-05-06 13:51 206,096 --a------ C:\WINNT\system32\infosoft.dll

    2007-05-06 13:51 202,512 --a------ C:\WINNT\system32\FONTEXT.DLL

    2007-05-06 13:51 20,752 --a------ C:\WINNT\system32\iasperf.dll

    2007-05-06 13:51 20,752 --a------ C:\WINNT\system32\batmeter.dll

    2007-05-06 13:51 20,240 --a------ C:\WINNT\system32\lpk.dll

    2007-05-06 13:51 2,531,088 --a------ C:\WINNT\system32\cdosys.dll

    2007-05-06 13:51 2,017,792 --a------ C:\WINNT\system32\msi.dll

    2007-05-06 13:51 197,392 --a------ C:\WINNT\system32\cmdial32.dll

    2007-05-06 13:51 19,728 --a------ C:\WINNT\system32\mimefilt.dll

    2007-05-06 13:51 188,688 --a------ C:\WINNT\system32\eudcedit.exe

    2007-05-06 13:51 185,616 --a------ C:\WINNT\system32\faxt30.dll

    2007-05-06 13:51 18,432 --a------ C:\WINNT\system32\cdm.dll

    2007-05-06 13:51 18,192 --a------ C:\WINNT\system32\hid.dll

    2007-05-06 13:51 174,864 --a------ C:\WINNT\system32\dmdlgs.dll

    2007-05-06 13:51 170,256 --a------ C:\WINNT\system32\mobsync.dll

    2007-05-06 13:51 163,903 --a------ C:\WINNT\system32\cmprops.dll

    2007-05-06 13:51 163,600 --a------ C:\WINNT\system32\dmdskmgr.dll

    2007-05-06 13:51 163,088 --a------ C:\WINNT\system32\h323msp.dll

    2007-05-06 13:51 160,016 --a------ C:\WINNT\system32\msorcl32.dll

    2007-05-06 13:51 160,016 --a------ C:\WINNT\system32\els.dll

    2007-05-06 13:51 16,656 --a------ C:\WINNT\system32\NDDEAPI.DLL

    2007-05-06 13:51 16,144 --a------ C:\WINNT\system32\diskcopy.dll

    2007-05-06 13:51 159,504 --a------ C:\WINNT\system32\iprtrmgr.dll

    2007-05-06 13:51 158,992 --a------ C:\WINNT\system32\dsquery.dll

    2007-05-06 13:51 157,968 --a------ C:\WINNT\system32\ciadmin.dll

    2007-05-06 13:51 15,120 --a------ C:\WINNT\system32\faxdrv.dll

    2007-05-06 13:51 15,120 --a------ C:\WINNT\system32\diskperf.exe

    2007-05-06 13:51 149,264 --a------ C:\WINNT\system32\dskquoui.dll

    2007-05-06 13:51 147,728 --a------ C:\WINNT\system32\dmadmin.exe

    2007-05-06 13:51 143,632 --a------ C:\WINNT\system32\ASYCFILT.DLL

    2007-05-06 13:51 140,560 --a------ C:\WINNT\system32\faxui.dll

    2007-05-06 13:51 14,608 --a------ C:\WINNT\system32\msswch.dll

    2007-05-06 13:51 14,608 --a------ C:\WINNT\system32\atkctrs.dll

    2007-05-06 13:51 14,336 --a------ C:\WINNT\system32\mscpxl32.dLL

    2007-05-06 13:51 138,000 --a------ C:\WINNT\system32\INITPKI.DLL

    2007-05-06 13:51 136,976 --a------ C:\WINNT\system32\certcli.dll

    2007-05-06 13:51 133,120 --a------ C:\WINNT\system32\dmdskres.dll

    2007-05-06 13:51 132,368 --a------ C:\WINNT\system32\netid.dll

    2007-05-06 13:51 130,832 --a------ C:\WINNT\system32\logon.scr

    2007-05-06 13:51 130,832 --a------ C:\WINNT\system32\CLUSTER.EXE

    2007-05-06 13:51 130,832 --a------ C:\WINNT\system32\capesnpn.dll

    2007-05-06 13:51 13,072 --a------ C:\WINNT\system32\dmintf.dll

    2007-05-06 13:51 13,072 --a------ C:\WINNT\system32\CHKNTFS.EXE

    2007-05-06 13:51 124,176 --a------ C:\WINNT\system32\net1.exe

    2007-05-06 13:51 122,640 --a------ C:\WINNT\system32\idq.dll

    2007-05-06 13:51 12,048 --a------ C:\WINNT\system32\dmserver.dll

    2007-05-06 13:51 119,056 --a------ C:\WINNT\system32\gptext.dll

    2007-05-06 13:51 117,520 --a------ C:\WINNT\system32\msvfw32.dll

    2007-05-06 13:51 117,008 --a------ C:\WINNT\system32\DCOMCNFG.EXE

    2007-05-06 13:51 111,888 --a------ C:\WINNT\system32\mobsync.exe

    2007-05-06 13:51 110,864 --a------ C:\WINNT\system32\mycomput.dll

    2007-05-06 13:51 110,864 --a------ C:\WINNT\system32\dsuiext.dll

    2007-05-06 13:51 11,024 --a------ C:\WINNT\system32\msrle32.dll

    2007-05-06 13:51 108,816 --a------ C:\WINNT\system32\msafd.dll

    2007-05-06 13:51 103,184 --a------ C:\WINNT\system32\mdminst.dll

    2007-05-06 13:51 101,648 --a------ C:\WINNT\system32\cscdll.dll

    2007-05-06 13:51 100,624 --a------ C:\WINNT\system32\iassam.dll

    2007-05-06 13:51 100,112 --a------ C:\WINNT\system32\modemui.dll

    2007-05-06 13:51 10,512 --a------ C:\WINNT\system32\dmremote.exe

    2007-05-06 13:51 10,000 --a------ C:\WINNT\system32\lz32.dll

    2007-05-06 13:51 1,385,744 --a------ C:\WINNT\system32\MSVBVM60.DLL

    2007-05-06 13:51 1,135,376 --a------ C:\WINNT\system32\esent.dll

    2007-05-06 13:51 1,015,859 --a------ C:\WINNT\system32\mfc42.dll

    2007-05-06 13:51 1,011,764 --a------ C:\WINNT\system32\mfc42u.dll

    2007-05-06 13:50 79,120 --a------ C:\WINNT\system32\aclui.dll

    2007-05-06 13:50 62,736 --a------ C:\WINNT\system32\adsmsext.dll

    2007-05-06 13:50 226,576 --a------ C:\WINNT\system32\appmgr.dll

    2007-05-06 13:50 201,488 --a------ C:\WINNT\system32\adsnt.dll

    2007-05-06 13:50 182,544 --a------ C:\WINNT\system32\activeds.dll

    2007-05-06 13:50 164,624 --a------ C:\WINNT\system32\adsnds.dll

    2007-05-06 13:50 154,896 --a------ C:\WINNT\system32\accwiz.exe

    2007-05-06 13:50 133,904 --a------ C:\WINNT\system32\adsldpc.dll

    2007-05-06 13:50 125,712 --a------ C:\WINNT\system32\adsldp.dll

    2007-05-06 13:50 122,640 --a------ C:\WINNT\system32\appmgmts.dll

    2007-05-06 13:50 112,400 --a------ C:\WINNT\system32\adsnw.dll

    2007-05-06 11:38 <DIR> d-------- C:\IE6SP1

    2007-05-06 00:03 <DIR> d-------- C:\LinhaDefensiva

    2007-05-05 22:32 <DIR> d-------- C:\WINNT\system32\Kaspersky Lab

    2007-05-05 21:25 <DIR> d-------- C:\!KillBox

    2007-05-04 15:52 <DIR> d-------- C:\DOCUME~1\CDC\DADOSD~1\Lavasoft

    2007-05-04 13:58 <DIR> d-------- C:\DOCUME~1\CDC\DADOSD~1\Help

    2007-05-03 20:39 <DIR> d-------- C:\DOCUME~1\CDC\DADOSD~1\ArcSoft

    2007-05-03 19:53 <DIR> d-------- C:\DOCUME~1\CDC\DADOSD~1\EPSON

    2007-05-03 18:56 <DIR> d-------- C:\Arquivos de programas\ABBYY FineReader 6.0 Sprint

    2007-05-03 18:55 11,776 --a------ C:\WINNT\system32\drivers\afc.sys

    2007-05-03 18:53 77,824 --a------ C:\WINNT\system32\PICEntry.dll

    2007-05-03 18:53 73,728 --a------ C:\WINNT\system32\PICSDK.dll

    2007-05-03 18:53 73,220 --a------ C:\WINNT\system32\EPPICPrinterDB.dat

    2007-05-03 18:53 495,616 --a------ C:\WINNT\system32\PICSDK2.dll

    2007-05-03 18:53 45,056 --a------ C:\WINNT\system32\EpPicPrt.dll

    2007-05-03 18:53 45,056 --a------ C:\WINNT\system32\EpPicMgr.dll

    2007-05-03 18:53 4,943 --a------ C:\WINNT\system32\EPPICPattern6.dat

    2007-05-03 18:53 31,053 --a------ C:\WINNT\system32\EPPICPattern131.dat

    2007-05-03 18:53 29,114 --a------ C:\WINNT\system32\EPPICPattern1.dat

    2007-05-03 18:53 27,417 --a------ C:\WINNT\system32\EPPICPattern121.dat

    2007-05-03 18:53 212,480 --a------ C:\WINNT\PCDLIB32.DLL

    2007-05-03 18:53 21,021 --a------ C:\WINNT\system32\EPPICPattern3.dat

    2007-05-03 18:53 15,670 --a------ C:\WINNT\system32\EPPICPattern5.dat

    2007-05-03 18:53 13,280 --a------ C:\WINNT\system32\EPPICPattern2.dat

    2007-05-03 18:53 10,673 --a------ C:\WINNT\system32\EPPICPattern4.dat

    2007-05-03 18:53 1,140 --a------ C:\WINNT\system32\EPPICPresetData_PT.dat

    2007-05-03 18:53 1,140 --a------ C:\WINNT\system32\EPPICPresetData_BP.dat

    2007-05-03 18:53 1,137 --a------ C:\WINNT\system32\EPPICPresetData_ES.dat

    2007-05-03 18:53 1,130 --a------ C:\WINNT\system32\EPPICPresetData_FR.dat

    2007-05-03 18:53 1,130 --a------ C:\WINNT\system32\EPPICPresetData_CF.dat

    2007-05-03 18:53 1,104 --a------ C:\WINNT\system32\EPPICPresetData_EN.dat

    2007-05-03 18:53 <DIR> d-------- C:\Arquivos de programas\ArcSoft

    2007-05-03 18:52 82,940 --a------ C:\WINNT\system32\E_FLMBVL.DLL

    2007-05-03 18:52 64,000 --a------ C:\WINNT\system32\E_FBCBBVL.DLL

    2007-05-03 18:52 34,304 --a------ C:\WINNT\system32\E_FBCHBVL.DLL

    2007-05-03 18:51 53,248 --a------ C:\WINNT\system32\essiscnb.dll

    2007-05-03 18:51 21,872 --a------ C:\WINNT\system32\drivers\usbprint.sys

    2007-05-03 18:51 12,592 --a------ C:\WINNT\system32\drivers\usbscan.sys

    2007-05-03 18:47 <DIR> d-------- C:\Arquivos de programas\epson

    2007-05-03 13:51 499,712 --a------ C:\WINNT\system32\MSVCP71.dll

    2007-05-03 13:51 348,160 --a------ C:\WINNT\system32\MSVCR71.dll

    2007-05-03 13:51 1,060,864 --a--c--- C:\WINNT\system32\MFC71.dll

    2007-05-03 13:51 <DIR> d-------- C:\Arquivos de programas\Alwil Software

    2007-05-03 10:59 1,364,992 --a------ C:\WINNT\system32\winlolp.exe

    2007-05-01 20:53 <DIR> d-------- C:\Arquivos de programas\Google

    2007-04-29 22:42 <DIR> d-------- C:\DOCUME~1\CDC\DADOSD~1\AdobeUM

    2007-04-29 16:43 <DIR> d-------- C:\WINNT\system32\Macromed

    2007-04-29 16:23 32,768 --a------ C:\WINNT\system32\drivers\sisnic2k.sys

    2007-04-29 16:23 <DIR> d-------- C:\WINNT\SiS

    2007-04-29 15:37 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Messenger Plus!

    2007-04-29 00:53 208,896 --a------ C:\WINNT\system32\wmpns.dll

    2007-04-29 00:53 <DIR> d-------- C:\WINNT\Cache

    2007-04-29 00:52 <DIR> d-------- C:\WINNT\ime

    2007-04-29 00:47 <DIR> d-------- C:\WINNT\ServicePackFiles

    2007-04-29 00:42 3,856 --------- C:\WINNT\system32\SVCPACK1.DLL

    2007-04-29 00:41 97,552 --a------ C:\WINNT\system32\WIN32SPL.DLL

    2007-04-29 00:41 96,528 --a------ C:\WINNT\system32\WKSSVC.DLL

    2007-04-29 00:41 171,792 --a------ C:\WINNT\system32\wjview.exe

    2007-04-29 00:40 73,872 --a------ C:\WINNT\system32\drivers\wdmaud.sys

    2007-04-29 00:39 512,272 --a------ C:\WINNT\system32\NTDLL.DLL

    2007-04-29 00:39 50,640 --a------ C:\WINNT\system32\drivers\videoprt.sys

    2007-04-29 00:39 40,176 --a------ C:\WINNT\system32\drivers\usbhub.sys

    2007-04-29 00:39 321,296 --a------ C:\WINNT\system32\UNTFS.DLL

    2007-04-29 00:39 287,504 --a------ C:\WINNT\system32\vmhelper.dll

    2007-04-29 00:39 245,008 --a------ C:\WINNT\system32\WINSRV.DLL

    2007-04-29 00:39 20,688 --a------ C:\WINNT\system32\drivers\usbd.sys

    2007-04-29 00:39 173,232 --a------ C:\WINNT\system32\drivers\UPDATE.SYS

    2007-04-29 00:39 17,680 --a------ C:\WINNT\system32\USERINIT.EXE

    2007-04-29 00:39 1,633,808 --a------ C:\WINNT\system32\WIN32K.SYS

    2007-04-29 00:38 83,728 --a------ C:\WINNT\system32\srvsvc.dll

    2007-04-29 00:38 83,216 --a------ C:\WINNT\system32\UFAT.DLL

    2007-04-29 00:38 62,672 --a------ C:\WINNT\system32\drivers\udfs.sys

    2007-04-29 00:38 53,552 --a------ C:\WINNT\system32\drivers\swmidi.sys

    2007-04-29 00:38 519,952 --a------ C:\WINNT\system32\SYSSETUP.DLL

    2007-04-29 00:38 49,424 --a------ C:\WINNT\system32\sqlwoa.dll

    2007-04-29 00:38 47,568 --a------ C:\WINNT\system32\drivers\sysaudio.sys

    2007-04-29 00:38 45,840 --a------ C:\WINNT\system32\SMSS.EXE

    2007-04-29 00:38 332,144 --a------ C:\WINNT\system32\drivers\tcpip.sys

    2007-04-29 00:38 288,016 --a------ C:\WINNT\system32\ULIB.DLL

    2007-04-29 00:38 238,928 --a------ C:\WINNT\system32\drivers\SRV.SYS

    2007-04-29 00:38 22,064 --a------ C:\WINNT\system32\drivers\sonydcam.sys

    2007-04-29 00:38 16,240 --a------ C:\WINNT\system32\drivers\tdi.sys

    2007-04-29 00:38 119,056 --a------ C:\WINNT\system32\sqlstr.dll

    2007-04-29 00:38 10,000 --a------ C:\WINNT\system32\subst.exe

    2007-04-29 00:37 89,360 --a------ C:\WINNT\system32\SERVICES.EXE

    2007-04-29 00:37 8,464 --a------ C:\WINNT\system32\RECOVER.EXE

    2007-04-29 00:37 74,192 --a------ C:\WINNT\system32\drivers\SCSIPORT.SYS

    2007-04-29 00:37 68,368 --a------ C:\WINNT\system32\SAVEDUMP.EXE

    2007-04-29 00:37 63,728 --a------ C:\WINNT\system32\drivers\serial.sys

    2007-04-29 00:37 60,496 --a------ C:\WINNT\system32\drivers\psched.sys

    2007-04-29 00:37 576,784 --a------ C:\WINNT\system32\SETUPAPI.DLL

    2007-04-29 00:37 56,080 --a------ C:\WINNT\system32\RASMAN.DLL

    2007-04-29 00:37 542,480 --a------ C:\WINNT\system32\RASDLG.DLL

    2007-04-29 00:37 54,032 --a------ C:\WINNT\system32\rastapi.dll

    2007-04-29 00:37 49,936 --a------ C:\WINNT\system32\samlib.dll

    2007-04-29 00:37 391,440 --a------ C:\WINNT\system32\SAMSRV.DLL

    2007-04-29 00:37 391,440 --a------ C:\WINNT\system32\PRINTUI.DLL

    2007-04-29 00:37 197,392 --a------ C:\WINNT\system32\RASAPI32.DLL

    2007-04-29 00:37 19,920 --a------ C:\WINNT\system32\drivers\rasirda.sys

    2007-04-29 00:37 170,512 --a------ C:\WINNT\system32\drivers\rdbss.sys

    2007-04-29 00:37 17,680 --a------ C:\WINNT\system32\drivers\ptilink.sys

    2007-04-29 00:37 148,208 --a------ C:\WINNT\system32\drivers\portcls.sys

    2007-04-29 00:36 91,408 --a------ C:\WINNT\system32\drivers\NWLNKIPX.SYS

    2007-04-29 00:36 66,832 --a------ C:\WINNT\system32\NTPRINT.DLL

    2007-04-29 00:36 65,520 --a------ C:\WINNT\system32\drivers\nwlnknb.sys

    2007-04-29 00:36 626,960 --a------ C:\WINNT\system32\OLEAUT32.DLL

    2007-04-29 00:36 60,688 --a------ C:\WINNT\system32\NWWKS.DLL

    2007-04-29 00:36 60,368 --a------ C:\WINNT\system32\drivers\parallel.sys

    2007-04-29 00:36 59,760 --a------ C:\WINNT\system32\drivers\pci.sys

    2007-04-29 00:36 534,192 --a------ C:\WINNT\system32\drivers\ntfs.sys

    2007-04-29 00:36 44,304 --a------ C:\WINNT\system32\PERFCTRS.DLL

    2007-04-29 00:36 398,608 --a------ C:\WINNT\system32\NTVDM.EXE

    2007-04-29 00:36 36,624 --a------ C:\WINNT\system32\OLECNV32.DLL

    2007-04-29 00:36 3,088 --a------ C:\WINNT\system32\drivers\pciide.sys

    2007-04-29 00:36 25,392 --a------ C:\WINNT\system32\drivers\parport.sys

    2007-04-29 00:36 22,064 --a------ C:\WINNT\system32\drivers\pciidex.sys

    2007-04-29 00:36 161,072 --a------ C:\WINNT\system32\drivers\nwrdr.sys

    2007-04-29 00:36 141,072 --a------ C:\WINNT\system32\NWPROVAU.DLL

    2007-04-29 00:36 109,648 --a------ C:\WINNT\system32\drivers\pcmcia.sys

    2007-04-29 00:35 93,360 --a------ C:\WINNT\system32\drivers\ndiswan.sys

    2007-04-29 00:35 90,896 --a------ C:\WINNT\system32\NSLOOKUP.EXE

    2007-04-29 00:35 87,888 --a------ C:\WINNT\system32\drivers\mup.sys

    2007-04-29 00:35 6,928 --------- C:\WINNT\system32\schmupd.exe

    2007-04-29 00:35 37,552 --a------ C:\WINNT\system32\drivers\nmnt.sys

    2007-04-29 00:35 33,616 --a------ C:\WINNT\system32\drivers\fips.sys

    2007-04-29 00:35 27,866 --a------ C:\WINNT\system32\NTDOS.SYS

    2007-04-29 00:35 170,928 --a------ C:\WINNT\system32\drivers\ndis.sys

    2007-04-29 00:35 163,600 --a------ C:\WINNT\system32\drivers\netbt.sys

    2007-04-29 00:35 123,152 --a------ C:\WINNT\system32\MSV1_0.DLL

    2007-04-29 00:35 1,187,600 --a------ C:\WINNT\system32\NTBACKUP.EXE

    2007-04-29 00:33 945,424 --a------ C:\WINNT\system32\msjava.dll

    2007-04-29 00:33 21,264 --a------ C:\WINNT\system32\msjdbc10.dll

    2007-04-29 00:32 34,064 --a------ C:\WINNT\system32\MSGSVC.DLL

    2007-04-29 00:31 72,464 --a------ C:\WINNT\system32\LOCATOR.EXE

    2007-04-29 00:31 71,888 --a------ C:\WINNT\system32\drivers\ksecdd.sys

    2007-04-29 00:31 57,264 --a------ C:\WINNT\system32\drivers\mf.sys

    2007-04-29 00:31 413,104 --a------ C:\WINNT\system32\drivers\mrxsmb.sys

    2007-04-29 00:31 36,112 --------- C:\WINNT\system32\LSASS.EXE

    2007-04-29 00:31 30,160 --a------ C:\WINNT\system32\drivers\mountmgr.sys

    2007-04-29 00:31 29,360 --a------ C:\WINNT\system32\drivers\modem.sys

    2007-04-29 00:31 260,368 --a------ C:\WINNT\system32\LOCALSPL.DLL

    2007-04-29 00:31 172,304 --a------ C:\WINNT\system32\jview.exe

    2007-04-29 00:31 154,896 --a------ C:\WINNT\system32\msawt.dll

    2007-04-29 00:31 14,096 --a------ C:\WINNT\system32\MGMTAPI.DLL

    2007-04-29 00:31 11,024 --a------ C:\WINNT\system32\LABEL.EXE

    2007-04-29 00:31 10,000 --a------ C:\WINNT\system32\LMHSVC.DLL

    2007-04-29 00:30 67,120 --a------ C:\WINNT\system32\drivers\ipnat.sys

    2007-04-29 00:30 64,304 --a------ C:\WINNT\system32\drivers\ipsec.sys

    2007-04-29 00:30 63,248 --a------ C:\WINNT\system32\javaprxy.dll

    2007-04-29 00:30 47,312 --a------ C:\WINNT\system32\drivers\isapnp.sys

    2007-04-29 00:30 404,752 --a------ C:\WINNT\system32\javart.dll

    2007-04-29 00:30 187,152 --a------ C:\WINNT\system32\javacypt.dll

    2007-04-29 00:30 171,280 --a------ C:\WINNT\system32\jit.dll

    2007-04-29 00:29 67,344 --a------ C:\WINNT\system32\IFSUTIL.DLL

    2007-04-29 00:29 47,728 --a------ C:\WINNT\system32\drivers\i8042prt.sys

    2007-04-29 00:29 42,256 --a------ C:\WINNT\system32\FTP.EXE

    2007-04-29 00:29 24,752 --a------ C:\WINNT\system32\drivers\hidclass.sys

    2007-04-29 00:29 128,784 --a------ C:\WINNT\system32\IMAGEHLP.DLL

    2007-04-29 00:28 34,064 --a------ C:\WINNT\system32\FORMAT.COM

    2007-04-29 00:28 27,440 --a------ C:\WINNT\system32\drivers\efs.sys

    2007-04-29 00:28 17,680 --a------ C:\WINNT\system32\FMIFS.DLL

    2007-04-29 00:28 140,496 --a------ C:\WINNT\system32\drivers\fastfat.sys

    2007-04-29 00:28 10,000 --a------ C:\WINNT\system32\find.exe

    2007-04-29 00:28 1,363,968 -r-hs---- C:\WINNT\system32\hztaomc.exe

    2007-04-29 00:28 1,361,920 -r-hs---- C:\WINNT\system32\eomwlsf.exe

    2007-04-29 00:27 8,464 --a------ C:\WINNT\system32\DISKCOPY.COM

    2007-04-29 00:27 77,584 --a------ C:\WINNT\system32\DHCPSAPI.DLL

    2007-04-29 00:27 74,000 --a------ C:\WINNT\system32\DRWTSN32.EXE

    2007-04-29 00:27 7,312 --a------ C:\WINNT\system32\drivers\dmload.sys

    2007-04-29 00:27 61,712 --a------ C:\WINNT\system32\cliconfg.dll

    2007-04-29 00:27 56,112 --a------ C:\WINNT\system32\drivers\DLC.SYS

    2007-04-29 00:27 37,136 --a------ C:\WINNT\system32\cliconfg.exe

    2007-04-29 00:27 369,104 --a------ C:\WINNT\system32\drivers\dmboot.sys

    2007-04-29 00:27 35,088 --a------ C:\WINNT\system32\CSRSRV.DLL

    2007-04-29 00:27 34,832 --a------ C:\WINNT\system32\drivers\classpnp.sys

    2007-04-29 00:27 33,040 --a------ C:\WINNT\system32\dbnmpntw.dll

    2007-04-29 00:27 30,768 --a------ C:\WINNT\system32\drivers\DISK.SYS

    2007-04-29 00:27 30,160 --a------ C:\WINNT\system32\compobj.dll

    2007-04-29 00:27 28,944 --a------ C:\WINNT\system32\dbmsvinn.dLL

    2007-04-29 00:27 28,944 --a------ C:\WINNT\system32\dbmsrpcn.dll

    2007-04-29 00:27 27,097 --a------ C:\WINNT\system32\country.sys

    2007-04-29 00:27 26,384 --a------ C:\WINNT\system32\CNVFAT.DLL

    2007-04-29 00:27 243,472 --a------ C:\WINNT\system32\COMDLG32.DLL

    2007-04-29 00:27 14,096 --a------ C:\WINNT\system32\CONVERT.EXE

    2007-04-29 00:27 137,936 --a------ C:\WINNT\system32\drivers\dmio.sys

    2007-04-29 00:27 10,512 --a------ C:\WINNT\system32\DISKCOMP.COM

    2007-04-29 00:26 13,584 --a------ C:\WINNT\system32\CHKDSK.EXE

    2007-04-29 00:25 86,672 --a------ C:\WINNT\system32\drivers\atapi.sys

    2007-04-29 00:25 616,208 --a------ C:\WINNT\system32\AUTOCONV.EXE

    2007-04-29 00:25 602,896 --a------ C:\WINNT\system32\AUTOCHK.EXE

    2007-04-29 00:25 48,496 --a------ C:\WINNT\system32\drivers\atmlane.sys

    2007-04-29 00:25 331,088 --a------ C:\WINNT\system32\drivers\atmuni.sys

    2007-04-29 00:25 18,192 --a------ C:\WINNT\system32\CACLS.EXE

    2007-04-29 00:25 120,240 --a------ C:\WINNT\system32\drivers\AFD.SYS

    2007-04-29 00:24 388,368 --a------ C:\WINNT\system32\ADVAPI32.DLL

    2007-04-29 00:21 <DIR> d-ah----- C:\Arquivos de programas\WindowsUpdate

    2007-04-29 00:20 <DIR> d-------- C:\WINNT\SoftwareDistribution

    2007-04-29 00:19 <DIR> d---s---- C:\DOCUME~1\CDC\UserData

    2007-04-29 00:13 <DIR> d-------- C:\WINNT\ShellNew

    2007-04-29 00:11 <DIR> d-------- C:\DOCUME~1\CDC\DADOSD~1\Microsoft Web Folders

    2007-04-29 00:07 82,432 --a------ C:\WINNT\system32\drmstor.dll

    2007-04-29 00:07 301,712 --a------ C:\WINNT\system32\drmclien.dll

    2007-04-29 00:04 476,320 --------- C:\WINNT\system32\ImagXpr7.dll

    2007-04-29 00:04 471,040 --------- C:\WINNT\system32\ImagXRA7.dll

    2007-04-29 00:04 364,544 --------- C:\WINNT\system32\TwnLib4.dll

    2007-04-29 00:04 262,144 --------- C:\WINNT\system32\ImagXR7.dll

    2007-04-29 00:04 155,648 --a------ C:\WINNT\system32\NeroCheck.exe

    2007-04-29 00:04 106,496 --a------ C:\WINNT\system32\TwnLib20.dll

    2007-04-29 00:04 1,568,768 --------- C:\WINNT\system32\ImagX7.dll

    2007-04-29 00:04 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Ahead

    2007-04-29 00:04 <DIR> d-------- C:\Arquivos de programas\Ahead

    2007-04-29 00:01 <DIR> d--h----- C:\Arquivos de programas\InstallShield Installation Information

    2007-04-29 00:01 <DIR> d-------- C:\Arquivos de programas\ToniArts

    2007-04-29 00:01 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\InstallShield

    2007-04-28 23:58 <DIR> d-------- C:\eclipse

    2007-04-28 23:48 <DIR> d-------- C:\j2sdk1.4.2_13

    2007-04-28 23:44 997,888 --a------ C:\WINNT\system32\wmvdmoe2.dll

    2007-04-28 23:44 981,504 --a------ C:\WINNT\system32\wmnetmgr.dll

    2007-04-28 23:44 98,304 --a------ C:\WINNT\system32\wmpshell.dll

    2007-04-28 23:44 892,416 --a------ C:\WINNT\system32\wmspdmoe.dll

    2007-04-28 23:44 816,264 --a------ C:\WINNT\system32\wmvdmod.dll

    2007-04-28 23:44 760,968 --a------ C:\WINNT\system32\wmsdmod.dll

    2007-04-28 23:44 7,680 --a------ C:\WINNT\system32\asferror.dll

    2007-04-28 23:44 678,912 --a------ C:\WINNT\system32\drmv2clt.dll

    2007-04-28 23:44 670,208 --a------ C:\WINNT\system32\wmadmoe.dll

    2007-04-28 23:44 58,000 --a------ C:\WINNT\system32\drivers\cdr4_2K.sys

    2007-04-28 23:44 57,344 --a------ C:\WINNT\uneng.exe

    2007-04-28 23:44 52,736 --a------ C:\WINNT\system32\mspmsnsv.dll

    2007-04-28 23:44 49,152 --a------ C:\WINNT\system32\cdrtc.dll

    2007-04-28 23:44 486,536 --a------ C:\WINNT\system32\wmspdmod.dll

    2007-04-28 23:44 45,056 --a------ C:\WINNT\system32\cdral.dll

    2007-04-28 23:44 410,248 --a------ C:\WINNT\system32\wmadmod.dll

    2007-04-28 23:44 401,462 -ra------ C:\WINNT\system32\Msvcp60.dll

    2007-04-28 23:44 384,512 --a------ C:\WINNT\system32\mp4sdmod.dll

    2007-04-28 23:44 365,704 --a------ C:\WINNT\system32\msscp.dll

    2007-04-28 23:44 316,040 --a------ C:\WINNT\system32\mp43dmod.dll

    2007-04-28 23:44 27,136 --a------ C:\WINNT\system32\wmdmlog.dll

    2007-04-28 23:44 253,952 --a------ C:\WINNT\system32\msnetobj.dll

    2007-04-28 23:44 246,272 --a------ C:\WINNT\system32\mswmdm.dll

    2007-04-28 23:44 241,664 --a------ C:\WINNT\system32\mpg4dmod.dll

    2007-04-28 23:44 232,960 --a------ C:\WINNT\system32\blackbox.dll

    2007-04-28 23:44 23,552 --a------ C:\WINNT\system32\wmdmps.dll

    2007-04-28 23:44 23,420 --a------ C:\WINNT\system32\drivers\cdralw2k.sys

    2007-04-28 23:44 225,280 --a------ C:\WINNT\system32\wmpdxm.dll

    2007-04-28 23:44 218,112 --a------ C:\WINNT\system32\wmasf.dll

    2007-04-28 23:44 201,728 --a------ C:\WINNT\system32\mspmsp.dll

    2007-04-28 23:44 20,480 --a------ C:\WINNT\system32\wmpui.dll

    2007-04-28 23:44 20,480 --a------ C:\WINNT\system32\wmpcore.dll

    2007-04-28 23:44 20,480 --a------ C:\WINNT\system32\wmpcd.dll

    2007-04-28 23:44 2,969,600 --a------ C:\WINNT\system32\wmploc.dll

    2007-04-28 23:44 186,368 --a------ C:\WINNT\system32\wmerror.dll

    2007-04-28 23:44 159,232 --a------ C:\WINNT\system32\CEWMDM.dll

    2007-04-28 23:44 143,360 --a------ C:\WINNT\system32\wmidx.dll

    2007-04-28 23:44 106,496 --a------ C:\WINNT\system32\wmpasf.dll

    2007-04-28 23:44 1,111,040 --a------ C:\WINNT\system32\wmsdmoe2.dll

    2007-04-28 23:44 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Adaptec Shared

    2007-04-28 23:42 <DIR> d-------- C:\Arquivos de programas\Tibia

    2007-04-28 23:37 58,952 --a------ C:\WINNT\system32\MsgPlusLoader.dll

    2007-04-28 23:36 98,816 --a------ C:\WINNT\system32\dmstyle.dll

    2007-04-28 23:36 83,968 --a------ C:\WINNT\system32\drivers\nabtsfec.sys

    2007-04-28 23:36 80,896 --a------ C:\WINNT\system32\dpvsetup.exe

    2007-04-28 23:36 797,184 --a------ C:\WINNT\system32\d3dim700.dll

    2007-04-28 23:36 76,800 --a------ C:\WINNT\system32\dmscript.dll

    2007-04-28 23:36 733,184 --a------ C:\WINNT\system32\qedwipes.dll

    2007-04-28 23:36 7,424 --a------ C:\WINNT\system32\drivers\mskssrv.sys

    2007-04-28 23:36 7,168 --a------ C:\WINNT\system32\d3d8thk.dll

    2007-04-28 23:36 68,608 --a------ C:\WINNT\system32\dsdmoprp.dll

    2007-04-28 23:36 68,096 --a------ C:\WINNT\system32\dpnhupnp.dll

    2007-04-28 23:36 64,512 --a------ C:\WINNT\system32\amstream.dll

    2007-04-28 23:36 62,464 --a------ C:\WINNT\system32\gcdef.dll

    2007-04-28 23:36 602,624 --a------ C:\WINNT\system32\dx7vb.dll

    2007-04-28 23:36 591,120 --a------ C:\WINNT\system32\d3dramp.dll

    2007-04-28 23:36 58,368 --a------ C:\WINNT\system32\dmcompos.dll

    2007-04-28 23:36 57,856 --a------ C:\WINNT\system32\dpwsockx.dll

    2007-04-28 23:36 56,832 --a------ C:\WINNT\system32\drivers\msdv.sys

    2007-04-28 23:36 53,248 --a------ C:\WINNT\system32\devenum.dll

    2007-04-28 23:36 525,824 --a------ C:\WINNT\system32\qedit.dll

    2007-04-28 23:36 5,504 --a------ C:\WINNT\system32\drivers\mstee.sys

    2007-04-28 23:36 5,248 --a------ C:\WINNT\system32\drivers\mspclock.sys

    2007-04-28 23:36 49,424 --a------ C:\WINNT\system32\d3dxof.dll

    2007-04-28 23:36 480,256 --a------ C:\WINNT\system32\msvidctl.dll

    2007-04-28 23:36 48,512 --a------ C:\WINNT\system32\drivers\stream.sys

    2007-04-28 23:36 47,104 --a------ C:\WINNT\system32\wstdecod.dll

    2007-04-28 23:36 46,592 --a------ C:\WINNT\system32\dxdllreg.exe

    2007-04-28 23:36 446,224 --a------ C:\WINNT\system32\d3dim.dll

    2007-04-28 23:36 44,032 --a------ C:\WINNT\system32\dimap.dll

    2007-04-28 23:36 4,096 --a------ C:\WINNT\system32\ksuser.dll

    2007-04-28 23:36 4,096 --a------ C:\WINNT\system32\drivers\swenum.sys

    2007-04-28 23:36 386,560 --a------ C:\WINNT\system32\diactfrm.dll

    2007-04-28 23:36 383,488 --a------ C:\WINNT\system32\qdvd.dll

    2007-04-28 23:36 380,416 --a------ C:\WINNT\system32\dpnet.dll

    2007-04-28 23:36 37,648 --a------ C:\WINNT\system32\d3dpmesh.dll

    2007-04-28 23:36 364,816 --a------ C:\WINNT\system32\d3drm.dll

    2007-04-28 23:36 363,520 --a------ C:\WINNT\system32\dsound.dll

    2007-04-28 23:36 354,816 --a------ C:\WINNT\system32\psisdecd.dll

    2007-04-28 23:36 34,304 --a------ C:\WINNT\system32\mciqtz32.dll

    2007-04-28 23:36 33,280 --a------ C:\WINNT\system32\dmloader.dll

    2007-04-28 23:36 32,768 --a------ C:\WINNT\system32\dpnhpast.dll

    2007-04-28 23:36 31,744 --a------ C:\WINNT\system32\pid.dll

    2007-04-28 23:36 307,200 --a------ C:\WINNT\system32\dxdiag.exe

    2007-04-28 23:36 3,072 --a------ C:\WINNT\system32\dpnlobby.dll

    2007-04-28 23:36 3,072 --a------ C:\WINNT\system32\dpnaddr.dll

    2007-04-28 23:36 28,160 --a------ C:\WINNT\system32\dplaysvr.exe

    2007-04-28 23:36 276,480 --a------ C:\WINNT\system32\qdv.dll

    2007-04-28 23:36 27,136 --a------ C:\WINNT\system32\dmband.dll

    2007-04-28 23:36 265,728 --a------ C:\WINNT\system32\ddraw.dll

    2007-04-28 23:36 241,664 --a------ C:\WINNT\system32\qasf.dll

    2007-04-28 23:36 230,400 --a------ C:\WINNT\system32\dplayx.dll

    2007-04-28 23:36 22,528 --a------ C:\WINNT\system32\dpmodemx.dll

    2007-04-28 23:36 204,288 --a------ C:\WINNT\system32\dpvoice.dll

    2007-04-28 23:36 195,072 --a------ C:\WINNT\system32\mswebdvd.dll

    2007-04-28 23:36 19,968 --a------ C:\WINNT\system32\dpvacm.dll

    2007-04-28 23:36 186,880 --a------ C:\WINNT\system32\dsdmo.dll

    2007-04-28 23:36 181,248 --a------ C:\WINNT\system32\dmime.dll

    2007-04-28 23:36 18,944 --a------ C:\WINNT\system32\encapi.dll

    2007-04-28 23:36 18,688 --a------ C:\WINNT\system32\drivers\wstcodec.sys

    2007-04-28 23:36 18,432 --a------ C:\WINNT\system32\dswave.dll

    2007-04-28 23:36 177,152 --a------ C:\WINNT\system32\qcap.dll

    2007-04-28 23:36 174,592 --a------ C:\WINNT\system32\dinput8.dll

    2007-04-28 23:36 16,896 --a------ C:\WINNT\system32\msyuv.dll

    2007-04-28 23:36 16,896 --a------ C:\WINNT\system32\dpnsvr.exe

    2007-04-28 23:36 16,384 --a------ C:\WINNT\system32\drivers\ccdecode.sys

    2007-04-28 23:36 157,696 --a------ C:\WINNT\system32\dinput.dll

    2007-04-28 23:36 15,104 --a------ C:\WINNT\system32\drivers\mpe.sys

    2007-04-28 23:36 14,976 --a------ C:\WINNT\system32\drivers\streamip.sys

    2007-04-28 23:36 130,304 --a------ C:\WINNT\system32\drivers\ks.sys

    2007-04-28 23:36 13,312 --a------ C:\WINNT\system32\msdmo.dll

    2007-04-28 23:36 112,128 --a------ C:\WINNT\system32\dpvvox.dll

    2007-04-28 23:36 11,392 --a------ C:\WINNT\system32\drivers\bdasup.sys

    2007-04-28 23:36 104,448 --a------ C:\WINNT\system32\dmusic.dll

    2007-04-28 23:36 100,864 --a------ C:\WINNT\system32\dmsynth.dll

    2007-04-28 23:36 10,880 --a------ C:\WINNT\system32\drivers\slip.sys

    2007-04-28 23:36 10,112 --a------ C:\WINNT\system32\drivers\ndisip.sys

    2007-04-28 23:36 1,689,600 --a------ C:\WINNT\system32\d3d9.dll

    2007-04-28 23:36 1,294,336 --a------ C:\WINNT\system32\dsound3d.dll

    2007-04-28 23:36 1,250,816 --a------ C:\WINNT\system32\quartz.dll

    2007-04-28 23:36 1,189,888 --a------ C:\WINNT\system32\dx8vb.dll

    2007-04-28 23:36 1,179,648 --a------ C:\WINNT\system32\d3d8.dll

    2007-04-28 23:36 1,134,592 --a------ C:\WINNT\system32\dxdiagn.dll

    2007-04-28 23:28 <DIR> d-------- C:\WINNT\system32\directx

    2007-04-28 23:27 <DIR> d-------- C:\Arquivos de programas\eMule

    2007-04-28 23:26 <DIR> d-------- C:\Arquivos de programas\BitComet

    2007-04-28 23:25 <DIR> d-------- C:\Arquivos de programas\Lavasoft

    2007-04-28 23:24 <DIR> d-------- C:\WINNT\pss

    2007-04-28 23:22 <DIR> d-------- C:\Arquivos de programas\MessengerPlus! 3

    2007-04-28 23:21 <DIR> d--h----- C:\Arquivos de programas\QMgr

    2007-04-28 23:19 7,536 --a------ C:\WINNT\loadqm.exe

    2007-04-28 23:19 48,224 --a------ C:\WINNT\system32\progdl.dll

    2007-04-28 23:19 <DIR> d-------- C:\Arquivos de programas\MSN Messenger

    2007-04-28 23:19 <DIR> d-------- C:\Arquivos de programas\Messenger

    2007-04-28 23:15 81,408 --a------ C:\WINNT\system32\logagent.exe

    2007-04-28 23:15 6,656 --a------ C:\WINNT\system32\laprxy.dll

    2007-04-28 23:14 <DIR> d-------- C:\WINNT\RegisteredPackages

    2007-04-28 23:07 <DIR> d--hs---- C:\RECYCLER

    2007-04-28 23:07 <DIR> d-------- C:\Progra~1

    2007-04-28 23:06 400,590 --a------ C:\WINNT\system32\drivers\sis7018.sys

    2007-04-28 23:06 305,664 --a------ C:\WINNT\IsUn0416.exe

    2007-04-28 23:06 28,672 --a------ C:\WINNT\system32\a3d.dll

    2007-04-28 23:04 <DIR> d--h----- C:\WINNT\msdownld.tmp

    2007-04-28 23:04 <DIR> d-------- C:\WINNT\Ficheiros de configura‡Æo do Windows Update

    2007-04-28 23:00 53,693 -ra------ C:\WINNT\UNDPX2A.sys

    2007-04-28 23:00 15,429 -ra------ C:\WINNT\system32\drivers\Sacm2A.sys

    2007-04-28 23:00 135,168 -ra------ C:\WINNT\UNDPX2A.exe

    2007-04-28 22:58 52,272 --a------ C:\WINNT\system32\drivers\sis300p.sys

    2007-04-28 22:58 190,512 --a------ C:\WINNT\system32\sis300v.dll

    2007-04-28 22:55 <DIR> d--hs---- C:\WINNT\Installer

    2007-04-28 22:55 <DIR> d-------- C:\WINNT\system32\NtmsData

    2007-04-28 22:54 917,504 --ah----- C:\DOCUME~1\CDC\NTUSER.DAT

    2007-04-28 22:54 <DIR> dr------- C:\DOCUME~1\CDC\Favoritos

    2007-04-28 22:54 <DIR> d--hs---- C:\WINNT\CSC

    2007-04-28 22:54 <DIR> d--hs---- C:\System Volume Information

    2007-04-28 22:54 <DIR> d--h----- C:\WINNT\system32\GroupPolicy

    2007-04-28 22:54 <DIR> d--h----- C:\DOCUME~1\CDC\Modelos

    2007-04-28 22:54 <DIR> d--h----- C:\DOCUME~1\CDC\Dados de aplicativos

    2007-04-28 22:54 <DIR> d--h----- C:\DOCUME~1\CDC\Configura‡äes locais

    2007-04-28 22:54 <DIR> d--h----- C:\DOCUME~1\CDC\Ambiente de rede

    2007-04-28 22:54 <DIR> d--h----- C:\DOCUME~1\CDC\Ambiente de impressÆo

    2007-04-28 22:54 <DIR> d-------- C:\DOCUME~1\CDC\Meus documentos

    2007-04-28 22:54 <DIR> d-------- C:\DOCUME~1\CDC\Menu Iniciar

    2007-04-28 22:48 <DIR> d-------- C:\WINNT\system32\rpcproxy

    2007-04-28 22:48 <DIR> d-------- C:\WINNT\system32\rocket

    2007-04-28 22:48 <DIR> d-------- C:\WINNT\system32\inetsrv

    2007-04-28 22:48 <DIR> d-------- C:\WINNT\mww32

    2007-04-28 22:48 <DIR> d-------- C:\Arquivos de programas\microsoft frontpage

    2007-04-28 22:47 122,880 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT

    2007-04-28 22:47 0 -rahs---- C:\MSDOS.SYS

    2007-04-28 22:47 0 -rahs---- C:\IO.SYS

    2007-04-28 22:47 0 ---h----- C:\CONFIG.SYS

    2007-04-28 22:47 0 ---h----- C:\AUTOEXEC.BAT

    2007-04-28 22:45 135,440 --a------ C:\WINNT\system32\mapi32.dll

    2007-04-28 22:45 <DIR> dr------- C:\WINNT\Offline Web Pages

    2007-04-28 22:45 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM

    2007-04-28 22:45 <DIR> d---s---- C:\WINNT\Downloaded Program Files

    2007-04-28 22:44 63,248 --a------ C:\WINNT\system32\ils.dll

    2007-04-28 22:44 58,640 --a------ C:\WINNT\system32\icwdial.dll

    2007-04-28 22:44 53,520 --a------ C:\WINNT\system32\msconf.dll

    2007-04-28 22:44 5,904 --a------ C:\WINNT\system32\icfgnt5.dll

    2007-04-28 22:44 49,936 --a------ C:\WINNT\system32\icwphbk.dll

    2007-04-28 22:44 32,880 --a------ C:\WINNT\system32\mnmdd.dll

    2007-04-28 22:44 3,072 --a------ C:\WINNT\system32\nmevtmsg.dll

    2007-04-28 22:44 257,296 --a------ C:\WINNT\system32\inetcfg.dll

    2007-04-28 22:44 21,776 --a------ C:\WINNT\system32\mnmsrvc.exe

    2007-04-28 22:44 12,560 --a------ C:\WINNT\system32\nmmkcert.dll

    2007-04-28 22:44 10,000 --a------ C:\WINNT\system32\mstinit.exe

    2007-04-28 22:44 <DIR> d-a-s---- C:\WINNT\Tasks

    2007-04-28 22:44 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Servi‡os

    2007-04-28 22:43 15,136 --a------ C:\WINNT\system32\emptyregdb.dat

    2007-04-28 22:43 <DIR> d-------- C:\WINNT\Registration

    2007-04-28 22:42 96,528 --a------ C:\WINNT\system32\winmine.exe

    2007-04-28 22:42 91,920 --a------ C:\WINNT\system32\calc.exe

    2007-04-28 22:42 90,896 --a------ C:\WINNT\system32\charmap.exe

    2007-04-28 22:42 76,048 --a------ C:\WINNT\system32\avwav.dll

    2007-04-28 22:42 68,880 --a------ C:\WINNT\system32\sndvol32.exe

    2007-04-28 22:42 67,344 --a------ C:\WINNT\system32\winchat.exe

    2007-04-28 22:42 641,808 --a------ C:\WINNT\system32\xiffr3_0.dll

    2007-04-28 22:42 63,248 --a------ C:\WINNT\system32\oiui400.dll

    2007-04-28 22:42 62,736 --a------ C:\WINNT\system32\imgcmn.dll

    2007-04-28 22:42 6,928 --a------ C:\WINNT\system32\msdtc.exe

    2007-04-28 22:42 6,416 --a------ C:\WINNT\system32\write.exe

    2007-04-28 22:42 410,384 --a------ C:\WINNT\system32\getuname.dll

    2007-04-28 22:42 38,160 --a------ C:\WINNT\system32\jpeg2x32.dll

    2007-04-28 22:42 34,576 --a------ C:\WINNT\system32\sol.exe

    2007-04-28 22:42 34,064 --a------ C:\WINNT\system32\freecell.exe

    2007-04-28 22:42 339,728 --a------ C:\WINNT\system32\cdplayer.exe

    2007-04-28 22:42 33,552 --a------ C:\WINNT\system32\tifflt.dll

    2007-04-28 22:42 321,808 --a------ C:\WINNT\system32\MSPAINT.EXE

    2007-04-28 22:42 27,920 --a------ C:\WINNT\system32\jpeg1x32.dll

    2007-04-28 22:42 25,872 --a------ C:\WINNT\system32\oitwa400.dll

    2007-04-28 22:42 21,776 --a------ C:\WINNT\system32\oislb400.dll

    2007-04-28 22:42 17,168 --a------ C:\WINNT\system32\avmeter.dll

    2007-04-28 22:42 13,584 --a------ C:\WINNT\system32\imgshl.dll

    2007-04-28 22:42 13,072 --a------ C:\WINNT\system32\oissq400.dll

    2007-04-28 22:42 13,072 --a------ C:\WINNT\system32\oiprt400.dll

    2007-04-28 22:42 119,056 --a------ C:\WINNT\system32\mplay32.exe

    2007-04-28 22:42 101,648 --a------ C:\WINNT\system32\clipbrd.exe

    2007-04-28 22:42 <DIR> d-------- C:\WINNT\system32\DTCLog

    2007-04-28 22:42 <DIR> d-------- C:\Arquivos de programas\Windows NT

    2007-04-28 22:42 <DIR> d-------- C:\Arquivos de programas\Acess¢rios

    2007-04-28 22:41 84,240 --a------ C:\WINNT\system32\txflog.dll

    2007-04-28 22:41 68,368 --a------ C:\WINNT\system32\stclient.dll

    2007-04-28 22:41 55,056 --a------ C:\WINNT\system32\catsrvps.dll

    2007-04-28 22:41 3,856 --a------ C:\WINNT\system32\mtxex.dll

    2007-04-28 22:41 29,968 --a------ C:\WINNT\system32\comaddin.dll

    2007-04-28 22:41 21,776 --a------ C:\WINNT\system32\comclust.exe

    2007-04-28 22:41 149,264 --a------ C:\WINNT\system32\DComExt.dll

    2007-04-28 22:41 146,192 --a------ C:\WINNT\system32\comsnap.dll

    2007-04-28 22:41 <DIR> d-------- C:\WINNT\system32\Com

    2007-04-28 22:23 51,152 --a------ C:\WINNT\system32\drivers\DMusic.sys

    2007-04-28 22:23 4,816 --a------ C:\WINNT\system32\drivers\MSPQM.sys

    2007-04-28 22:23 2,896 --a------ C:\WINNT\system32\drivers\audstub.sys

    2007-04-28 22:23 148,304 --a------ C:\WINNT\system32\drivers\kmixer.sys

    2007-04-28 22:22 9,136 --a------ C:\WINNT\system32\drivers\NtApm.sys

    2007-04-28 22:21 9,808 --a------ C:\WINNT\system32\drivers\gameenum.sys

    2007-04-28 22:21 2,832 --a------ C:\WINNT\system32\drivers\msmpu401.sys

    2007-04-28 22:20 61,200 --a------ C:\WINNT\system32\usbui.dll

    2007-04-28 22:20 35,920 --a------ C:\WINNT\system32\drivers\redbook.sys

    2007-04-28 22:18 9,936 --a------ C:\WINNT\system\LZEXPAND.DLL

    2007-04-28 22:18 9,072 --a------ C:\WINNT\system\VER.DLL

    2007-04-28 22:18 85,776 --a------ C:\WINNT\system32\dgsetup.dll

    2007-04-28 22:18 83,456 --a------ C:\WINNT\system\OLECLI.DLL

    2007-04-28 22:18 81,680 --a------ C:\WINNT\system32\spoolss.dll

    2007-04-28 22:18 70,144 --a------ C:\WINNT\system\AVICAP.DLL

    2007-04-28 22:18 69,936 --a------ C:\WINNT\system\MMSYSTEM.DLL

    2007-04-28 22:18 6,416 --a------ C:\WINNT\system32\batt.dll

    2007-04-28 22:18 51,472 --a------ C:\WINNT\NOTEPAD.EXE

    2007-04-28 22:18 5,392 --a------ C:\WINNT\delttsul.exe

    2007-04-28 22:18 5,120 --a------ C:\WINNT\system\SHELL.DLL

    2007-04-28 22:18 45,328 --a------ C:\WINNT\system32\spoolsv.exe

    2007-04-28 22:18 35,600 --a------ C:\WINNT\TASKMAN.EXE

    2007-04-28 22:18 28,960 --a------ C:\WINNT\system\COMMDLG.DLL

    2007-04-28 22:18 24,064 --a------ C:\WINNT\system\OLESVR.DLL

    2007-04-28 22:18 21,344 --a------ C:\WINNT\system\TAPI.DLL

    2007-04-28 22:18 176,400 --a------ C:\WINNT\system32\EqnClass.Dll

    2007-04-28 22:18 149,504 --a------ C:\WINNT\system32\spxcoins.dll

    2007-04-28 22:18 127,120 --a------ C:\WINNT\system\MSVIDEO.DLL

    2007-04-28 22:18 123,904 --a------ C:\WINNT\system32\dgrpsetu.dll

    2007-04-28 22:18 108,064 --a------ C:\WINNT\system\AVIFILE.DLL

    2007-04-28 22:18 <DIR> dra------ C:\Arquivos de programas

    2007-04-28 22:18 <DIR> d-ah----- C:\DOCUME~1\ALLUSE~1\Dados de aplicativos

    2007-04-28 22:18 <DIR> d-a------ C:\WINNT\system32\CatRoot

    2007-04-28 22:18 <DIR> d-a------ C:\WINNT\Speech

    2007-04-28 22:18 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\Documentos

    2007-04-28 22:18 <DIR> d-a------ C:\Arquivos de programas\Arquivos comuns\ODBC

    2007-04-28 22:18 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Modelos

    2007-04-28 22:18 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Dados de aplicativos

    2007-04-28 22:18 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Configura‡äes locais

    2007-04-28 22:18 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Ambiente de rede

    2007-04-28 22:18 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Ambiente de impressÆo

    2007-04-28 22:18 <DIR> d--h----- C:\DOCUME~1\ALLUSE~1\Modelos

    2007-04-28 22:18 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Meus documentos

    2007-04-28 22:18 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Menu Iniciar

    2007-04-28 22:18 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Favoritos

    2007-04-28 22:18 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Menu Iniciar

    2007-04-28 22:18 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Favoritos

    2007-04-28 22:17 <DIR> d-a------ C:\Documents and Settings

    2007-04-28 19:12 <DIR> dra-s---- C:\WINNT\Fonts

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\twain_32

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\wins

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\wbem

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\spool

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\ShellExt

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\Setup

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\ras

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\os2

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\npp

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\mui

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\ias

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\export

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\drivers\etc

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\drivers\disdn

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\drivers

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\dhcp

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system32\config

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\system

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\security

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\repair

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\msapps

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\msagent

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\Media

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\Help

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\Driver Cache

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\Debug

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\Cursors

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\Connection Wizard

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\Config

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT\AppPatch

    2007-04-28 19:12 <DIR> d-a------ C:\WINNT

    2007-04-28 19:12 <DIR> d--h----- C:\WINNT\inf

    2007-04-28 19:12 <DIR> d---s---- C:\WINNT\Web

    2007-04-28 19:12 <DIR> d----c--- C:\WINNT\system32\dllcache

    2007-04-28 19:12 <DIR> d-------- C:\WINNT\system32

    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-04-28 22:45 51300 --a------ C:\WINNT\system32\perfc016.dat

    2007-04-28 22:45 338768 --a------ C:\WINNT\system32\perfh016.dat

    2007-04-28 22:45 271 ---h----- C:\Arquivos de programas\desktop.ini

    2007-04-28 22:45 22040 ---h----- C:\Arquivos de programas\folder.htt

    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

    "Synchronization Manager"="mobsync.exe /logon"

    "LoadQM"="loadqm.exe"

    "NeroFilterCheck"="C:\\WINNT\\system32\\NeroCheck.exe"

    "Local Security Authority Service"="C:\\WINNT\\System32\\Isass.exe"

    "Tweak UI"="RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

    "^SetupICWDesktop"="C:\\Arquivos de programas\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

    "ClearRecentDocsOnExit"=hex:01,00,00,00

    "NoActiveDesktopChanges"=hex:01,00,00,00

    "NoNetHood"=hex:01,00,00,00

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "appinit_dlls"="MsgPlusLoader.dll"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa

    Authentication Packages REG_MULTI_SZ msv1_0\0\0

    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0\0

    Notification Packages REG_MULTI_SZ scecli\0\0

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced DHTML Enable]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="kboxrshx"

    "hkey"="HKLM"

    "command"="C:\\WINNT\\System32\\kboxrshx.exe"

    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX4900 Series]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="E_S117"

    "hkey"="HKLM"

    "command"="C:\\WINNT\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIBVL.EXE /FU \"C:\\WINNT\\TEMP\\E_S117.tmp\" /EF \"HKLM\""

    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="MsgPlus"

    "hkey"="HKLM"

    "command"="\"C:\\Arquivos de programas\\MessengerPlus! 3\\MsgPlus.exe\""

    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Services]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="rgjvd"

    "hkey"="HKLM"

    "command"="C:\\WINNT\\System32\\rgjvd.exe"

    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows LoL Layer1]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="hztaomc"

    "hkey"="HKLM"

    "command"="hztaomc.exe"

    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Network Firewall]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="firewall"

    "hkey"="HKLM"

    "command"="C:\\WINNT\\System32\\firewall.exe"

    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]

    rpcss REG_MULTI_SZ RpcSs\0\0

    wugroup REG_MULTI_SZ wuauserv\0\0

    BITSgroup REG_MULTI_SZ BITS\0\0

    hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*

    WmdmPmSN

    ********************************************************************

    catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net

    Rootkit scan 2007-05-06 16:16:59

    Windows 5.0.2195 Service Pack 4 NTFS

    scanning hidden processes ...

    scanning hidden services ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully

    hidden processes: 0

    hidden services: 0

    hidden files: 0

    ********************************************************************

    Completion time: Sun 2007-05-06 16:17:03

    C:\ComboFix-quarantined-files.txt ... 07-05-06 16:17

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    msayago    2

    Eu ainda continuo com o isass.exe :D , mas o problema ainda persiste ?, mas aquele link do Linha Defensiva é realmente o lsass.exe.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    dalibri    0
  • Autor do tópico
  • achei o isass q você tava flando:

    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINNT\System32\Isass.exe

    Tava confundindo com o outro ... o lsass ^_^ mals ae.

    já deletei ele ... acho q agora funciono.

    Obrigado pela ajuda!:lol:

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×