Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
ivesicfs

[Reaberto] Analisem meu log por favor

Recommended Posts

por favor preciso do me pc livre de virus precso enviar tcc pelo amor de deus

Logfile of HijackThis v1.99.1

Scan saved at 13:36:58, on 2/11/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\DOCUME~1\IVONED~1\CONFIG~1\Temp\Rar$EX00.468\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [b81ffedb] rundll32.exe "C:\WINDOWS\system32\larbwfro.dll",b

O4 - HKLM\..\RunOnce: [ GbPluginUni] RunDll32.exe C:\WINDOWS\DOWNLO~1\gbiehuni.dll,Gbieh

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?AuthParam=1224702273_e00908eb96fa57d42e938ba6539fb026&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab&File=jinstall-6u10-windows-i586-jc.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlugin/cab/GbPluginUni.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: rcuawg.dll

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

Gente pelo a de deus algum me socorre!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Conforme instruções

GMER 1.0.14.14536 - http://www.gmer.net

Rootkit scan 2008-11-05 13:43:19

Windows 5.1.2600 Service Pack 3

---- User code sections - GMER 1.0.14 ----

.text C:\WINDOWS\system32\winlogon.exe[684] kernel32.dll!FreeLibrary 7C80AC6E 5 Bytes JMP 01209FF0 C:\WINDOWS\Downloaded Program Files\gbiehuni.dll (Gbieh Module/Banco Unibanco)

.text C:\WINDOWS\system32\winlogon.exe[684] kernel32.dll!FreeLibraryAndExitThread 7C80C200 5 Bytes JMP 01209D20 C:\WINDOWS\Downloaded Program Files\gbiehuni.dll (Gbieh Module/Banco Unibanco)

.text C:\Arquivos de programas\Internet Explorer\iexplore.exe[3948] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 4367F301 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Arquivos de programas\Internet Explorer\iexplore.exe[3948] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 4381179F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Arquivos de programas\Internet Explorer\iexplore.exe[3948] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 43811720 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Arquivos de programas\Internet Explorer\iexplore.exe[3948] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 43811764 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Arquivos de programas\Internet Explorer\iexplore.exe[3948] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 438116AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Arquivos de programas\Internet Explorer\iexplore.exe[3948] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 438116E6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Arquivos de programas\Internet Explorer\iexplore.exe[3948] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 438117DA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Arquivos de programas\Internet Explorer\iexplore.exe[3948] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 436A16B6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

---- EOF - GMER 1.0.14 ----

2.

Logfile of random's system information tool 1.04 (written by random/random)

Run by Ivone de Carlo at 2008-11-05 13:45:12

Microsoft Windows XP Professional Service Pack 3

System drive C: has 99 GB (65%) free of 153 GB

Total RAM: 1023 MB (57% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75ABCF92-9764-4DFA-A83F-5142C3905052}]

C:\WINDOWS\system32\tuvUOEVM.dll [2008-11-01 38912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Arquivos de programas\Java\jre6\bin\ssv.dll [2008-10-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a62b163f-a392-4889-a602-22de27d87f5b}]

C:\WINDOWS\system32\vsyjsb.dll [2008-11-04 116224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\arquivos de programas\google\googletoolbar1.dll [2008-10-19 2423872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-20 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540008}]

GbIehObj Class - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D005ABB7-2369-4E8E-B756-81BCD1835C35}]

C:\WINDOWS\system32\wvUmnNdA.dll [2008-11-01 273408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll [2008-10-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\arquivos de programas\google\googletoolbar1.dll [2008-10-19 2423872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]

"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-16 8491008]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-09-16 81920]

"nod32kui"=C:\Arquivos de programas\Eset\nod32kui.exe [2008-10-19 949376]

"SunJavaUpdateSched"=C:\Arquivos de programas\Java\jre6\bin\jusched.exe [2008-10-22 136600]

"Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"NeroFilterCheck"=C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]

"b81ffedb"=C:\WINDOWS\system32\serdsefe.dll [2008-11-04 77312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]

"swg"=C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-20 68856]

"msnmsgr"=C:\Arquivos de programas\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar

Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="vsyjsb.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginUni]

C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvUOEVM]

C:\WINDOWS\system32\tuvUOEVM.dll [2008-11-01 38912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399008}"=C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

"{75ABCF92-9764-4DFA-A83F-5142C3905052}"=C:\WINDOWS\system32\tuvUOEVM.dll [2008-11-01 38912]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"authentication packages"=msv1_0

C:\WINDOWS\system32\wvUmnNdA

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Arquivos de programas\LimeWire\LimeWire.exe"="C:\Arquivos de programas\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Arquivos de programas\eMule\emule.exe"="C:\Arquivos de programas\eMule\emule.exe:*:Enabled:eMule"

"C:\Arquivos de programas\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Arquivos de programas\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"

"C:\Arquivos de programas\Arquivos comuns\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Arquivos de programas\Arquivos comuns\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2008-11-05 13:45:13 ----D---- C:\Arquivos de programas\trend micro

2008-11-05 13:45:12 ----D---- C:\rsit

2008-11-05 13:03:29 ----A---- C:\WINDOWS\gmer.ini

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer_uninstall.cmd

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer.exe

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer.dll

2008-11-04 16:28:55 ----A---- C:\WINDOWS\system32\efcCuRkk.dll

2008-11-04 13:29:27 ----SH---- C:\WINDOWS\system32\efesdres.ini

2008-11-04 13:29:16 ----A---- C:\WINDOWS\system32\serdsefe.dll

2008-11-04 13:27:11 ----A---- C:\WINDOWS\system32\vsyjsb.dll

2008-11-04 13:27:09 ----A---- C:\WINDOWS\system32\uaupfali.dll

2008-11-04 13:26:40 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nokia

2008-11-04 13:24:28 ----D---- C:\Arquivos de programas\MSXML 6.0

2008-11-03 01:01:28 ----SH---- C:\WINDOWS\system32\ynodfjcc.ini

2008-11-03 01:01:24 ----A---- C:\WINDOWS\system32\ccjfdony.dll

2008-11-03 00:59:06 ----A---- C:\WINDOWS\system32\zfcdam.dll

2008-11-03 00:59:04 ----A---- C:\WINDOWS\system32\nvsavghj.dll

2008-11-02 23:52:26 ----D---- C:\Arquivos de programas\EsetOnlineScanner

2008-11-02 14:42:05 ----A---- C:\WINDOWS\system32\tuvWpPIB.dll

2008-11-02 14:42:05 ----A---- C:\WINDOWS\system32\fcccdDvv.dll

2008-11-02 14:10:51 ----SH---- C:\WINDOWS\system32\viwnkkfa.ini

2008-11-02 14:10:41 ----A---- C:\WINDOWS\system32\afkknwiv.dll

2008-11-02 14:08:21 ----A---- C:\WINDOWS\system32\rzpyvy.dll

2008-11-02 14:08:19 ----A---- C:\WINDOWS\system32\gwwoetqq.dll

2008-11-02 14:05:52 ----A---- C:\WINDOWS\system32\pouzjc.dll

2008-11-02 14:05:50 ----A---- C:\WINDOWS\system32\ogceheef.dll

2008-11-02 14:03:22 ----SH---- C:\WINDOWS\system32\lheryibg.ini

2008-11-02 14:02:54 ----A---- C:\WINDOWS\system32\qoMdBsrQ.dll

2008-11-02 14:02:54 ----A---- C:\WINDOWS\system32\iifGYsrO.dll

2008-11-02 12:46:04 ----A---- C:\WINDOWS\ntbtlog.txt

2008-11-02 01:21:40 ----D---- C:\WINDOWS\pss

2008-11-02 01:09:26 ----SH---- C:\WINDOWS\system32\orfwbral.ini

2008-11-02 01:09:18 ----A---- C:\WINDOWS\system32\rcuawg.dll

2008-11-02 01:09:16 ----A---- C:\WINDOWS\system32\bxmdonmt.dll

2008-11-01 14:54:46 ----A---- C:\WINDOWS\system32\b33c3aa5-.txt

2008-11-01 14:54:29 ----ASH---- C:\WINDOWS\system32\AdNnmUvw.ini2

2008-11-01 14:54:29 ----ASH---- C:\WINDOWS\system32\AdNnmUvw.ini

2008-11-01 14:54:23 ----A---- C:\WINDOWS\system32\wvUmnNdA.dll

2008-11-01 14:49:19 ----A---- C:\WINDOWS\system32\geBqnNET.dll

2008-11-01 14:49:18 ----A---- C:\WINDOWS\system32\tuvUOEVM.dll

2008-10-31 12:06:37 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

2008-10-30 17:10:15 ----D---- C:\Arquivos de programas\eMule

2008-10-30 01:31:09 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-10-30 01:31:02 ----D---- C:\Arquivos de programas\MyFantasyMaker

2008-10-30 01:30:53 ----D---- C:\WINDOWS\Downloaded Installations

2008-10-29 13:34:16 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

2008-10-28 01:39:19 ----D---- C:\Arquivos de programas\Custom Technology

2008-10-28 01:38:08 ----A---- C:\WINDOWS\system32\devil.dll

2008-10-28 01:38:07 ----A---- C:\WINDOWS\system32\avisynth.dll

2008-10-28 01:37:04 ----D---- C:\Arquivos de programas\DIKO

2008-10-27 15:04:03 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Sun

2008-10-27 01:51:27 ----D---- C:\ZCVideoDVD

2008-10-27 01:49:15 ----A---- C:\WINDOWS\ZC DVD Creator Platinum.INI

2008-10-27 01:49:00 ----D---- C:\Arquivos de programas\ZC DVD Creator Platinum

2008-10-27 00:54:06 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2008-10-27 00:54:06 ----D---- C:\Arquivos de programas\Arquivos comuns\Ahead

2008-10-25 11:38:26 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\LimeWire

2008-10-25 00:07:48 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\PC Suite

2008-10-24 21:11:37 ----A---- C:\WINDOWS\system32\doskeys.exe

2008-10-24 21:11:35 ----A---- C:\WINDOWS\system32\rar.exe

2008-10-24 21:11:33 ----A---- C:\WINDOWS\system32\gh14rs.txt

2008-10-24 21:11:33 ----A---- C:\WINDOWS\system32\dllhosts.exe

2008-10-24 19:47:40 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$

2008-10-24 19:37:13 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite

2008-10-24 19:36:23 ----D---- C:\Arquivos de programas\Arquivos comuns\PCSuite

2008-10-24 19:36:23 ----D---- C:\Arquivos de programas\Arquivos comuns\Nokia

2008-10-24 19:36:12 ----D---- C:\Arquivos de programas\PC Connectivity Solution

2008-10-24 19:36:08 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll

2008-10-24 19:36:08 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll

2008-10-24 19:36:07 ----A---- C:\WINDOWS\system32\nmwcdcls.dll

2008-10-24 19:36:06 ----D---- C:\Arquivos de programas\Nokia

2008-10-24 19:35:23 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Installations

2008-10-24 19:04:59 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe

2008-10-24 19:04:50 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe

2008-10-24 19:04:50 ----D---- C:\Arquivos de programas\Adobe

2008-10-24 18:59:04 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\NOS

2008-10-24 18:59:04 ----D---- C:\Arquivos de programas\NOS

2008-10-24 16:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2008-10-22 17:07:27 ----D---- C:\WINDOWS\system32\appmgmt

2008-10-22 17:04:41 ----D---- C:\WINDOWS\Sun

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\javaws.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\javaw.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\java.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\deploytk.dll

2008-10-22 17:04:06 ----D---- C:\Arquivos de programas\Java

2008-10-22 02:01:26 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Ahead

2008-10-22 02:01:15 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-22 02:00:56 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\WinRAR

2008-10-21 16:57:20 ----D---- C:\WINDOWS\ie7updates

2008-10-21 16:57:09 ----D---- C:\WINDOWS\WBEM

2008-10-21 16:56:53 ----HDC---- C:\WINDOWS\ie7

2008-10-21 16:56:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-10-21 16:56:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-10-21 16:53:00 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-20 15:22:06 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Real

2008-10-20 14:45:58 ----D---- C:\Arquivos de programas\MSXML 4.0

2008-10-20 12:57:22 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Mozilla

2008-10-20 03:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-10-20 03:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-10-20 03:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-10-20 03:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-20 03:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-20 03:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-20 03:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2008-10-20 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-10-20 03:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-10-20 03:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-20 03:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-10-20 03:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2008-10-20 03:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-10-20 03:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

2008-10-20 03:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$

2008-10-20 03:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-10-20 03:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-10-20 03:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2008-10-20 03:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-10-20 03:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$

2008-10-19 15:39:48 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Google

2008-10-19 15:35:37 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Macromedia

2008-10-19 15:35:36 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Adobe

2008-10-19 15:35:33 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Google

2008-10-19 15:35:25 ----D---- C:\Arquivos de programas\Google

2008-10-19 15:23:31 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Identities

2008-10-19 15:23:27 ----ASH---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\desktop.ini

2008-10-19 15:23:26 ----SD---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Microsoft

2008-10-19 13:31:38 ----D---- C:\WINDOWS\system32\PreInstall

2008-10-19 13:31:37 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-10-19 13:31:37 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-10-19 13:31:36 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2008-10-19 13:31:36 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-19 13:19:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-10-19 12:05:31 ----A---- C:\WINDOWS\ODBC.INI

2008-10-19 12:05:03 ----D---- C:\Arquivos de programas\Arquivos comuns\Designer

2008-10-19 12:03:46 ----D---- C:\WINDOWS\ShellNew

2008-10-19 12:03:44 ----D---- C:\Arquivos de programas\Microsoft Office

2008-10-19 11:59:57 ----SHD---- C:\RECYCLER

2008-10-19 11:52:07 ----A---- C:\WINDOWS\system32\imon.dll

2008-10-19 11:51:58 ----D---- C:\Arquivos de programas\ESET

2008-10-19 11:48:01 ----D---- C:\Arquivos de programas\MSN Messenger

2008-10-19 11:47:31 ----D---- C:\Arquivos de programas\Mozilla Firefox

2008-10-19 11:47:09 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\QuickTime

2008-10-19 11:47:06 ----D---- C:\WINDOWS\system32\QuickTime

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\vp6vfw.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\vp31vfw.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\rmoc3260.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pndx5032.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pndx5016.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pncrt.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\MACDec.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\OpenQuicktimeLib.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\mpg4c32.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\ir50_lcs.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\huffyuv.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\3ivxVfWCodec.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\3ivx.dll

2008-10-19 11:47:02 ----D---- C:\Arquivos de programas\K-Lite Codec Pack

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\WMV9VCM.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\WMV8DMOD.DLL

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\unicows.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\msvcr71.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\msvcr70.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\divx.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\cpuinf32.dll

2008-10-19 11:46:49 ----D---- C:\Arquivos de programas\WinRAR

2008-10-19 11:40:29 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Ahead

2008-10-19 11:38:10 ----D---- C:\Arquivos de programas\Nero

2008-10-19 11:37:52 ----D---- C:\WINDOWS\RegisteredPackages

2008-10-19 11:37:31 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-10-19 11:37:31 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-10-19 11:09:16 ----D---- C:\WINDOWS\nview

2008-10-19 11:09:16 ----A---- C:\WINDOWS\system32\nvudisp.exe

2008-10-19 11:04:27 ----R---- C:\WINDOWS\Alcmtr.exe

2008-10-19 11:02:31 ----D---- C:\WINDOWS\system32\Lang

2008-10-19 11:01:20 ----R---- C:\WINDOWS\system32\ChCfg.exe

2008-10-19 11:01:00 ----D---- C:\WINDOWS\system32\RTCOM

2008-10-19 11:00:59 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-10-19 11:00:55 ----R---- C:\WINDOWS\SoundMan.exe

2008-10-19 11:00:55 ----R---- C:\WINDOWS\SkyTel.exe

2008-10-19 11:00:54 ----R---- C:\WINDOWS\RtlUpd.exe

2008-10-19 11:00:50 ----R---- C:\WINDOWS\RTLCPL.exe

2008-10-19 11:00:41 ----R---- C:\WINDOWS\RTHDCPL.exe

2008-10-19 11:00:40 ----R---- C:\WINDOWS\MicCal.exe

2008-10-19 11:00:37 ----R---- C:\WINDOWS\alcwzrd.exe

2008-10-19 11:00:37 ----D---- C:\Arquivos de programas\Realtek

2008-10-19 11:00:36 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

2008-10-19 11:00:35 ----A---- C:\WINDOWS\HideWin.exe

2008-10-19 11:00:34 ----R---- C:\WINDOWS\RtlExUpd.dll

2008-10-19 11:00:31 ----D---- C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-10-19 11:00:26 ----D---- C:\Arquivos de programas\DIFX

2008-10-19 11:00:24 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-10-19 10:58:42 ----N---- C:\WINDOWS\system32\nvuide.exe

2008-10-19 10:58:41 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-10-19 10:58:36 ----A---- C:\WINDOWS\system32\nvunrm.exe

2008-10-19 10:58:32 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

2008-10-19 10:56:53 ----HD---- C:\Arquivos de programas\Uninstall Information

2008-10-19 10:56:15 ----D---- C:\WINDOWS\SoftwareDistribution

2008-10-19 10:56:14 ----SD---- C:\WINDOWS\system32\Microsoft

2008-10-19 10:56:14 ----D---- C:\WINDOWS\Prefetch

2008-10-19 10:56:14 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-19 10:51:47 ----D---- C:\WINDOWS\system32\xircom

2008-10-19 10:51:47 ----D---- C:\Arquivos de programas\xerox

2008-10-19 10:51:47 ----D---- C:\Arquivos de programas\microsoft frontpage

2008-10-19 10:51:34 ----A---- C:\WINDOWS\control.ini

2008-10-19 10:51:34 ----A---- C:\AUTOEXEC.BAT

2008-10-19 10:51:26 ----A---- C:\WINDOWS\OEWABLog.txt

2008-10-19 10:51:23 ----A---- C:\WINDOWS\system32\mapi32.dll

2008-10-19 10:50:45 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-19 10:50:45 ----RD---- C:\WINDOWS\Offline Web Pages

2008-10-19 10:50:45 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-10-19 10:50:40 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-10-19 10:50:37 ----HD---- C:\Arquivos de programas\WindowsUpdate

2008-10-19 10:50:35 ----D---- C:\Arquivos de programas\Serviços on-line

2008-10-19 10:50:24 ----D---- C:\WINDOWS\system32\DirectX

2008-10-19 10:50:20 ----A---- C:\WINDOWS\system32\atrace.dll

2008-10-19 10:50:18 ----A---- C:\WINDOWS\system32\desktop.ini

2008-10-19 10:50:18 ----A---- C:\WINDOWS\desktop.ini

2008-10-19 10:50:13 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2008-10-19 10:50:12 ----A---- C:\WINDOWS\system32\acctres.dll

2008-10-19 10:50:11 ----D---- C:\Arquivos de programas\Arquivos comuns\Serviços

2008-10-19 10:50:10 ----SD---- C:\WINDOWS\Tasks

2008-10-19 10:50:10 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-10-19 10:50:09 ----D---- C:\Arquivos de programas\Arquivos comuns\MSSoap

2008-10-19 10:50:06 ----D---- C:\WINDOWS\system32\Macromed

2008-10-19 10:50:06 ----D---- C:\WINDOWS\srchasst

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wups.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-10-19 10:50:00 ----D---- C:\Arquivos de programas\Movie Maker

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-10-19 10:49:46 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-10-19 10:49:46 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-10-19 10:49:45 ----D---- C:\WINDOWS\system32\Restore

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srclient.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\mnmdd.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\ils.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\msconf.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2008-10-19 10:49:42 ----D---- C:\Arquivos de programas\NetMeeting

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\inetres.dll

2008-10-19 10:49:41 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-10-19 10:49:41 ----A---- C:\WINDOWS\system32\inetcomm(2).dll

2008-10-19 10:49:40 ----D---- C:\Arquivos de programas\Outlook Express

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\mstask.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\isign32.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-10-19 10:49:36 ----D---- C:\Arquivos de programas\Arquivos comuns\System

2008-10-19 10:49:35 ----D---- C:\Arquivos de programas\Internet Explorer

2008-10-19 10:49:08 ----D---- C:\Arquivos de programas\ComPlus Applications

2008-10-19 10:49:07 ----A---- C:\WINDOWS\vbaddin.ini

2008-10-19 10:49:07 ----A---- C:\WINDOWS\vb.ini

2008-10-19 10:49:03 ----D---- C:\WINDOWS\Registration

2008-10-19 10:48:58 ----D---- C:\Arquivos de programas\Windows Media Player

2008-10-19 10:48:53 ----D---- C:\Arquivos de programas\Messenger

2008-10-19 10:48:51 ----D---- C:\Arquivos de programas\MSN Gaming Zone

2008-10-19 10:48:51 ----A---- C:\WINDOWS\system32\write.exe

2008-10-19 10:48:45 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-10-19 10:48:45 ----A---- C:\WINDOWS\system32\hticons.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\winchat.exe

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avwav.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-10-19 10:48:40 ----A---- C:\WINDOWS\system32\getuname.dll

2008-10-19 10:48:40 ----A---- C:\WINDOWS\system32\charmap.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\winmine.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\sol.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\reset.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\freecell.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\calc.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tskill.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tscon.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\shadow.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\regini.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\msg.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\logoff.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-10-19 10:48:34 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\sndrec32.exe

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-10-19 10:48:32 ----D---- C:\Arquivos de programas\Windows NT

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\spider.exe

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\clipbrd.exe

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\tsgqec.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\aaclient.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-10-19 10:48:29 ----D---- C:\WINDOWS\system32\MsDtc

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-10-19 10:48:28 ----D---- C:\WINDOWS\system32\Com

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\stclient.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\colbact.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comuid.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\cmprops.dll

2008-10-19 08:47:46 ----A---- C:\WINDOWS\system32\h323log.txt

2008-10-19 08:46:00 ----A---- C:\WINDOWS\system32\usbui.dll

2008-10-19 08:45:15 ----A---- C:\WINDOWS\imsins.BAK

2008-10-19 08:45:13 ----SHD---- C:\WINDOWS\Installer

2008-10-19 08:45:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-10-19 08:45:12 ----D---- C:\Arquivos de programas\Arquivos comuns\ODBC

2008-10-19 08:45:12 ----A---- C:\WINDOWS\ODBCINST.INI

2008-10-19 08:45:10 ----D---- C:\Arquivos de programas\Arquivos comuns\SpeechEngines

2008-10-19 08:45:09 ----RD---- C:\Arquivos de programas

2008-10-19 08:45:09 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

2008-10-19 08:45:09 ----D---- C:\Arquivos de programas\Arquivos comuns

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdur.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdru.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdest.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdro.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\irclass.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-10-19 08:44:56 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-10-19 08:44:56 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-10-19 08:44:56 ----A---- C:\WINDOWS\system32\batt.dll

2008-10-19 08:44:55 ----A---- C:\WINDOWS\system32\storprop.dll

2008-10-19 08:44:55 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-10-19 08:44:49 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

2008-10-19 08:44:47 ----RA---- C:\WINDOWS\SET8.tmp

2008-10-19 08:44:45 ----RA---- C:\WINDOWS\SET4.tmp

2008-10-19 08:44:44 ----RA---- C:\WINDOWS\SET3.tmp

2008-10-19 08:44:40 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-19 08:44:40 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-19 08:44:35 ----SD---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

2008-10-19 08:44:20 ----A---- C:\WINDOWS\setuplog.txt

2008-10-19 08:44:17 ----D---- C:\Documents and Settings

2008-10-19 08:44:16 ----SHD---- C:\System Volume Information

2008-10-19 08:43:27 ----RSH---- C:\boot.ini

2008-10-19 08:40:44 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-19 08:40:44 ----RSD---- C:\WINDOWS\Fonts

2008-10-19 08:40:44 ----RD---- C:\WINDOWS\Web

2008-10-19 08:40:44 ----HD---- C:\WINDOWS\inf

2008-10-19 08:40:44 ----D---- C:\WINDOWS\WinSxS

2008-10-19 08:40:44 ----D---- C:\WINDOWS\twain_32

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Temp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\wins

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\wbem

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\usmt

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\spool

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ShellExt

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\Setup

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ras

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\pt-BR

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\oobe

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\npp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\mui

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\inetsrv

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\IME

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\icsxml

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ias

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\export

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\drivers

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\dhcp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\config

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\3com_dmi

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\3076

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\2052

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1054

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1046

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1042

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1041

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1037

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1033

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1031

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1028

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1025

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system

2008-10-19 08:40:44 ----D---- C:\WINDOWS\security

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Resources

2008-10-19 08:40:44 ----D---- C:\WINDOWS\repair

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Provisioning

2008-10-19 08:40:44 ----D---- C:\WINDOWS\PeerNet

2008-10-19 08:40:44 ----D---- C:\WINDOWS\pchealth

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Network Diagnostic

2008-10-19 08:40:44 ----D---- C:\WINDOWS\mui

2008-10-19 08:40:44 ----D---- C:\WINDOWS\msapps

2008-10-19 08:40:44 ----D---- C:\WINDOWS\msagent

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Media

2008-10-19 08:40:44 ----D---- C:\WINDOWS\L2Schemas

2008-10-19 08:40:44 ----D---- C:\WINDOWS\java

2008-10-19 08:40:44 ----D---- C:\WINDOWS\ime

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Help

2008-10-19 08:40:44 ----D---- C:\WINDOWS\ehome

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Driver Cache

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Debug

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Cursors

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Connection Wizard

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Config

2008-10-19 08:40:44 ----D---- C:\WINDOWS\AppPatch

2008-10-19 08:40:44 ----D---- C:\WINDOWS\addins

2008-10-19 08:40:44 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2008-10-19 12:05:24 ----A---- C:\WINDOWS\win.ini

2008-10-19 08:45:08 ----A---- C:\WINDOWS\system.ini

2008-10-15 14:36:42 ----A---- C:\WINDOWS\system32\netapi32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]

R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-10-19 15424]

R1 WS2IFSL;Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-28 12032]

R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-10-19 512096]

R3 HDAudBus;Driver de Barramento Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-16 6853088]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]

R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []

S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-05 85969]

S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]

S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]

S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]

S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Arquivos de programas\Java\jre6\bin\jqs.exe [2008-10-22 152984]

R2 NOD32krn;NOD32 Kernel Service; C:\Arquivos de programas\Eset\nod32krn.exe [2008-10-19 552064]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-16 155716]

R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

R3 NMIndexingService;NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]

S3 getPlus® Helper;getPlus® Helper; C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]

S3 gusvc;Google Updater Service; C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-19 138168]

S3 NBService;NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]

S3 ServiceLayer;ServiceLayer; C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]

S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Arquivos de programas\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ivesicfs

Etapa nº 1 #

Visite este site:

http://www.bleepingcomputer.com/submit-malware.php?channel=4

  • Na caixa "Link to topic where this file was requested:", copie e cole o link deste topico:
http://forum.clubedohardware.com.br/analisem-meu-log/596971

  • Na caixa "Browse to the file you want to submit:", coloque:
    • C:\WINDOWS\system32\efesdres.ini

    [*]Clique no botão Browse...[*]Na caixa " Leave any comments, further information about this file, or contact information: ", coloque:

    • diego_moicano - Forum Clube do Hardware
  • Clique no botão Send File
  • Repita o procedimento e envie também esses arquivos:

  • C:\WINDOWS\system32\serdsefe.dll
  • C:\WINDOWS\system32\vsyjsb.dll
  • C:\WINDOWS\system32\uaupfali.dll
  • C:\WINDOWS\system32\ynodfjcc.ini
  • C:\WINDOWS\system32\ccjfdony.dll
  • C:\WINDOWS\system32\nvsavghj.dll
  • C:\WINDOWS\system32\viwnkkfa.ini
  • C:\WINDOWS\system32\afkknwiv.dll
  • C:\WINDOWS\system32\rzpyvy.dll
  • C:\WINDOWS\system32\gwwoetqq.dll
  • C:\WINDOWS\system32\pouzjc.dll
  • C:\WINDOWS\system32\ogceheef.dll
  • C:\WINDOWS\system32\lheryibg.ini
  • C:\WINDOWS\system32\qoMdBsrQ.dll
  • C:\WINDOWS\system32\iifGYsrO.dll
  • C:\WINDOWS\system32\orfwbral.ini
  • C:\WINDOWS\system32\rcuawg.dll
  • C:\WINDOWS\system32\bxmdonmt.dll
  • C:\WINDOWS\system32\b33c3aa5-.txt
  • C:\WINDOWS\system32\AdNnmUvw.ini2
  • C:\WINDOWS\system32\AdNnmUvw.ini
  • C:\WINDOWS\system32\wvUmnNdA.dll
  • C:\WINDOWS\system32\geBqnNET.dll
  • C:\WINDOWS\system32\tuvUOEVM.dll
Obrigado
Etapa nº 2 #
Leia as instruções contidas neste link:


Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Diego

Desculpe a demora, acontecque quando comecei com o primeiro procedimento fiz o envio do arquivo C:\WINDOWS\system32\efesdres.ini tudo ok quando fui enviar o segundo C:\WINDOWS\system32\serdsefe.dll

apareeu a seguinte mensagem : arquivo não encontra , o que faço agora ,aguardo instuções.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Diego me desculpa a demora mas estou num corre-corre sem tamanho, a propósito o maldito virus continua a abrir páginas no explorer segue abaixo

Log combofix

ComboFix 08-11-07.01 - Ivone de Carlo 2008-11-09 0:00:50.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.598 [GMT -2:00]

Executando de: C:\Documents and Settings\Ivone de Carlo\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ivesicfs

Diego me desculpa a demora
Tranquilo amigo :)

O log do ComboFix está incompleto, por favor, certifique que você copiou todo o conteúdo; lembrando o log se encontra em C:\ComboFix.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Diego

Sou (F) sei que´é difícil identificar com esse nick, porém verifiquei em todo o computador e foi exatamente o que postei que está como log somente aquilo mesmo e continua da mesma forma abrindo paginas do ie não quero ter que fomatar meu pc pois tenho muitas coisas importantes nele e pra backup é mui coisa, a propósito meu pc possui 2 adnistradores de senha isso influêcia de alguma forma ???? ainda é possivel meu pc ter salvação????

-----------------------------------------:(

ComboFix 08-11-07.01 - Ivone de Carlo 2008-11-09 0:00:50.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.598 [GMT -2:00]

Executando de: C:\Documents and Settings\Ivone de Carlo\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Diego,

Antes de utilizar o combofix novamente, preciso esclarecer algumas dúvidas

O computador pode estar em cnexão com a internet?

pois quando foi utilizado o combo pela primeira vez foi meu marido que não entende nada x nada de computadores que o executou sem minha ordem

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara ivesicfs

O computador pode estar em cnexão com a internet?
Em Modo Seguro que precisa escolher pode ser sem acesso à Internet! Pode executar sem problemas...
pois quando foi utilizado o combo pela primeira vez foi meu marido que não entende nada x nada de computadores que o executou sem minha ordem
Puxa a orelha dele :lol:

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Diego

Fizonforme orientações mas o que aparece no log do combofix é exatamente o que posto abaixo

ComboFix 08-11-07.01 - Ivone de Carlo 2008-11-12 11:23:29.4 - NTFSx86 MINIMAL

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.828 [GMT -2:00]

Executando de: C:\Documents and Settings\Ivone de Carlo\Desktop\ComboFix.exe

.

Meu deus será que essa joça aindaem solução, sem contar que agora quando inicio o windows aparece a segue mensagem:

O windows foi restaurado de uma falha muito grave.

enviar relatório sim / não

a barra de inicialização agora vive desaparecendo, vira e mexe tem uns picos dá pra perceber como se fosse o sistema reiniciando abre e fecha tudo que esta na barra inicial como por exemplo antivirus, conexão de internet como se eu estivesse iniciando o sistema naquele momento.

antes não aparecia isso correu após rdar o combofix

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara ivesicfs

Que coisa hein :(

Vamos restaurar o sistema um dia antes da execução do ComboFix!

# Etapa nº 1 #

Vá em,

iniciar > Todos os programas > Acessórios > Ferramente do Sistema > e clique em Restrauração do sistema, na janela que abrir clique em Avançar, escolha o dia clique em Avançar e dê Ok!

# Etapa nº 2 #

  • Faça o download do RSIT - random's system information tool by random/random e salve no seu desktop.
  • Duplo clique em RSIT.exe para a ferramenta ser executada.
  • Na janela que abrir (disclamer), clique em Continue.
  • Quando a ferramenta terminar de rodar, abrirá um documento do Bloco de Notas contendo o resultado do scan. Por favor cole o resultado desse log (log.txt) na sua próxima resposta.
  • Cole também o conteúdo do arquivo info.txt que estará em C:\rsit\info.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Diego

Me perdoe a demora pois tô na correria de uma apresentação muito importante.

Utilizo alguns programas para fazer filmepara o povo da fac. depois da utilização do combofix pela última vez ,tenho vários arquivos e pastas novas, eis uma pergunta posso fazer backup dos meus programas e arquivos?!?!?!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara ivesicfs

Utilizo alguns programas para fazer filmepara o povo da fac. depois da utilização do combofix pela última vez ,tenho vários arquivos e pastas novas, eis uma pergunta posso fazer backup dos meus programas e arquivos?!?!?!
Com certeza :)

Tudo bem, fico aguardando os logs! :cool:

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

rsit

Logfile of random's system information tool 1.04 (written by random/random)

Run by Ivone de Carlo at 2008-11-16 03:44:32

Microsoft Windows XP Professional Service Pack 3

System drive C: has 49 GB (32%) free of 153 GB

Total RAM: 1023 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 03:44, on 2008-11-16

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Eset\nod32kui.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Documents and Settings\Ivone de Carlo\Desktop\RSIT.exe

C:\Arquivos de programas\trend micro\Ivone de Carlo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: {dd58ad6b-4b71-e6eb-a0c4-99e04f00df11} - {11fd00f4-0e99-4c0a-be6e-17b4b6da85dd} - C:\WINDOWS\system32\mipjpm.dll

O2 - BHO: (no name) - {75ABCF92-9764-4DFA-A83F-5142C3905052} - C:\WINDOWS\system32\tuvUOEVM.dll (file missing)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {8AB3F858-25FB-4D26-910C-0D520AEDB2A3} - C:\WINDOWS\system32\wvUmnNdA.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [b81ffedb] rundll32.exe "C:\WINDOWS\system32\gkolklot.dll",b

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?AuthParam=1224702273_e00908eb96fa57d42e938ba6539fb026&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab&File=jinstall-6u10-windows-i586-jc.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlugin/cab/GbPluginUni.cab

O20 - Winlogon Notify: GbPluginUni - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll

O20 - Winlogon Notify: tuvUOEVM - tuvUOEVM.dll (file missing)

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Unknown owner - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8066 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11fd00f4-0e99-4c0a-be6e-17b4b6da85dd}]

C:\WINDOWS\system32\mipjpm.dll [2008-11-15 114688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75ABCF92-9764-4DFA-A83F-5142C3905052}]

C:\WINDOWS\system32\tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Arquivos de programas\Java\jre6\bin\ssv.dll [2008-10-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AB3F858-25FB-4D26-910C-0D520AEDB2A3}]

C:\WINDOWS\system32\wvUmnNdA.dll [2008-11-01 273408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\arquivos de programas\google\googletoolbar1.dll [2008-10-19 2423872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-20 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540008}]

GbIehObj Class - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll [2008-10-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\arquivos de programas\google\googletoolbar1.dll [2008-10-19 2423872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]

"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-16 8491008]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-09-16 81920]

"nod32kui"=C:\Arquivos de programas\Eset\nod32kui.exe [2008-10-19 949376]

"SunJavaUpdateSched"=C:\Arquivos de programas\Java\jre6\bin\jusched.exe [2008-10-22 136600]

"Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"NeroFilterCheck"=C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

"NBKeyScan"=C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

"b81ffedb"=C:\WINDOWS\system32\gkolklot.dll [2008-11-15 76800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]

"swg"=C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-20 68856]

"msnmsgr"=C:\Arquivos de programas\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar

Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginUni]

C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvUOEVM]

tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399008}"=C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

"{75ABCF92-9764-4DFA-A83F-5142C3905052}"=C:\WINDOWS\system32\tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"authentication packages"=msv1_0

C:\WINDOWS\system32\wvUmnNdA

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Arquivos de programas\LimeWire\LimeWire.exe"="C:\Arquivos de programas\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Arquivos de programas\eMule\emule.exe"="C:\Arquivos de programas\eMule\emule.exe:*:Enabled:eMule"

"C:\Arquivos de programas\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Arquivos de programas\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"

"C:\Arquivos de programas\Arquivos comuns\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Arquivos de programas\Arquivos comuns\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "

"C:\Arquivos de programas\Arquivos comuns\Nero\Nero Web\SetupX.exe"="C:\Arquivos de programas\Arquivos comuns\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"

"C:\Arquivos de programas\Eurekr.com\1-Click YouTubeAssistant\bin\utdman.exe"="C:\Arquivos de programas\Eurekr.com\1-Click YouTubeAssistant\bin\utdman.exe:*:Enabled:utdman"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2009-11-07 15:03:03 ----A---- C:\WINDOWS\system32\kinzpr.dll

2009-11-07 15:03:02 ----A---- C:\WINDOWS\system32\ehnxqfcn.dll

2008-11-16 03:36:17 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\NeroDigital™

2008-11-16 03:35:14 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

2008-11-16 03:35:11 ----D---- C:\Arquivos de programas\Windows Live

2008-11-16 03:35:07 ----D---- C:\Arquivos de programas\Arquivos comuns\Ahead

2008-11-16 03:32:57 ----D---- C:\Arquivos de programas\Windows Sidebar

2008-11-15 22:46:18 ----SH---- C:\WINDOWS\system32\tolklokg.ini

2008-11-15 22:46:10 ----A---- C:\WINDOWS\system32\gkolklot.dll

2008-11-15 22:43:52 ----A---- C:\WINDOWS\system32\mipjpm.dll

2008-11-15 22:43:50 ----A---- C:\WINDOWS\system32\yedymmnd.dll

2008-11-15 15:06:36 ----A---- C:\WINDOWS\system32\wmpns.dll

2008-11-14 14:13:59 ----A---- C:\WINDOWS\system32\kcddkl.dll

2008-11-14 14:13:58 ----A---- C:\WINDOWS\system32\lhuuwatv.dll

2008-11-14 14:11:50 ----SH---- C:\WINDOWS\system32\mqwtrhvs.ini

2008-11-13 23:53:28 ----A---- C:\WINDOWS\system32\xwbqgt.dll

2008-11-13 23:53:26 ----A---- C:\WINDOWS\system32\pykkxmbo.dll

2008-11-13 23:47:42 ----SH---- C:\WINDOWS\system32\ajcwfmbn.ini

2008-11-12 17:43:52 ----A---- C:\WINDOWS\system32\uapvhh.dll

2008-11-12 17:43:50 ----A---- C:\WINDOWS\system32\sviptlpd.dll

2008-11-12 17:41:00 ----SH---- C:\WINDOWS\system32\skqxbiur.ini

2008-11-12 12:26:52 ----A---- C:\WINDOWS\system32\MsiExec.exe.log

2008-11-12 11:23:16 ----D---- C:\ComboFix

2008-11-12 11:23:16 ----A---- C:\WINDOWS\system32\CF20655.exe

2008-11-12 02:34:18 ----A---- C:\WINDOWS\system32\CF15316.exe

2008-11-12 02:15:13 ----A---- C:\WINDOWS\system32\CF11580.exe

2008-11-12 01:39:50 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Nero

2008-11-12 01:38:42 ----D---- C:\Arquivos de programas\Arquivos comuns\Nero

2008-11-12 01:11:58 ----A---- C:\WINDOWS\Irremote.ini

2008-11-11 17:07:59 ----SH---- C:\WINDOWS\system32\kxfdxvpe.ini

2008-11-11 17:07:57 ----A---- C:\WINDOWS\system32\epvxdfxk.dll

2008-11-11 17:05:41 ----A---- C:\WINDOWS\system32\uhpnjc.dll

2008-11-11 17:05:41 ----A---- C:\WINDOWS\system32\iwyflhjd.dll

2008-11-11 03:29:37 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Office Genuine Advantage

2008-11-10 11:17:05 ----D---- C:\Arquivos de programas\Messenger Plus! Live

2008-11-10 10:03:54 ----SH---- C:\WINDOWS\system32\tkdkkmeq.ini

2008-11-10 09:58:33 ----A---- C:\WINDOWS\system32\npejgbbx.dll

2008-11-10 09:58:33 ----A---- C:\WINDOWS\system32\lubzlz.dll

2008-11-09 20:24:38 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\ImgBurn

2008-11-09 19:20:26 ----A---- C:\WINDOWS\system32\sggpxy.dll

2008-11-09 19:20:24 ----A---- C:\WINDOWS\system32\muxwwxcf.dll

2008-11-09 19:20:23 ----SH---- C:\WINDOWS\system32\npdoufph.ini

2008-11-09 19:17:55 ----A---- C:\WINDOWS\system32\twsdmvou.dll

2008-11-09 17:58:03 ----SHD---- C:\Config.Msi

2008-11-09 00:01:42 ----D---- C:\WINDOWS\Minidump

2008-11-08 23:59:58 ----A---- C:\Boot.bak

2008-11-08 23:59:55 ----RASHD---- C:\cmdcons

2008-11-08 23:50:02 ----A---- C:\WINDOWS\zip.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\VFIND.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWXCACLS.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWSC.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWREG.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\sed.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\NIRCMD.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\grep.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\fdsv.exe

2008-11-08 23:49:58 ----D---- C:\WINDOWS\ERDNT

2008-11-08 23:49:58 ----D---- C:\Qoobox

2008-11-08 23:49:58 ----A---- C:\WINDOWS\system32\CF21419.exe

2008-11-08 23:22:21 ----SH---- C:\WINDOWS\system32\ijlmmlkb.ini

2008-11-08 16:52:19 ----SH---- C:\WINDOWS\system32\arhnfibp.ini

2008-11-08 01:34:57 ----A---- C:\WINDOWS\system32\mcrh.tmp

2008-11-07 15:08:27 ----SH---- C:\WINDOWS\system32\buupxswl.ini

2008-11-07 15:08:19 ----A---- C:\WINDOWS\system32\lwsxpuub.dll

2008-11-07 12:20:54 ----A---- C:\WINDOWS\system32\iwbiej.dll

2008-11-07 12:20:52 ----A---- C:\WINDOWS\system32\etswmnbf.dll

2008-11-07 12:18:44 ----SH---- C:\WINDOWS\system32\fmsdxptv.ini

2008-11-07 08:16:04 ----SH---- C:\WINDOWS\system32\ayystelu.ini

2008-11-07 08:13:08 ----A---- C:\WINDOWS\system32\oyeirckx.dll

2008-11-07 08:13:08 ----A---- C:\WINDOWS\system32\npspfv.dll

2008-11-07 03:39:45 ----A---- C:\WINDOWS\system32\tkspmd.dll

2008-11-07 03:39:43 ----A---- C:\WINDOWS\system32\bepqishg.dll

2008-11-07 03:37:39 ----SH---- C:\WINDOWS\system32\fpiueiql.ini

2008-11-07 01:00:14 ----D---- C:\Arquivos de programas\Eurekr.com

2008-11-07 00:56:06 ----RSD---- C:\WINDOWS\assembly

2008-11-07 00:55:20 ----D---- C:\WINDOWS\Microsoft.NET

2008-11-06 17:43:52 ----SH---- C:\WINDOWS\system32\ahdgmige.ini

2008-11-06 17:43:41 ----N---- C:\WINDOWS\system32\egimgdha.dll

2008-11-06 17:40:50 ----A---- C:\WINDOWS\system32\xywcgd.dll

2008-11-06 17:40:49 ----A---- C:\WINDOWS\system32\bxwdmqst.dll

2008-11-05 17:21:36 ----SH---- C:\WINDOWS\system32\lfwhwxyj.ini

2008-11-05 17:21:31 ----A---- C:\WINDOWS\system32\jyxwhwfl.dll

2008-11-05 17:19:48 ----A---- C:\WINDOWS\system32\pgdqyt.dll

2008-11-05 17:19:46 ----A---- C:\WINDOWS\system32\uudvvhmb.dll

2008-11-05 13:45:13 ----D---- C:\Arquivos de programas\trend micro

2008-11-05 13:45:12 ----D---- C:\rsit

2008-11-05 13:03:29 ----A---- C:\WINDOWS\gmer.ini

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer_uninstall.cmd

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer.exe

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer.dll

2008-11-04 13:29:27 ----SH---- C:\WINDOWS\system32\efesdres.ini

2008-11-04 13:27:11 ----A---- C:\WINDOWS\system32\vsyjsb.dll

2008-11-04 13:27:09 ----A---- C:\WINDOWS\system32\uaupfali.dll

2008-11-04 13:26:40 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nokia

2008-11-04 13:24:28 ----D---- C:\Arquivos de programas\MSXML 6.0

2008-11-03 01:01:28 ----SH---- C:\WINDOWS\system32\ynodfjcc.ini

2008-11-03 01:01:24 ----A---- C:\WINDOWS\system32\ccjfdony.dll

2008-11-03 00:59:06 ----A---- C:\WINDOWS\system32\zfcdam.dll

2008-11-03 00:59:04 ----A---- C:\WINDOWS\system32\nvsavghj.dll

2008-11-02 23:52:26 ----D---- C:\Arquivos de programas\EsetOnlineScanner

2008-11-02 14:42:05 ----A---- C:\WINDOWS\system32\tuvWpPIB.dll

2008-11-02 14:42:05 ----A---- C:\WINDOWS\system32\fcccdDvv.dll

2008-11-02 14:10:51 ----SH---- C:\WINDOWS\system32\viwnkkfa.ini

2008-11-02 14:10:41 ----A---- C:\WINDOWS\system32\afkknwiv.dll

2008-11-02 14:08:21 ----A---- C:\WINDOWS\system32\rzpyvy.dll

2008-11-02 14:08:19 ----A---- C:\WINDOWS\system32\gwwoetqq.dll

2008-11-02 14:05:52 ----A---- C:\WINDOWS\system32\pouzjc.dll

2008-11-02 14:05:50 ----A---- C:\WINDOWS\system32\ogceheef.dll

2008-11-02 14:03:22 ----SH---- C:\WINDOWS\system32\lheryibg.ini

2008-11-02 14:02:54 ----A---- C:\WINDOWS\system32\qoMdBsrQ.dll

2008-11-02 14:02:54 ----A---- C:\WINDOWS\system32\iifGYsrO.dll

2008-11-02 12:46:04 ----A---- C:\WINDOWS\ntbtlog.txt

2008-11-02 01:21:40 ----D---- C:\WINDOWS\pss

2008-11-02 01:09:26 ----SH---- C:\WINDOWS\system32\orfwbral.ini

2008-11-02 01:09:18 ----A---- C:\WINDOWS\system32\rcuawg.dll

2008-11-02 01:09:16 ----A---- C:\WINDOWS\system32\bxmdonmt.dll

2008-11-01 14:54:46 ----A---- C:\WINDOWS\system32\b33c3aa5-.txt

2008-11-01 14:54:29 ----ASH---- C:\WINDOWS\system32\AdNnmUvw.ini2

2008-11-01 14:54:29 ----ASH---- C:\WINDOWS\system32\AdNnmUvw.ini

2008-11-01 14:54:23 ----A---- C:\WINDOWS\system32\wvUmnNdA.dll

2008-10-31 12:06:37 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

2008-10-30 01:31:09 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-10-30 01:31:02 ----D---- C:\Arquivos de programas\MyFantasyMaker

2008-10-30 01:30:53 ----D---- C:\WINDOWS\Downloaded Installations

2008-10-29 13:34:16 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

2008-10-28 01:39:19 ----D---- C:\Arquivos de programas\Custom Technology

2008-10-28 01:38:08 ----A---- C:\WINDOWS\system32\devil.dll

2008-10-28 01:38:07 ----A---- C:\WINDOWS\system32\avisynth.dll

2008-10-28 01:37:04 ----D---- C:\Arquivos de programas\DIKO

2008-10-27 15:04:03 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Sun

2008-10-27 01:51:27 ----D---- C:\ZCVideoDVD

2008-10-27 01:49:15 ----A---- C:\WINDOWS\ZC DVD Creator Platinum.INI

2008-10-27 01:49:00 ----D---- C:\Arquivos de programas\ZC DVD Creator Platinum

2008-10-27 00:54:06 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2008-10-25 11:38:26 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\LimeWire

2008-10-25 00:07:48 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\PC Suite

2008-10-24 21:11:37 ----A---- C:\WINDOWS\system32\doskeys.exe

2008-10-24 21:11:35 ----A---- C:\WINDOWS\system32\rar.exe

2008-10-24 21:11:33 ----A---- C:\WINDOWS\system32\gh14rs.txt

2008-10-24 21:11:33 ----A---- C:\WINDOWS\system32\dllhosts.exe

2008-10-24 19:47:40 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$

2008-10-24 19:37:13 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite

2008-10-24 19:36:23 ----D---- C:\Arquivos de programas\Arquivos comuns\PCSuite

2008-10-24 19:36:23 ----D---- C:\Arquivos de programas\Arquivos comuns\Nokia

2008-10-24 19:36:12 ----D---- C:\Arquivos de programas\PC Connectivity Solution

2008-10-24 19:36:08 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll

2008-10-24 19:36:08 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll

2008-10-24 19:36:07 ----A---- C:\WINDOWS\system32\nmwcdcls.dll

2008-10-24 19:36:06 ----D---- C:\Arquivos de programas\Nokia

2008-10-24 19:35:23 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Installations

2008-10-24 19:04:59 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe

2008-10-24 19:04:50 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe

2008-10-24 19:04:50 ----D---- C:\Arquivos de programas\Adobe

2008-10-24 18:59:04 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\NOS

2008-10-24 18:59:04 ----D---- C:\Arquivos de programas\NOS

2008-10-24 16:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2008-10-22 17:07:27 ----D---- C:\WINDOWS\system32\appmgmt

2008-10-22 17:04:41 ----D---- C:\WINDOWS\Sun

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\javaws.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\javaw.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\java.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\deploytk.dll

2008-10-22 17:04:06 ----D---- C:\Arquivos de programas\Java

2008-10-22 02:01:15 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-22 02:00:56 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\WinRAR

2008-10-21 16:57:20 ----D---- C:\WINDOWS\ie7updates

2008-10-21 16:57:09 ----D---- C:\WINDOWS\WBEM

2008-10-21 16:56:53 ----HDC---- C:\WINDOWS\ie7

2008-10-21 16:56:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-10-21 16:56:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-10-21 16:53:00 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-20 15:22:06 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Real

2008-10-20 14:45:58 ----D---- C:\Arquivos de programas\MSXML 4.0

2008-10-20 12:57:22 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Mozilla

2008-10-20 03:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-10-20 03:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-10-20 03:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-10-20 03:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-20 03:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-20 03:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-20 03:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2008-10-20 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-10-20 03:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-10-20 03:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-20 03:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-10-20 03:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2008-10-20 03:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-10-20 03:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

2008-10-20 03:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$

2008-10-20 03:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-10-20 03:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-10-20 03:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2008-10-20 03:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-10-20 03:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$

2008-10-19 15:39:48 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Google

2008-10-19 15:35:37 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Macromedia

2008-10-19 15:35:36 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Adobe

2008-10-19 15:35:33 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Google

2008-10-19 15:35:25 ----D---- C:\Arquivos de programas\Google

2008-10-19 15:23:31 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Identities

2008-10-19 15:23:27 ----ASH---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\desktop.ini

2008-10-19 15:23:26 ----SD---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Microsoft

2008-10-19 13:31:38 ----D---- C:\WINDOWS\system32\PreInstall

2008-10-19 13:31:37 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-10-19 13:31:37 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-10-19 13:31:36 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2008-10-19 13:31:36 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-19 13:19:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-10-19 12:05:31 ----A---- C:\WINDOWS\ODBC.INI

2008-10-19 12:05:03 ----D---- C:\Arquivos de programas\Arquivos comuns\Designer

2008-10-19 12:03:46 ----D---- C:\WINDOWS\ShellNew

2008-10-19 12:03:44 ----D---- C:\Arquivos de programas\Microsoft Office

2008-10-19 11:59:57 ----SHD---- C:\RECYCLER

2008-10-19 11:52:07 ----A---- C:\WINDOWS\system32\imon.dll

2008-10-19 11:51:58 ----D---- C:\Arquivos de programas\ESET

2008-10-19 11:48:01 ----D---- C:\Arquivos de programas\MSN Messenger

2008-10-19 11:47:31 ----D---- C:\Arquivos de programas\Mozilla Firefox

2008-10-19 11:47:09 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\QuickTime

2008-10-19 11:47:06 ----D---- C:\WINDOWS\system32\QuickTime

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\vp6vfw.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\vp31vfw.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\rmoc3260.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pndx5032.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pndx5016.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pncrt.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\MACDec.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\OpenQuicktimeLib.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\mpg4c32.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\ir50_lcs.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\huffyuv.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\3ivxVfWCodec.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\3ivx.dll

2008-10-19 11:47:02 ----D---- C:\Arquivos de programas\K-Lite Codec Pack

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\WMV9VCM.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\WMV8DMOD.DLL

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\unicows.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\msvcr71.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\msvcr70.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\divx.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\cpuinf32.dll

2008-10-19 11:46:49 ----D---- C:\Arquivos de programas\WinRAR

2008-10-19 11:38:10 ----D---- C:\Arquivos de programas\Nero

2008-10-19 11:37:52 ----D---- C:\WINDOWS\RegisteredPackages

2008-10-19 11:37:31 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-10-19 11:37:31 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-10-19 11:09:16 ----D---- C:\WINDOWS\nview

2008-10-19 11:09:16 ----A---- C:\WINDOWS\system32\nvudisp.exe

2008-10-19 11:04:27 ----R---- C:\WINDOWS\Alcmtr.exe

2008-10-19 11:02:31 ----D---- C:\WINDOWS\system32\Lang

2008-10-19 11:01:20 ----R---- C:\WINDOWS\system32\ChCfg.exe

2008-10-19 11:01:00 ----D---- C:\WINDOWS\system32\RTCOM

2008-10-19 11:00:59 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-10-19 11:00:55 ----R---- C:\WINDOWS\SoundMan.exe

2008-10-19 11:00:55 ----R---- C:\WINDOWS\SkyTel.exe

2008-10-19 11:00:54 ----R---- C:\WINDOWS\RtlUpd.exe

2008-10-19 11:00:50 ----R---- C:\WINDOWS\RTLCPL.exe

2008-10-19 11:00:41 ----R---- C:\WINDOWS\RTHDCPL.exe

2008-10-19 11:00:40 ----R---- C:\WINDOWS\MicCal.exe

2008-10-19 11:00:37 ----R---- C:\WINDOWS\alcwzrd.exe

2008-10-19 11:00:37 ----D---- C:\Arquivos de programas\Realtek

2008-10-19 11:00:36 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

2008-10-19 11:00:35 ----A---- C:\WINDOWS\HideWin.exe

2008-10-19 11:00:34 ----R---- C:\WINDOWS\RtlExUpd.dll

2008-10-19 11:00:31 ----D---- C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-10-19 11:00:26 ----D---- C:\Arquivos de programas\DIFX

2008-10-19 11:00:24 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-10-19 10:58:42 ----N---- C:\WINDOWS\system32\nvuide.exe

2008-10-19 10:58:41 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-10-19 10:58:36 ----A---- C:\WINDOWS\system32\nvunrm.exe

2008-10-19 10:58:32 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

2008-10-19 10:56:53 ----HD---- C:\Arquivos de programas\Uninstall Information

2008-10-19 10:56:15 ----D---- C:\WINDOWS\SoftwareDistribution

2008-10-19 10:56:14 ----SD---- C:\WINDOWS\system32\Microsoft

2008-10-19 10:56:14 ----D---- C:\WINDOWS\Prefetch

2008-10-19 10:56:14 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-19 10:51:47 ----D---- C:\WINDOWS\system32\xircom

2008-10-19 10:51:47 ----D---- C:\Arquivos de programas\xerox

2008-10-19 10:51:47 ----D---- C:\Arquivos de programas\microsoft frontpage

2008-10-19 10:51:34 ----A---- C:\WINDOWS\control.ini

2008-10-19 10:51:34 ----A---- C:\AUTOEXEC.BAT

2008-10-19 10:51:26 ----A---- C:\WINDOWS\OEWABLog.txt

2008-10-19 10:51:23 ----A---- C:\WINDOWS\system32\mapi32.dll

2008-10-19 10:50:45 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-19 10:50:45 ----RD---- C:\WINDOWS\Offline Web Pages

2008-10-19 10:50:45 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-10-19 10:50:40 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-10-19 10:50:37 ----HD---- C:\Arquivos de programas\WindowsUpdate

2008-10-19 10:50:35 ----D---- C:\Arquivos de programas\Serviços on-line

2008-10-19 10:50:24 ----D---- C:\WINDOWS\system32\DirectX

2008-10-19 10:50:20 ----A---- C:\WINDOWS\system32\atrace.dll

2008-10-19 10:50:18 ----A---- C:\WINDOWS\system32\desktop.ini

2008-10-19 10:50:18 ----A---- C:\WINDOWS\desktop.ini

2008-10-19 10:50:13 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2008-10-19 10:50:12 ----A---- C:\WINDOWS\system32\acctres.dll

2008-10-19 10:50:11 ----D---- C:\Arquivos de programas\Arquivos comuns\Serviços

2008-10-19 10:50:10 ----SD---- C:\WINDOWS\Tasks

2008-10-19 10:50:10 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-10-19 10:50:09 ----D---- C:\Arquivos de programas\Arquivos comuns\MSSoap

2008-10-19 10:50:06 ----D---- C:\WINDOWS\system32\Macromed

2008-10-19 10:50:06 ----D---- C:\WINDOWS\srchasst

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wups.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-10-19 10:50:00 ----D---- C:\Arquivos de programas\Movie Maker

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-10-19 10:49:46 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-10-19 10:49:46 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-10-19 10:49:45 ----D---- C:\WINDOWS\system32\Restore

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srclient.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\mnmdd.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\ils.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\msconf.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2008-10-19 10:49:42 ----D---- C:\Arquivos de programas\NetMeeting

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\inetres.dll

2008-10-19 10:49:41 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-10-19 10:49:41 ----A---- C:\WINDOWS\system32\inetcomm(2).dll

2008-10-19 10:49:40 ----D---- C:\Arquivos de programas\Outlook Express

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\mstask.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\isign32.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-10-19 10:49:36 ----D---- C:\Arquivos de programas\Arquivos comuns\System

2008-10-19 10:49:35 ----D---- C:\Arquivos de programas\Internet Explorer

2008-10-19 10:49:08 ----D---- C:\Arquivos de programas\ComPlus Applications

2008-10-19 10:49:07 ----A---- C:\WINDOWS\vbaddin.ini

2008-10-19 10:49:07 ----A---- C:\WINDOWS\vb.ini

2008-10-19 10:49:03 ----D---- C:\WINDOWS\Registration

2008-10-19 10:48:58 ----D---- C:\Arquivos de programas\Windows Media Player

2008-10-19 10:48:53 ----D---- C:\Arquivos de programas\Messenger

2008-10-19 10:48:51 ----D---- C:\Arquivos de programas\MSN Gaming Zone

2008-10-19 10:48:51 ----A---- C:\WINDOWS\system32\write.exe

2008-10-19 10:48:45 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-10-19 10:48:45 ----A---- C:\WINDOWS\system32\hticons.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\winchat.exe

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avwav.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-10-19 10:48:40 ----A---- C:\WINDOWS\system32\getuname.dll

2008-10-19 10:48:40 ----A---- C:\WINDOWS\system32\charmap.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\winmine.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\sol.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\reset.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\freecell.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\calc.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tskill.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tscon.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\shadow.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\regini.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\msg.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\logoff.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-10-19 10:48:34 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\sndrec32.exe

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-10-19 10:48:32 ----D---- C:\Arquivos de programas\Windows NT

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\spider.exe

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\clipbrd.exe

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\tsgqec.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\aaclient.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-10-19 10:48:29 ----D---- C:\WINDOWS\system32\MsDtc

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-10-19 10:48:28 ----D---- C:\WINDOWS\system32\Com

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\stclient.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\colbact.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comuid.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\cmprops.dll

2008-10-19 08:47:46 ----A---- C:\WINDOWS\system32\h323log.txt

2008-10-19 08:46:00 ----A---- C:\WINDOWS\system32\usbui.dll

2008-10-19 08:45:15 ----A---- C:\WINDOWS\imsins.BAK

2008-10-19 08:45:13 ----SHD---- C:\WINDOWS\Installer

2008-10-19 08:45:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-10-19 08:45:12 ----D---- C:\Arquivos de programas\Arquivos comuns\ODBC

2008-10-19 08:45:12 ----A---- C:\WINDOWS\ODBCINST.INI

2008-10-19 08:45:10 ----D---- C:\Arquivos de programas\Arquivos comuns\SpeechEngines

2008-10-19 08:45:09 ----RD---- C:\Arquivos de programas

2008-10-19 08:45:09 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

2008-10-19 08:45:09 ----D---- C:\Arquivos de programas\Arquivos comuns

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdur.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdru.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdest.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdro.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\irclass.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-10-19 08:44:56 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-10-19 08:44:56 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-10-19 08:44:56 ----A---- C:\WINDOWS\system32\batt.dll

2008-10-19 08:44:55 ----A---- C:\WINDOWS\system32\storprop.dll

2008-10-19 08:44:55 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-10-19 08:44:49 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

2008-10-19 08:44:47 ----RA---- C:\WINDOWS\SET8.tmp

2008-10-19 08:44:45 ----RA---- C:\WINDOWS\SET4.tmp

2008-10-19 08:44:44 ----RA---- C:\WINDOWS\SET3.tmp

2008-10-19 08:44:40 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-19 08:44:40 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-19 08:44:35 ----SD---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

2008-10-19 08:44:20 ----A---- C:\WINDOWS\setuplog.txt

2008-10-19 08:44:17 ----D---- C:\Documents and Settings

2008-10-19 08:44:16 ----SHD---- C:\System Volume Information

2008-10-19 08:43:27 ----RASH---- C:\boot.ini

2008-10-19 08:40:44 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-19 08:40:44 ----RSD---- C:\WINDOWS\Fonts

2008-10-19 08:40:44 ----RD---- C:\WINDOWS\Web

2008-10-19 08:40:44 ----HD---- C:\WINDOWS\inf

2008-10-19 08:40:44 ----D---- C:\WINDOWS\WinSxS

2008-10-19 08:40:44 ----D---- C:\WINDOWS\twain_32

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Temp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\wins

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\wbem

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\usmt

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\spool

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ShellExt

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\Setup

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ras

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\pt-BR

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\oobe

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\npp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\mui

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\inetsrv

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\IME

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\icsxml

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ias

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\export

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\drivers

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\dhcp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\config

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\3com_dmi

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\3076

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\2052

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1054

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1046

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1042

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1041

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1037

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1033

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1031

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1028

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1025

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system

2008-10-19 08:40:44 ----D---- C:\WINDOWS\security

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Resources

2008-10-19 08:40:44 ----D---- C:\WINDOWS\repair

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Provisioning

2008-10-19 08:40:44 ----D---- C:\WINDOWS\PeerNet

2008-10-19 08:40:44 ----D---- C:\WINDOWS\pchealth

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Network Diagnostic

2008-10-19 08:40:44 ----D---- C:\WINDOWS\mui

2008-10-19 08:40:44 ----D---- C:\WINDOWS\msapps

2008-10-19 08:40:44 ----D---- C:\WINDOWS\msagent

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Media

2008-10-19 08:40:44 ----D---- C:\WINDOWS\L2Schemas

2008-10-19 08:40:44 ----D---- C:\WINDOWS\java

2008-10-19 08:40:44 ----D---- C:\WINDOWS\ime

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Help

2008-10-19 08:40:44 ----D---- C:\WINDOWS\ehome

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Driver Cache

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Debug

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Cursors

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Connection Wizard

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Config

2008-10-19 08:40:44 ----D---- C:\WINDOWS\AppPatch

2008-10-19 08:40:44 ----D---- C:\WINDOWS\addins

2008-10-19 08:40:44 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2008-10-19 12:05:24 ----A---- C:\WINDOWS\win.ini

2008-10-19 08:45:08 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]

R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-10-19 15424]

R1 WS2IFSL;Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-28 12032]

R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-10-19 512096]

R3 HDAudBus;Driver de Barramento Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-16 6853088]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]

R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []

S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-05 85969]

S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]

S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]

S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]

S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]

S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Arquivos de programas\Java\jre6\bin\jqs.exe [2008-10-22 152984]

R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]

R2 NOD32krn;NOD32 Kernel Service; C:\Arquivos de programas\Eset\nod32krn.exe [2008-10-19 552064]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-16 155716]

R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

S3 getPlus® Helper;getPlus® Helper; C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]

S3 gusvc;Google Updater Service; C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-19 138168]

S3 NBService;NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe []

S3 NMIndexingService;NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]

S3 ServiceLayer;ServiceLayer; C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]

S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Arquivos de programas\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

2º log cf instruções

info.txt logfile of random's system information tool 1.04 2008-11-05 13:45:29

======Uninstall list======

-->C:\Arquivos de programas\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNRecode.exe /UNINSTALL

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 9 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A90000000001}

Arquivo do WinRAR-->C:\Arquivos de programas\WinRAR\uninstall.exe

Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Atualização de Segurança para Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Atualização de Segurança para Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Atualização para Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"

Atualização para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Atualização para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

CCE SP Trial Version-->C:\ARQUIV~1\CUSTOM~1\CCESPT~1\uinst.exe

DIKO 2.32-->"C:\Arquivos de programas\DIKO\unins000.exe"

eMule-->"C:\Arquivos de programas\eMule\Uninstall.exe"

ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe

getPlus® for Adobe-->"C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1

Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\arquivos de programas\google\googletoolbar1.dll"

HijackThis 1.99.1-->C:\DOCUME~1\IVONED~1\CONFIG~1\Temp\Rar$EX00.985\HijackThis.exe /uninstall

Hotfix para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Java 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

K-Lite Mega Codec Pack 1.12-->"C:\Arquivos de programas\K-Lite Codec Pack\unins000.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office XP Professional com FrontPage-->MsiExec.exe /I{90280416-6000-11D3-8CFE-0050048383C9}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Mozilla Firefox (2.0.0.3)-->C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe

MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}

MyFantasyMaker-->MsiExec.exe /I{88221A5B-269D-487E-914E-E9F819FDBA3F}

Nero 7 Essentials-->MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711046}

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

NOD32 FiX-->"C:\Arquivos de programas\Eset\unins000.exe"

NOD32 sistema antivírus-->C:\Arquivos de programas\Eset\Setup\setup.exe /UNINSTALL

Nokia Connectivity Cable Driver-->MsiExec.exe /X{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}

Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}

Nokia PC Suite-->C:\Documents and Settings\All Users\Dados de aplicativos\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_por_br_web.exe

Nokia PC Suite-->MsiExec.exe /I{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}

Nokia Software Updater-->MsiExec.exe /X{17BD85F9-3B88-4C85-BB47-4AB8DD68F8BB}

NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

Pacote de Driver do Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\ARQUIV~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_F1E558BDBA0F420D16F87096BD8ABA4E1CB31E56\amdk8.inf

Pacote de Driver do Windows - Nokia Modem (05/22/2008 3.8)-->C:\ARQUIV~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf

Pacote de Driver do Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\ARQUIV~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf

Pacote de Driver do Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\ARQUIV~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf

PC Connectivity Solution-->MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}

Realtek High Definition Audio Driver-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x416 -removeonly

Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"

Windows Live Messenger-->MsiExec.exe /I{37FD253D-5064-4034-8CEC-CC3995F823A4}

Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}

Windows Media Format Runtime-->"C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe" /UninstallAll

ZC DVD Creator Platinum 6.2.5-->"C:\Arquivos de programas\ZC DVD Creator Platinum\unins000.exe"

======Security center information======

AV: ESET NOD32 sistema antivírus 2.70

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=C:\Arquivos de programas\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD

"PROCESSOR_REVISION"=6b01

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

rezando pra que inda tenha solução

Compartilhar este post


Link para o post
Compartilhar em outros sites

rsit

Logfile of random's system information tool 1.04 (written by random/random)

Run by Ivone de Carlo at 2008-11-16 03:44:32

Microsoft Windows XP Professional Service Pack 3

System drive C: has 49 GB (32%) free of 153 GB

Total RAM: 1023 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 03:44, on 2008-11-16

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Eset\nod32kui.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Documents and Settings\Ivone de Carlo\Desktop\RSIT.exe

C:\Arquivos de programas\trend micro\Ivone de Carlo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: {dd58ad6b-4b71-e6eb-a0c4-99e04f00df11} - {11fd00f4-0e99-4c0a-be6e-17b4b6da85dd} - C:\WINDOWS\system32\mipjpm.dll

O2 - BHO: (no name) - {75ABCF92-9764-4DFA-A83F-5142C3905052} - C:\WINDOWS\system32\tuvUOEVM.dll (file missing)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {8AB3F858-25FB-4D26-910C-0D520AEDB2A3} - C:\WINDOWS\system32\wvUmnNdA.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [b81ffedb] rundll32.exe "C:\WINDOWS\system32\gkolklot.dll",b

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?AuthParam=1224702273_e00908eb96fa57d42e938ba6539fb026&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab&File=jinstall-6u10-windows-i586-jc.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlugin/cab/GbPluginUni.cab

O20 - Winlogon Notify: GbPluginUni - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll

O20 - Winlogon Notify: tuvUOEVM - tuvUOEVM.dll (file missing)

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Unknown owner - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8066 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11fd00f4-0e99-4c0a-be6e-17b4b6da85dd}]

C:\WINDOWS\system32\mipjpm.dll [2008-11-15 114688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75ABCF92-9764-4DFA-A83F-5142C3905052}]

C:\WINDOWS\system32\tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Arquivos de programas\Java\jre6\bin\ssv.dll [2008-10-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AB3F858-25FB-4D26-910C-0D520AEDB2A3}]

C:\WINDOWS\system32\wvUmnNdA.dll [2008-11-01 273408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\arquivos de programas\google\googletoolbar1.dll [2008-10-19 2423872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-20 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540008}]

GbIehObj Class - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll [2008-10-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\arquivos de programas\google\googletoolbar1.dll [2008-10-19 2423872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]

"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-16 8491008]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-09-16 81920]

"nod32kui"=C:\Arquivos de programas\Eset\nod32kui.exe [2008-10-19 949376]

"SunJavaUpdateSched"=C:\Arquivos de programas\Java\jre6\bin\jusched.exe [2008-10-22 136600]

"Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"NeroFilterCheck"=C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

"NBKeyScan"=C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

"b81ffedb"=C:\WINDOWS\system32\gkolklot.dll [2008-11-15 76800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]

"swg"=C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-20 68856]

"msnmsgr"=C:\Arquivos de programas\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar

Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginUni]

C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvUOEVM]

tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399008}"=C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

"{75ABCF92-9764-4DFA-A83F-5142C3905052}"=C:\WINDOWS\system32\tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"authentication packages"=msv1_0

C:\WINDOWS\system32\wvUmnNdA

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Arquivos de programas\LimeWire\LimeWire.exe"="C:\Arquivos de programas\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Arquivos de programas\eMule\emule.exe"="C:\Arquivos de programas\eMule\emule.exe:*:Enabled:eMule"

"C:\Arquivos de programas\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Arquivos de programas\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"

"C:\Arquivos de programas\Arquivos comuns\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Arquivos de programas\Arquivos comuns\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "

"C:\Arquivos de programas\Arquivos comuns\Nero\Nero Web\SetupX.exe"="C:\Arquivos de programas\Arquivos comuns\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"

"C:\Arquivos de programas\Eurekr.com\1-Click YouTubeAssistant\bin\utdman.exe"="C:\Arquivos de programas\Eurekr.com\1-Click YouTubeAssistant\bin\utdman.exe:*:Enabled:utdman"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2009-11-07 15:03:03 ----A---- C:\WINDOWS\system32\kinzpr.dll

2009-11-07 15:03:02 ----A---- C:\WINDOWS\system32\ehnxqfcn.dll

2008-11-16 03:36:17 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\NeroDigital™

2008-11-16 03:35:14 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

2008-11-16 03:35:11 ----D---- C:\Arquivos de programas\Windows Live

2008-11-16 03:35:07 ----D---- C:\Arquivos de programas\Arquivos comuns\Ahead

2008-11-16 03:32:57 ----D---- C:\Arquivos de programas\Windows Sidebar

2008-11-15 22:46:18 ----SH---- C:\WINDOWS\system32\tolklokg.ini

2008-11-15 22:46:10 ----A---- C:\WINDOWS\system32\gkolklot.dll

2008-11-15 22:43:52 ----A---- C:\WINDOWS\system32\mipjpm.dll

2008-11-15 22:43:50 ----A---- C:\WINDOWS\system32\yedymmnd.dll

2008-11-15 15:06:36 ----A---- C:\WINDOWS\system32\wmpns.dll

2008-11-14 14:13:59 ----A---- C:\WINDOWS\system32\kcddkl.dll

2008-11-14 14:13:58 ----A---- C:\WINDOWS\system32\lhuuwatv.dll

2008-11-14 14:11:50 ----SH---- C:\WINDOWS\system32\mqwtrhvs.ini

2008-11-13 23:53:28 ----A---- C:\WINDOWS\system32\xwbqgt.dll

2008-11-13 23:53:26 ----A---- C:\WINDOWS\system32\pykkxmbo.dll

2008-11-13 23:47:42 ----SH---- C:\WINDOWS\system32\ajcwfmbn.ini

2008-11-12 17:43:52 ----A---- C:\WINDOWS\system32\uapvhh.dll

2008-11-12 17:43:50 ----A---- C:\WINDOWS\system32\sviptlpd.dll

2008-11-12 17:41:00 ----SH---- C:\WINDOWS\system32\skqxbiur.ini

2008-11-12 12:26:52 ----A---- C:\WINDOWS\system32\MsiExec.exe.log

2008-11-12 11:23:16 ----D---- C:\ComboFix

2008-11-12 11:23:16 ----A---- C:\WINDOWS\system32\CF20655.exe

2008-11-12 02:34:18 ----A---- C:\WINDOWS\system32\CF15316.exe

2008-11-12 02:15:13 ----A---- C:\WINDOWS\system32\CF11580.exe

2008-11-12 01:39:50 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Nero

2008-11-12 01:38:42 ----D---- C:\Arquivos de programas\Arquivos comuns\Nero

2008-11-12 01:11:58 ----A---- C:\WINDOWS\Irremote.ini

2008-11-11 17:07:59 ----SH---- C:\WINDOWS\system32\kxfdxvpe.ini

2008-11-11 17:07:57 ----A---- C:\WINDOWS\system32\epvxdfxk.dll

2008-11-11 17:05:41 ----A---- C:\WINDOWS\system32\uhpnjc.dll

2008-11-11 17:05:41 ----A---- C:\WINDOWS\system32\iwyflhjd.dll

2008-11-11 03:29:37 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Office Genuine Advantage

2008-11-10 11:17:05 ----D---- C:\Arquivos de programas\Messenger Plus! Live

2008-11-10 10:03:54 ----SH---- C:\WINDOWS\system32\tkdkkmeq.ini

2008-11-10 09:58:33 ----A---- C:\WINDOWS\system32\npejgbbx.dll

2008-11-10 09:58:33 ----A---- C:\WINDOWS\system32\lubzlz.dll

2008-11-09 20:24:38 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\ImgBurn

2008-11-09 19:20:26 ----A---- C:\WINDOWS\system32\sggpxy.dll

2008-11-09 19:20:24 ----A---- C:\WINDOWS\system32\muxwwxcf.dll

2008-11-09 19:20:23 ----SH---- C:\WINDOWS\system32\npdoufph.ini

2008-11-09 19:17:55 ----A---- C:\WINDOWS\system32\twsdmvou.dll

2008-11-09 17:58:03 ----SHD---- C:\Config.Msi

2008-11-09 00:01:42 ----D---- C:\WINDOWS\Minidump

2008-11-08 23:59:58 ----A---- C:\Boot.bak

2008-11-08 23:59:55 ----RASHD---- C:\cmdcons

2008-11-08 23:50:02 ----A---- C:\WINDOWS\zip.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\VFIND.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWXCACLS.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWSC.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWREG.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\sed.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\NIRCMD.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\grep.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\fdsv.exe

2008-11-08 23:49:58 ----D---- C:\WINDOWS\ERDNT

2008-11-08 23:49:58 ----D---- C:\Qoobox

2008-11-08 23:49:58 ----A---- C:\WINDOWS\system32\CF21419.exe

2008-11-08 23:22:21 ----SH---- C:\WINDOWS\system32\ijlmmlkb.ini

2008-11-08 16:52:19 ----SH---- C:\WINDOWS\system32\arhnfibp.ini

2008-11-08 01:34:57 ----A---- C:\WINDOWS\system32\mcrh.tmp

2008-11-07 15:08:27 ----SH---- C:\WINDOWS\system32\buupxswl.ini

2008-11-07 15:08:19 ----A---- C:\WINDOWS\system32\lwsxpuub.dll

2008-11-07 12:20:54 ----A---- C:\WINDOWS\system32\iwbiej.dll

2008-11-07 12:20:52 ----A---- C:\WINDOWS\system32\etswmnbf.dll

2008-11-07 12:18:44 ----SH---- C:\WINDOWS\system32\fmsdxptv.ini

2008-11-07 08:16:04 ----SH---- C:\WINDOWS\system32\ayystelu.ini

2008-11-07 08:13:08 ----A---- C:\WINDOWS\system32\oyeirckx.dll

2008-11-07 08:13:08 ----A---- C:\WINDOWS\system32\npspfv.dll

2008-11-07 03:39:45 ----A---- C:\WINDOWS\system32\tkspmd.dll

2008-11-07 03:39:43 ----A---- C:\WINDOWS\system32\bepqishg.dll

2008-11-07 03:37:39 ----SH---- C:\WINDOWS\system32\fpiueiql.ini

2008-11-07 01:00:14 ----D---- C:\Arquivos de programas\Eurekr.com

2008-11-07 00:56:06 ----RSD---- C:\WINDOWS\assembly

2008-11-07 00:55:20 ----D---- C:\WINDOWS\Microsoft.NET

2008-11-06 17:43:52 ----SH---- C:\WINDOWS\system32\ahdgmige.ini

2008-11-06 17:43:41 ----N---- C:\WINDOWS\system32\egimgdha.dll

2008-11-06 17:40:50 ----A---- C:\WINDOWS\system32\xywcgd.dll

2008-11-06 17:40:49 ----A---- C:\WINDOWS\system32\bxwdmqst.dll

2008-11-05 17:21:36 ----SH---- C:\WINDOWS\system32\lfwhwxyj.ini

2008-11-05 17:21:31 ----A---- C:\WINDOWS\system32\jyxwhwfl.dll

2008-11-05 17:19:48 ----A---- C:\WINDOWS\system32\pgdqyt.dll

2008-11-05 17:19:46 ----A---- C:\WINDOWS\system32\uudvvhmb.dll

2008-11-05 13:45:13 ----D---- C:\Arquivos de programas\trend micro

2008-11-05 13:45:12 ----D---- C:\rsit

2008-11-05 13:03:29 ----A---- C:\WINDOWS\gmer.ini

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer_uninstall.cmd

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer.exe

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer.dll

2008-11-04 13:29:27 ----SH---- C:\WINDOWS\system32\efesdres.ini

2008-11-04 13:27:11 ----A---- C:\WINDOWS\system32\vsyjsb.dll

2008-11-04 13:27:09 ----A---- C:\WINDOWS\system32\uaupfali.dll

2008-11-04 13:26:40 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nokia

2008-11-04 13:24:28 ----D---- C:\Arquivos de programas\MSXML 6.0

2008-11-03 01:01:28 ----SH---- C:\WINDOWS\system32\ynodfjcc.ini

2008-11-03 01:01:24 ----A---- C:\WINDOWS\system32\ccjfdony.dll

2008-11-03 00:59:06 ----A---- C:\WINDOWS\system32\zfcdam.dll

2008-11-03 00:59:04 ----A---- C:\WINDOWS\system32\nvsavghj.dll

2008-11-02 23:52:26 ----D---- C:\Arquivos de programas\EsetOnlineScanner

2008-11-02 14:42:05 ----A---- C:\WINDOWS\system32\tuvWpPIB.dll

2008-11-02 14:42:05 ----A---- C:\WINDOWS\system32\fcccdDvv.dll

2008-11-02 14:10:51 ----SH---- C:\WINDOWS\system32\viwnkkfa.ini

2008-11-02 14:10:41 ----A---- C:\WINDOWS\system32\afkknwiv.dll

2008-11-02 14:08:21 ----A---- C:\WINDOWS\system32\rzpyvy.dll

2008-11-02 14:08:19 ----A---- C:\WINDOWS\system32\gwwoetqq.dll

2008-11-02 14:05:52 ----A---- C:\WINDOWS\system32\pouzjc.dll

2008-11-02 14:05:50 ----A---- C:\WINDOWS\system32\ogceheef.dll

2008-11-02 14:03:22 ----SH---- C:\WINDOWS\system32\lheryibg.ini

2008-11-02 14:02:54 ----A---- C:\WINDOWS\system32\qoMdBsrQ.dll

2008-11-02 14:02:54 ----A---- C:\WINDOWS\system32\iifGYsrO.dll

2008-11-02 12:46:04 ----A---- C:\WINDOWS\ntbtlog.txt

2008-11-02 01:21:40 ----D---- C:\WINDOWS\pss

2008-11-02 01:09:26 ----SH---- C:\WINDOWS\system32\orfwbral.ini

2008-11-02 01:09:18 ----A---- C:\WINDOWS\system32\rcuawg.dll

2008-11-02 01:09:16 ----A---- C:\WINDOWS\system32\bxmdonmt.dll

2008-11-01 14:54:46 ----A---- C:\WINDOWS\system32\b33c3aa5-.txt

2008-11-01 14:54:29 ----ASH---- C:\WINDOWS\system32\AdNnmUvw.ini2

2008-11-01 14:54:29 ----ASH---- C:\WINDOWS\system32\AdNnmUvw.ini

2008-11-01 14:54:23 ----A---- C:\WINDOWS\system32\wvUmnNdA.dll

2008-10-31 12:06:37 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

2008-10-30 01:31:09 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-10-30 01:31:02 ----D---- C:\Arquivos de programas\MyFantasyMaker

2008-10-30 01:30:53 ----D---- C:\WINDOWS\Downloaded Installations

2008-10-29 13:34:16 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

2008-10-28 01:39:19 ----D---- C:\Arquivos de programas\Custom Technology

2008-10-28 01:38:08 ----A---- C:\WINDOWS\system32\devil.dll

2008-10-28 01:38:07 ----A---- C:\WINDOWS\system32\avisynth.dll

2008-10-28 01:37:04 ----D---- C:\Arquivos de programas\DIKO

2008-10-27 15:04:03 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Sun

2008-10-27 01:51:27 ----D---- C:\ZCVideoDVD

2008-10-27 01:49:15 ----A---- C:\WINDOWS\ZC DVD Creator Platinum.INI

2008-10-27 01:49:00 ----D---- C:\Arquivos de programas\ZC DVD Creator Platinum

2008-10-27 00:54:06 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2008-10-25 11:38:26 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\LimeWire

2008-10-25 00:07:48 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\PC Suite

2008-10-24 21:11:37 ----A---- C:\WINDOWS\system32\doskeys.exe

2008-10-24 21:11:35 ----A---- C:\WINDOWS\system32\rar.exe

2008-10-24 21:11:33 ----A---- C:\WINDOWS\system32\gh14rs.txt

2008-10-24 21:11:33 ----A---- C:\WINDOWS\system32\dllhosts.exe

2008-10-24 19:47:40 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$

2008-10-24 19:37:13 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite

2008-10-24 19:36:23 ----D---- C:\Arquivos de programas\Arquivos comuns\PCSuite

2008-10-24 19:36:23 ----D---- C:\Arquivos de programas\Arquivos comuns\Nokia

2008-10-24 19:36:12 ----D---- C:\Arquivos de programas\PC Connectivity Solution

2008-10-24 19:36:08 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll

2008-10-24 19:36:08 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll

2008-10-24 19:36:07 ----A---- C:\WINDOWS\system32\nmwcdcls.dll

2008-10-24 19:36:06 ----D---- C:\Arquivos de programas\Nokia

2008-10-24 19:35:23 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Installations

2008-10-24 19:04:59 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe

2008-10-24 19:04:50 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe

2008-10-24 19:04:50 ----D---- C:\Arquivos de programas\Adobe

2008-10-24 18:59:04 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\NOS

2008-10-24 18:59:04 ----D---- C:\Arquivos de programas\NOS

2008-10-24 16:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2008-10-22 17:07:27 ----D---- C:\WINDOWS\system32\appmgmt

2008-10-22 17:04:41 ----D---- C:\WINDOWS\Sun

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\javaws.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\javaw.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\java.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\deploytk.dll

2008-10-22 17:04:06 ----D---- C:\Arquivos de programas\Java

2008-10-22 02:01:15 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-22 02:00:56 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\WinRAR

2008-10-21 16:57:20 ----D---- C:\WINDOWS\ie7updates

2008-10-21 16:57:09 ----D---- C:\WINDOWS\WBEM

2008-10-21 16:56:53 ----HDC---- C:\WINDOWS\ie7

2008-10-21 16:56:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-10-21 16:56:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-10-21 16:53:00 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-20 15:22:06 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Real

2008-10-20 14:45:58 ----D---- C:\Arquivos de programas\MSXML 4.0

2008-10-20 12:57:22 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Mozilla

2008-10-20 03:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-10-20 03:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-10-20 03:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-10-20 03:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-20 03:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-20 03:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-20 03:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2008-10-20 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-10-20 03:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-10-20 03:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-20 03:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-10-20 03:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2008-10-20 03:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-10-20 03:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

2008-10-20 03:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$

2008-10-20 03:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-10-20 03:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-10-20 03:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2008-10-20 03:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-10-20 03:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$

2008-10-19 15:39:48 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Google

2008-10-19 15:35:37 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Macromedia

2008-10-19 15:35:36 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Adobe

2008-10-19 15:35:33 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Google

2008-10-19 15:35:25 ----D---- C:\Arquivos de programas\Google

2008-10-19 15:23:31 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Identities

2008-10-19 15:23:27 ----ASH---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\desktop.ini

2008-10-19 15:23:26 ----SD---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Microsoft

2008-10-19 13:31:38 ----D---- C:\WINDOWS\system32\PreInstall

2008-10-19 13:31:37 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-10-19 13:31:37 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-10-19 13:31:36 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2008-10-19 13:31:36 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-19 13:19:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-10-19 12:05:31 ----A---- C:\WINDOWS\ODBC.INI

2008-10-19 12:05:03 ----D---- C:\Arquivos de programas\Arquivos comuns\Designer

2008-10-19 12:03:46 ----D---- C:\WINDOWS\ShellNew

2008-10-19 12:03:44 ----D---- C:\Arquivos de programas\Microsoft Office

2008-10-19 11:59:57 ----SHD---- C:\RECYCLER

2008-10-19 11:52:07 ----A---- C:\WINDOWS\system32\imon.dll

2008-10-19 11:51:58 ----D---- C:\Arquivos de programas\ESET

2008-10-19 11:48:01 ----D---- C:\Arquivos de programas\MSN Messenger

2008-10-19 11:47:31 ----D---- C:\Arquivos de programas\Mozilla Firefox

2008-10-19 11:47:09 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\QuickTime

2008-10-19 11:47:06 ----D---- C:\WINDOWS\system32\QuickTime

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\vp6vfw.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\vp31vfw.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\rmoc3260.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pndx5032.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pndx5016.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pncrt.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\MACDec.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\OpenQuicktimeLib.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\mpg4c32.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\ir50_lcs.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\huffyuv.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\3ivxVfWCodec.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\3ivx.dll

2008-10-19 11:47:02 ----D---- C:\Arquivos de programas\K-Lite Codec Pack

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\WMV9VCM.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\WMV8DMOD.DLL

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\unicows.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\msvcr71.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\msvcr70.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\divx.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\cpuinf32.dll

2008-10-19 11:46:49 ----D---- C:\Arquivos de programas\WinRAR

2008-10-19 11:38:10 ----D---- C:\Arquivos de programas\Nero

2008-10-19 11:37:52 ----D---- C:\WINDOWS\RegisteredPackages

2008-10-19 11:37:31 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-10-19 11:37:31 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-10-19 11:09:16 ----D---- C:\WINDOWS\nview

2008-10-19 11:09:16 ----A---- C:\WINDOWS\system32\nvudisp.exe

2008-10-19 11:04:27 ----R---- C:\WINDOWS\Alcmtr.exe

2008-10-19 11:02:31 ----D---- C:\WINDOWS\system32\Lang

2008-10-19 11:01:20 ----R---- C:\WINDOWS\system32\ChCfg.exe

2008-10-19 11:01:00 ----D---- C:\WINDOWS\system32\RTCOM

2008-10-19 11:00:59 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-10-19 11:00:55 ----R---- C:\WINDOWS\SoundMan.exe

2008-10-19 11:00:55 ----R---- C:\WINDOWS\SkyTel.exe

2008-10-19 11:00:54 ----R---- C:\WINDOWS\RtlUpd.exe

2008-10-19 11:00:50 ----R---- C:\WINDOWS\RTLCPL.exe

2008-10-19 11:00:41 ----R---- C:\WINDOWS\RTHDCPL.exe

2008-10-19 11:00:40 ----R---- C:\WINDOWS\MicCal.exe

2008-10-19 11:00:37 ----R---- C:\WINDOWS\alcwzrd.exe

2008-10-19 11:00:37 ----D---- C:\Arquivos de programas\Realtek

2008-10-19 11:00:36 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

2008-10-19 11:00:35 ----A---- C:\WINDOWS\HideWin.exe

2008-10-19 11:00:34 ----R---- C:\WINDOWS\RtlExUpd.dll

2008-10-19 11:00:31 ----D---- C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-10-19 11:00:26 ----D---- C:\Arquivos de programas\DIFX

2008-10-19 11:00:24 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-10-19 10:58:42 ----N---- C:\WINDOWS\system32\nvuide.exe

2008-10-19 10:58:41 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-10-19 10:58:36 ----A---- C:\WINDOWS\system32\nvunrm.exe

2008-10-19 10:58:32 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

2008-10-19 10:56:53 ----HD---- C:\Arquivos de programas\Uninstall Information

2008-10-19 10:56:15 ----D---- C:\WINDOWS\SoftwareDistribution

2008-10-19 10:56:14 ----SD---- C:\WINDOWS\system32\Microsoft

2008-10-19 10:56:14 ----D---- C:\WINDOWS\Prefetch

2008-10-19 10:56:14 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-19 10:51:47 ----D---- C:\WINDOWS\system32\xircom

2008-10-19 10:51:47 ----D---- C:\Arquivos de programas\xerox

2008-10-19 10:51:47 ----D---- C:\Arquivos de programas\microsoft frontpage

2008-10-19 10:51:34 ----A---- C:\WINDOWS\control.ini

2008-10-19 10:51:34 ----A---- C:\AUTOEXEC.BAT

2008-10-19 10:51:26 ----A---- C:\WINDOWS\OEWABLog.txt

2008-10-19 10:51:23 ----A---- C:\WINDOWS\system32\mapi32.dll

2008-10-19 10:50:45 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-19 10:50:45 ----RD---- C:\WINDOWS\Offline Web Pages

2008-10-19 10:50:45 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-10-19 10:50:40 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-10-19 10:50:37 ----HD---- C:\Arquivos de programas\WindowsUpdate

2008-10-19 10:50:35 ----D---- C:\Arquivos de programas\Serviços on-line

2008-10-19 10:50:24 ----D---- C:\WINDOWS\system32\DirectX

2008-10-19 10:50:20 ----A---- C:\WINDOWS\system32\atrace.dll

2008-10-19 10:50:18 ----A---- C:\WINDOWS\system32\desktop.ini

2008-10-19 10:50:18 ----A---- C:\WINDOWS\desktop.ini

2008-10-19 10:50:13 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2008-10-19 10:50:12 ----A---- C:\WINDOWS\system32\acctres.dll

2008-10-19 10:50:11 ----D---- C:\Arquivos de programas\Arquivos comuns\Serviços

2008-10-19 10:50:10 ----SD---- C:\WINDOWS\Tasks

2008-10-19 10:50:10 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-10-19 10:50:09 ----D---- C:\Arquivos de programas\Arquivos comuns\MSSoap

2008-10-19 10:50:06 ----D---- C:\WINDOWS\system32\Macromed

2008-10-19 10:50:06 ----D---- C:\WINDOWS\srchasst

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wups.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-10-19 10:50:00 ----D---- C:\Arquivos de programas\Movie Maker

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-10-19 10:49:46 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-10-19 10:49:46 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-10-19 10:49:45 ----D---- C:\WINDOWS\system32\Restore

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srclient.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\mnmdd.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\ils.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\msconf.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2008-10-19 10:49:42 ----D---- C:\Arquivos de programas\NetMeeting

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\inetres.dll

2008-10-19 10:49:41 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-10-19 10:49:41 ----A---- C:\WINDOWS\system32\inetcomm(2).dll

2008-10-19 10:49:40 ----D---- C:\Arquivos de programas\Outlook Express

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\mstask.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\isign32.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-10-19 10:49:36 ----D---- C:\Arquivos de programas\Arquivos comuns\System

2008-10-19 10:49:35 ----D---- C:\Arquivos de programas\Internet Explorer

2008-10-19 10:49:08 ----D---- C:\Arquivos de programas\ComPlus Applications

2008-10-19 10:49:07 ----A---- C:\WINDOWS\vbaddin.ini

2008-10-19 10:49:07 ----A---- C:\WINDOWS\vb.ini

2008-10-19 10:49:03 ----D---- C:\WINDOWS\Registration

2008-10-19 10:48:58 ----D---- C:\Arquivos de programas\Windows Media Player

2008-10-19 10:48:53 ----D---- C:\Arquivos de programas\Messenger

2008-10-19 10:48:51 ----D---- C:\Arquivos de programas\MSN Gaming Zone

2008-10-19 10:48:51 ----A---- C:\WINDOWS\system32\write.exe

2008-10-19 10:48:45 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-10-19 10:48:45 ----A---- C:\WINDOWS\system32\hticons.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\winchat.exe

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avwav.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-10-19 10:48:40 ----A---- C:\WINDOWS\system32\getuname.dll

2008-10-19 10:48:40 ----A---- C:\WINDOWS\system32\charmap.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\winmine.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\sol.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\reset.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\freecell.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\calc.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tskill.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tscon.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\shadow.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\regini.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\msg.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\logoff.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-10-19 10:48:34 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\sndrec32.exe

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-10-19 10:48:32 ----D---- C:\Arquivos de programas\Windows NT

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\spider.exe

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\clipbrd.exe

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\tsgqec.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\aaclient.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-10-19 10:48:29 ----D---- C:\WINDOWS\system32\MsDtc

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-10-19 10:48:28 ----D---- C:\WINDOWS\system32\Com

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\stclient.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\colbact.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comuid.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\cmprops.dll

2008-10-19 08:47:46 ----A---- C:\WINDOWS\system32\h323log.txt

2008-10-19 08:46:00 ----A---- C:\WINDOWS\system32\usbui.dll

2008-10-19 08:45:15 ----A---- C:\WINDOWS\imsins.BAK

2008-10-19 08:45:13 ----SHD---- C:\WINDOWS\Installer

2008-10-19 08:45:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-10-19 08:45:12 ----D---- C:\Arquivos de programas\Arquivos comuns\ODBC

2008-10-19 08:45:12 ----A---- C:\WINDOWS\ODBCINST.INI

2008-10-19 08:45:10 ----D---- C:\Arquivos de programas\Arquivos comuns\SpeechEngines

2008-10-19 08:45:09 ----RD---- C:\Arquivos de programas

2008-10-19 08:45:09 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

2008-10-19 08:45:09 ----D---- C:\Arquivos de programas\Arquivos comuns

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdur.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdru.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdest.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdro.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\irclass.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-10-19 08:44:56 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-10-19 08:44:56 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-10-19 08:44:56 ----A---- C:\WINDOWS\system32\batt.dll

2008-10-19 08:44:55 ----A---- C:\WINDOWS\system32\storprop.dll

2008-10-19 08:44:55 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-10-19 08:44:49 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

2008-10-19 08:44:47 ----RA---- C:\WINDOWS\SET8.tmp

2008-10-19 08:44:45 ----RA---- C:\WINDOWS\SET4.tmp

2008-10-19 08:44:44 ----RA---- C:\WINDOWS\SET3.tmp

2008-10-19 08:44:40 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-19 08:44:40 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-19 08:44:35 ----SD---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

2008-10-19 08:44:20 ----A---- C:\WINDOWS\setuplog.txt

2008-10-19 08:44:17 ----D---- C:\Documents and Settings

2008-10-19 08:44:16 ----SHD---- C:\System Volume Information

2008-10-19 08:43:27 ----RASH---- C:\boot.ini

2008-10-19 08:40:44 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-19 08:40:44 ----RSD---- C:\WINDOWS\Fonts

2008-10-19 08:40:44 ----RD---- C:\WINDOWS\Web

2008-10-19 08:40:44 ----HD---- C:\WINDOWS\inf

2008-10-19 08:40:44 ----D---- C:\WINDOWS\WinSxS

2008-10-19 08:40:44 ----D---- C:\WINDOWS\twain_32

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Temp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\wins

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\wbem

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\usmt

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\spool

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ShellExt

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\Setup

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ras

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\pt-BR

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\oobe

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\npp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\mui

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\inetsrv

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\IME

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\icsxml

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ias

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\export

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\drivers

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\dhcp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\config

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\3com_dmi

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\3076

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\2052

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1054

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1046

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1042

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1041

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1037

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1033

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1031

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1028

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1025

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system

2008-10-19 08:40:44 ----D---- C:\WINDOWS\security

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Resources

2008-10-19 08:40:44 ----D---- C:\WINDOWS\repair

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Provisioning

2008-10-19 08:40:44 ----D---- C:\WINDOWS\PeerNet

2008-10-19 08:40:44 ----D---- C:\WINDOWS\pchealth

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Network Diagnostic

2008-10-19 08:40:44 ----D---- C:\WINDOWS\mui

2008-10-19 08:40:44 ----D---- C:\WINDOWS\msapps

2008-10-19 08:40:44 ----D---- C:\WINDOWS\msagent

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Media

2008-10-19 08:40:44 ----D---- C:\WINDOWS\L2Schemas

2008-10-19 08:40:44 ----D---- C:\WINDOWS\java

2008-10-19 08:40:44 ----D---- C:\WINDOWS\ime

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Help

2008-10-19 08:40:44 ----D---- C:\WINDOWS\ehome

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Driver Cache

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Debug

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Cursors

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Connection Wizard

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Config

2008-10-19 08:40:44 ----D---- C:\WINDOWS\AppPatch

2008-10-19 08:40:44 ----D---- C:\WINDOWS\addins

2008-10-19 08:40:44 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2008-10-19 12:05:24 ----A---- C:\WINDOWS\win.ini

2008-10-19 08:45:08 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]

R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-10-19 15424]

R1 WS2IFSL;Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-28 12032]

R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-10-19 512096]

R3 HDAudBus;Driver de Barramento Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-16 6853088]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]

R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []

S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-05 85969]

S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]

S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]

S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]

S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]

S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Arquivos de programas\Java\jre6\bin\jqs.exe [2008-10-22 152984]

R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]

R2 NOD32krn;NOD32 Kernel Service; C:\Arquivos de programas\Eset\nod32krn.exe [2008-10-19 552064]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-16 155716]

R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

S3 getPlus® Helper;getPlus® Helper; C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]

S3 gusvc;Google Updater Service; C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-19 138168]

S3 NBService;NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe []

S3 NMIndexingService;NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]

S3 ServiceLayer;ServiceLayer; C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]

S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Arquivos de programas\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

2º log cf instruções

info.txt logfile of random's system information tool 1.04 2008-11-05 13:45:29

======Uninstall list======

-->C:\Arquivos de programas\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNRecode.exe /UNINSTALL

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 9 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A90000000001}

Arquivo do WinRAR-->C:\Arquivos de programas\WinRAR\uninstall.exe

Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Atualização de Segurança para Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Atualização de Segurança para Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Atualização de Segurança para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Atualização para Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"

Atualização para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Atualização para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

CCE SP Trial Version-->C:\ARQUIV~1\CUSTOM~1\CCESPT~1\uinst.exe

DIKO 2.32-->"C:\Arquivos de programas\DIKO\unins000.exe"

eMule-->"C:\Arquivos de programas\eMule\Uninstall.exe"

ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe

getPlus® for Adobe-->"C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1

Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\arquivos de programas\google\googletoolbar1.dll"

HijackThis 1.99.1-->C:\DOCUME~1\IVONED~1\CONFIG~1\Temp\Rar$EX00.985\HijackThis.exe /uninstall

Hotfix para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Java 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

K-Lite Mega Codec Pack 1.12-->"C:\Arquivos de programas\K-Lite Codec Pack\unins000.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office XP Professional com FrontPage-->MsiExec.exe /I{90280416-6000-11D3-8CFE-0050048383C9}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Mozilla Firefox (2.0.0.3)-->C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe

MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}

MyFantasyMaker-->MsiExec.exe /I{88221A5B-269D-487E-914E-E9F819FDBA3F}

Nero 7 Essentials-->MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711046}

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

NOD32 FiX-->"C:\Arquivos de programas\Eset\unins000.exe"

NOD32 sistema antivírus-->C:\Arquivos de programas\Eset\Setup\setup.exe /UNINSTALL

Nokia Connectivity Cable Driver-->MsiExec.exe /X{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}

Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}

Nokia PC Suite-->C:\Documents and Settings\All Users\Dados de aplicativos\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_por_br_web.exe

Nokia PC Suite-->MsiExec.exe /I{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}

Nokia Software Updater-->MsiExec.exe /X{17BD85F9-3B88-4C85-BB47-4AB8DD68F8BB}

NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

Pacote de Driver do Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\ARQUIV~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_F1E558BDBA0F420D16F87096BD8ABA4E1CB31E56\amdk8.inf

Pacote de Driver do Windows - Nokia Modem (05/22/2008 3.8)-->C:\ARQUIV~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf

Pacote de Driver do Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\ARQUIV~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf

Pacote de Driver do Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\ARQUIV~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf

PC Connectivity Solution-->MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}

Realtek High Definition Audio Driver-->RunDll32 C:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Arquivos de programas\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x416 -removeonly

Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"

Windows Live Messenger-->MsiExec.exe /I{37FD253D-5064-4034-8CEC-CC3995F823A4}

Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}

Windows Media Format Runtime-->"C:\Arquivos de programas\Windows Media Player\wmsetsdk.exe" /UninstallAll

ZC DVD Creator Platinum 6.2.5-->"C:\Arquivos de programas\ZC DVD Creator Platinum\unins000.exe"

======Security center information======

AV: ESET NOD32 sistema antivírus 2.70

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=C:\Arquivos de programas\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD

"PROCESSOR_REVISION"=6b01

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

rezando pra que inda tenha solução

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara ivesicfs

# Etapa nº 1 #

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Duplo-clique em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que marca a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.

Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar o PC, por favor, faça-o imediatamente.

# Etapa nº 2 #

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Logfile of random's system information tool 1.04 (written by random/random)

Run by Ivone de Carlo at 2008-11-16 03:44:32

Microsoft Windows XP Professional Service Pack 3

System drive C: has 49 GB (32%) free of 153 GB

Total RAM: 1023 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 03:44, on 2008-11-16

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Eset\nod32kui.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Documents and Settings\Ivone de Carlo\Desktop\RSIT.exe

C:\Arquivos de programas\trend micro\Ivone de Carlo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: {dd58ad6b-4b71-e6eb-a0c4-99e04f00df11} - {11fd00f4-0e99-4c0a-be6e-17b4b6da85dd} - C:\WINDOWS\system32\mipjpm.dll

O2 - BHO: (no name) - {75ABCF92-9764-4DFA-A83F-5142C3905052} - C:\WINDOWS\system32\tuvUOEVM.dll (file missing)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {8AB3F858-25FB-4D26-910C-0D520AEDB2A3} - C:\WINDOWS\system32\wvUmnNdA.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [b81ffedb] rundll32.exe "C:\WINDOWS\system32\gkolklot.dll",b

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?AuthParam=1224702273_e00908eb96fa57d42e938ba6539fb026&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab&File=jinstall-6u10-windows-i586-jc.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlugin/cab/GbPluginUni.cab

O20 - Winlogon Notify: GbPluginUni - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll

O20 - Winlogon Notify: tuvUOEVM - tuvUOEVM.dll (file missing)

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Unknown owner - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8066 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11fd00f4-0e99-4c0a-be6e-17b4b6da85dd}]

C:\WINDOWS\system32\mipjpm.dll [2008-11-15 114688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75ABCF92-9764-4DFA-A83F-5142C3905052}]

C:\WINDOWS\system32\tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Arquivos de programas\Java\jre6\bin\ssv.dll [2008-10-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AB3F858-25FB-4D26-910C-0D520AEDB2A3}]

C:\WINDOWS\system32\wvUmnNdA.dll [2008-11-01 273408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\arquivos de programas\google\googletoolbar1.dll [2008-10-19 2423872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-20 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540008}]

GbIehObj Class - C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll [2008-10-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\arquivos de programas\google\googletoolbar1.dll [2008-10-19 2423872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]

"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-16 8491008]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-09-16 81920]

"nod32kui"=C:\Arquivos de programas\Eset\nod32kui.exe [2008-10-19 949376]

"SunJavaUpdateSched"=C:\Arquivos de programas\Java\jre6\bin\jusched.exe [2008-10-22 136600]

"Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"NeroFilterCheck"=C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

"NBKeyScan"=C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

"b81ffedb"=C:\WINDOWS\system32\gkolklot.dll [2008-11-15 76800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]

"swg"=C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-20 68856]

"msnmsgr"=C:\Arquivos de programas\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar

Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginUni]

C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvUOEVM]

tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399008}"=C:\WINDOWS\Downloaded Program Files\gbiehuni.dll [2008-08-29 378784]

"{75ABCF92-9764-4DFA-A83F-5142C3905052}"=C:\WINDOWS\system32\tuvUOEVM.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"authentication packages"=msv1_0

C:\WINDOWS\system32\wvUmnNdA

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Arquivos de programas\LimeWire\LimeWire.exe"="C:\Arquivos de programas\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Arquivos de programas\eMule\emule.exe"="C:\Arquivos de programas\eMule\emule.exe:*:Enabled:eMule"

"C:\Arquivos de programas\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Arquivos de programas\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"

"C:\Arquivos de programas\Arquivos comuns\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Arquivos de programas\Arquivos comuns\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "

"C:\Arquivos de programas\Arquivos comuns\Nero\Nero Web\SetupX.exe"="C:\Arquivos de programas\Arquivos comuns\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"

"C:\Arquivos de programas\Eurekr.com\1-Click YouTubeAssistant\bin\utdman.exe"="C:\Arquivos de programas\Eurekr.com\1-Click YouTubeAssistant\bin\utdman.exe:*:Enabled:utdman"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Arquivos de programas\MSN Messenger\livecall.exe"="C:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2009-11-07 15:03:03 ----A---- C:\WINDOWS\system32\kinzpr.dll

2009-11-07 15:03:02 ----A---- C:\WINDOWS\system32\ehnxqfcn.dll

2008-11-16 03:36:17 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\NeroDigital™

2008-11-16 03:35:14 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

2008-11-16 03:35:11 ----D---- C:\Arquivos de programas\Windows Live

2008-11-16 03:35:07 ----D---- C:\Arquivos de programas\Arquivos comuns\Ahead

2008-11-16 03:32:57 ----D---- C:\Arquivos de programas\Windows Sidebar

2008-11-15 22:46:18 ----SH---- C:\WINDOWS\system32\tolklokg.ini

2008-11-15 22:46:10 ----A---- C:\WINDOWS\system32\gkolklot.dll

2008-11-15 22:43:52 ----A---- C:\WINDOWS\system32\mipjpm.dll

2008-11-15 22:43:50 ----A---- C:\WINDOWS\system32\yedymmnd.dll

2008-11-15 15:06:36 ----A---- C:\WINDOWS\system32\wmpns.dll

2008-11-14 14:13:59 ----A---- C:\WINDOWS\system32\kcddkl.dll

2008-11-14 14:13:58 ----A---- C:\WINDOWS\system32\lhuuwatv.dll

2008-11-14 14:11:50 ----SH---- C:\WINDOWS\system32\mqwtrhvs.ini

2008-11-13 23:53:28 ----A---- C:\WINDOWS\system32\xwbqgt.dll

2008-11-13 23:53:26 ----A---- C:\WINDOWS\system32\pykkxmbo.dll

2008-11-13 23:47:42 ----SH---- C:\WINDOWS\system32\ajcwfmbn.ini

2008-11-12 17:43:52 ----A---- C:\WINDOWS\system32\uapvhh.dll

2008-11-12 17:43:50 ----A---- C:\WINDOWS\system32\sviptlpd.dll

2008-11-12 17:41:00 ----SH---- C:\WINDOWS\system32\skqxbiur.ini

2008-11-12 12:26:52 ----A---- C:\WINDOWS\system32\MsiExec.exe.log

2008-11-12 11:23:16 ----D---- C:\ComboFix

2008-11-12 11:23:16 ----A---- C:\WINDOWS\system32\CF20655.exe

2008-11-12 02:34:18 ----A---- C:\WINDOWS\system32\CF15316.exe

2008-11-12 02:15:13 ----A---- C:\WINDOWS\system32\CF11580.exe

2008-11-12 01:39:50 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Nero

2008-11-12 01:38:42 ----D---- C:\Arquivos de programas\Arquivos comuns\Nero

2008-11-12 01:11:58 ----A---- C:\WINDOWS\Irremote.ini

2008-11-11 17:07:59 ----SH---- C:\WINDOWS\system32\kxfdxvpe.ini

2008-11-11 17:07:57 ----A---- C:\WINDOWS\system32\epvxdfxk.dll

2008-11-11 17:05:41 ----A---- C:\WINDOWS\system32\uhpnjc.dll

2008-11-11 17:05:41 ----A---- C:\WINDOWS\system32\iwyflhjd.dll

2008-11-11 03:29:37 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Office Genuine Advantage

2008-11-10 11:17:05 ----D---- C:\Arquivos de programas\Messenger Plus! Live

2008-11-10 10:03:54 ----SH---- C:\WINDOWS\system32\tkdkkmeq.ini

2008-11-10 09:58:33 ----A---- C:\WINDOWS\system32\npejgbbx.dll

2008-11-10 09:58:33 ----A---- C:\WINDOWS\system32\lubzlz.dll

2008-11-09 20:24:38 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\ImgBurn

2008-11-09 19:20:26 ----A---- C:\WINDOWS\system32\sggpxy.dll

2008-11-09 19:20:24 ----A---- C:\WINDOWS\system32\muxwwxcf.dll

2008-11-09 19:20:23 ----SH---- C:\WINDOWS\system32\npdoufph.ini

2008-11-09 19:17:55 ----A---- C:\WINDOWS\system32\twsdmvou.dll

2008-11-09 17:58:03 ----SHD---- C:\Config.Msi

2008-11-09 00:01:42 ----D---- C:\WINDOWS\Minidump

2008-11-08 23:59:58 ----A---- C:\Boot.bak

2008-11-08 23:59:55 ----RASHD---- C:\cmdcons

2008-11-08 23:50:02 ----A---- C:\WINDOWS\zip.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\VFIND.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWXCACLS.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWSC.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\SWREG.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\sed.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\NIRCMD.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\grep.exe

2008-11-08 23:50:02 ----A---- C:\WINDOWS\fdsv.exe

2008-11-08 23:49:58 ----D---- C:\WINDOWS\ERDNT

2008-11-08 23:49:58 ----D---- C:\Qoobox

2008-11-08 23:49:58 ----A---- C:\WINDOWS\system32\CF21419.exe

2008-11-08 23:22:21 ----SH---- C:\WINDOWS\system32\ijlmmlkb.ini

2008-11-08 16:52:19 ----SH---- C:\WINDOWS\system32\arhnfibp.ini

2008-11-08 01:34:57 ----A---- C:\WINDOWS\system32\mcrh.tmp

2008-11-07 15:08:27 ----SH---- C:\WINDOWS\system32\buupxswl.ini

2008-11-07 15:08:19 ----A---- C:\WINDOWS\system32\lwsxpuub.dll

2008-11-07 12:20:54 ----A---- C:\WINDOWS\system32\iwbiej.dll

2008-11-07 12:20:52 ----A---- C:\WINDOWS\system32\etswmnbf.dll

2008-11-07 12:18:44 ----SH---- C:\WINDOWS\system32\fmsdxptv.ini

2008-11-07 08:16:04 ----SH---- C:\WINDOWS\system32\ayystelu.ini

2008-11-07 08:13:08 ----A---- C:\WINDOWS\system32\oyeirckx.dll

2008-11-07 08:13:08 ----A---- C:\WINDOWS\system32\npspfv.dll

2008-11-07 03:39:45 ----A---- C:\WINDOWS\system32\tkspmd.dll

2008-11-07 03:39:43 ----A---- C:\WINDOWS\system32\bepqishg.dll

2008-11-07 03:37:39 ----SH---- C:\WINDOWS\system32\fpiueiql.ini

2008-11-07 01:00:14 ----D---- C:\Arquivos de programas\Eurekr.com

2008-11-07 00:56:06 ----RSD---- C:\WINDOWS\assembly

2008-11-07 00:55:20 ----D---- C:\WINDOWS\Microsoft.NET

2008-11-06 17:43:52 ----SH---- C:\WINDOWS\system32\ahdgmige.ini

2008-11-06 17:43:41 ----N---- C:\WINDOWS\system32\egimgdha.dll

2008-11-06 17:40:50 ----A---- C:\WINDOWS\system32\xywcgd.dll

2008-11-06 17:40:49 ----A---- C:\WINDOWS\system32\bxwdmqst.dll

2008-11-05 17:21:36 ----SH---- C:\WINDOWS\system32\lfwhwxyj.ini

2008-11-05 17:21:31 ----A---- C:\WINDOWS\system32\jyxwhwfl.dll

2008-11-05 17:19:48 ----A---- C:\WINDOWS\system32\pgdqyt.dll

2008-11-05 17:19:46 ----A---- C:\WINDOWS\system32\uudvvhmb.dll

2008-11-05 13:45:13 ----D---- C:\Arquivos de programas\trend micro

2008-11-05 13:45:12 ----D---- C:\rsit

2008-11-05 13:03:29 ----A---- C:\WINDOWS\gmer.ini

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer_uninstall.cmd

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer.exe

2008-11-05 13:03:27 ----A---- C:\WINDOWS\gmer.dll

2008-11-04 13:29:27 ----SH---- C:\WINDOWS\system32\efesdres.ini

2008-11-04 13:27:11 ----A---- C:\WINDOWS\system32\vsyjsb.dll

2008-11-04 13:27:09 ----A---- C:\WINDOWS\system32\uaupfali.dll

2008-11-04 13:26:40 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nokia

2008-11-04 13:24:28 ----D---- C:\Arquivos de programas\MSXML 6.0

2008-11-03 01:01:28 ----SH---- C:\WINDOWS\system32\ynodfjcc.ini

2008-11-03 01:01:24 ----A---- C:\WINDOWS\system32\ccjfdony.dll

2008-11-03 00:59:06 ----A---- C:\WINDOWS\system32\zfcdam.dll

2008-11-03 00:59:04 ----A---- C:\WINDOWS\system32\nvsavghj.dll

2008-11-02 23:52:26 ----D---- C:\Arquivos de programas\EsetOnlineScanner

2008-11-02 14:42:05 ----A---- C:\WINDOWS\system32\tuvWpPIB.dll

2008-11-02 14:42:05 ----A---- C:\WINDOWS\system32\fcccdDvv.dll

2008-11-02 14:10:51 ----SH---- C:\WINDOWS\system32\viwnkkfa.ini

2008-11-02 14:10:41 ----A---- C:\WINDOWS\system32\afkknwiv.dll

2008-11-02 14:08:21 ----A---- C:\WINDOWS\system32\rzpyvy.dll

2008-11-02 14:08:19 ----A---- C:\WINDOWS\system32\gwwoetqq.dll

2008-11-02 14:05:52 ----A---- C:\WINDOWS\system32\pouzjc.dll

2008-11-02 14:05:50 ----A---- C:\WINDOWS\system32\ogceheef.dll

2008-11-02 14:03:22 ----SH---- C:\WINDOWS\system32\lheryibg.ini

2008-11-02 14:02:54 ----A---- C:\WINDOWS\system32\qoMdBsrQ.dll

2008-11-02 14:02:54 ----A---- C:\WINDOWS\system32\iifGYsrO.dll

2008-11-02 12:46:04 ----A---- C:\WINDOWS\ntbtlog.txt

2008-11-02 01:21:40 ----D---- C:\WINDOWS\pss

2008-11-02 01:09:26 ----SH---- C:\WINDOWS\system32\orfwbral.ini

2008-11-02 01:09:18 ----A---- C:\WINDOWS\system32\rcuawg.dll

2008-11-02 01:09:16 ----A---- C:\WINDOWS\system32\bxmdonmt.dll

2008-11-01 14:54:46 ----A---- C:\WINDOWS\system32\b33c3aa5-.txt

2008-11-01 14:54:29 ----ASH---- C:\WINDOWS\system32\AdNnmUvw.ini2

2008-11-01 14:54:29 ----ASH---- C:\WINDOWS\system32\AdNnmUvw.ini

2008-11-01 14:54:23 ----A---- C:\WINDOWS\system32\wvUmnNdA.dll

2008-10-31 12:06:37 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

2008-10-30 01:31:09 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-10-30 01:31:02 ----D---- C:\Arquivos de programas\MyFantasyMaker

2008-10-30 01:30:53 ----D---- C:\WINDOWS\Downloaded Installations

2008-10-29 13:34:16 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage

2008-10-28 01:39:19 ----D---- C:\Arquivos de programas\Custom Technology

2008-10-28 01:38:08 ----A---- C:\WINDOWS\system32\devil.dll

2008-10-28 01:38:07 ----A---- C:\WINDOWS\system32\avisynth.dll

2008-10-28 01:37:04 ----D---- C:\Arquivos de programas\DIKO

2008-10-27 15:04:03 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Sun

2008-10-27 01:51:27 ----D---- C:\ZCVideoDVD

2008-10-27 01:49:15 ----A---- C:\WINDOWS\ZC DVD Creator Platinum.INI

2008-10-27 01:49:00 ----D---- C:\Arquivos de programas\ZC DVD Creator Platinum

2008-10-27 00:54:06 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2008-10-25 11:38:26 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\LimeWire

2008-10-25 00:07:48 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\PC Suite

2008-10-24 21:11:37 ----A---- C:\WINDOWS\system32\doskeys.exe

2008-10-24 21:11:35 ----A---- C:\WINDOWS\system32\rar.exe

2008-10-24 21:11:33 ----A---- C:\WINDOWS\system32\gh14rs.txt

2008-10-24 21:11:33 ----A---- C:\WINDOWS\system32\dllhosts.exe

2008-10-24 19:47:40 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$

2008-10-24 19:37:13 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite

2008-10-24 19:36:23 ----D---- C:\Arquivos de programas\Arquivos comuns\PCSuite

2008-10-24 19:36:23 ----D---- C:\Arquivos de programas\Arquivos comuns\Nokia

2008-10-24 19:36:12 ----D---- C:\Arquivos de programas\PC Connectivity Solution

2008-10-24 19:36:08 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll

2008-10-24 19:36:08 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll

2008-10-24 19:36:07 ----A---- C:\WINDOWS\system32\nmwcdcls.dll

2008-10-24 19:36:06 ----D---- C:\Arquivos de programas\Nokia

2008-10-24 19:35:23 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Installations

2008-10-24 19:04:59 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe

2008-10-24 19:04:50 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe

2008-10-24 19:04:50 ----D---- C:\Arquivos de programas\Adobe

2008-10-24 18:59:04 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\NOS

2008-10-24 18:59:04 ----D---- C:\Arquivos de programas\NOS

2008-10-24 16:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2008-10-22 17:07:27 ----D---- C:\WINDOWS\system32\appmgmt

2008-10-22 17:04:41 ----D---- C:\WINDOWS\Sun

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\javaws.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\javaw.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\java.exe

2008-10-22 17:04:15 ----A---- C:\WINDOWS\system32\deploytk.dll

2008-10-22 17:04:06 ----D---- C:\Arquivos de programas\Java

2008-10-22 02:01:15 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-22 02:00:56 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\WinRAR

2008-10-21 16:57:20 ----D---- C:\WINDOWS\ie7updates

2008-10-21 16:57:09 ----D---- C:\WINDOWS\WBEM

2008-10-21 16:56:53 ----HDC---- C:\WINDOWS\ie7

2008-10-21 16:56:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-10-21 16:56:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-10-21 16:53:00 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-20 15:22:06 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Real

2008-10-20 14:45:58 ----D---- C:\Arquivos de programas\MSXML 4.0

2008-10-20 12:57:22 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Mozilla

2008-10-20 03:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-10-20 03:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-10-20 03:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-10-20 03:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-20 03:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-20 03:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-20 03:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2008-10-20 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-10-20 03:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-10-20 03:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-20 03:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-10-20 03:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2008-10-20 03:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-10-20 03:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

2008-10-20 03:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$

2008-10-20 03:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-10-20 03:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-10-20 03:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2008-10-20 03:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-10-20 03:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$

2008-10-19 15:39:48 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Google

2008-10-19 15:35:37 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Macromedia

2008-10-19 15:35:36 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Adobe

2008-10-19 15:35:33 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Google

2008-10-19 15:35:25 ----D---- C:\Arquivos de programas\Google

2008-10-19 15:23:31 ----D---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Identities

2008-10-19 15:23:27 ----ASH---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\desktop.ini

2008-10-19 15:23:26 ----SD---- C:\Documents and Settings\Ivone de Carlo\Dados de aplicativos\Microsoft

2008-10-19 13:31:38 ----D---- C:\WINDOWS\system32\PreInstall

2008-10-19 13:31:37 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-10-19 13:31:37 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-10-19 13:31:36 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2008-10-19 13:31:36 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-19 13:19:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-10-19 12:05:31 ----A---- C:\WINDOWS\ODBC.INI

2008-10-19 12:05:03 ----D---- C:\Arquivos de programas\Arquivos comuns\Designer

2008-10-19 12:03:46 ----D---- C:\WINDOWS\ShellNew

2008-10-19 12:03:44 ----D---- C:\Arquivos de programas\Microsoft Office

2008-10-19 11:59:57 ----SHD---- C:\RECYCLER

2008-10-19 11:52:07 ----A---- C:\WINDOWS\system32\imon.dll

2008-10-19 11:51:58 ----D---- C:\Arquivos de programas\ESET

2008-10-19 11:48:01 ----D---- C:\Arquivos de programas\MSN Messenger

2008-10-19 11:47:31 ----D---- C:\Arquivos de programas\Mozilla Firefox

2008-10-19 11:47:09 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\QuickTime

2008-10-19 11:47:06 ----D---- C:\WINDOWS\system32\QuickTime

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\vp6vfw.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\vp31vfw.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\rmoc3260.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pndx5032.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pndx5016.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\pncrt.dll

2008-10-19 11:47:04 ----A---- C:\WINDOWS\system32\MACDec.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\OpenQuicktimeLib.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\mpg4c32.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\ir50_lcs.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\huffyuv.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\3ivxVfWCodec.dll

2008-10-19 11:47:03 ----A---- C:\WINDOWS\system32\3ivx.dll

2008-10-19 11:47:02 ----D---- C:\Arquivos de programas\K-Lite Codec Pack

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\WMV9VCM.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\WMV8DMOD.DLL

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\unicows.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\msvcr71.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\msvcr70.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\divx.dll

2008-10-19 11:47:02 ----A---- C:\WINDOWS\system32\cpuinf32.dll

2008-10-19 11:46:49 ----D---- C:\Arquivos de programas\WinRAR

2008-10-19 11:38:10 ----D---- C:\Arquivos de programas\Nero

2008-10-19 11:37:52 ----D---- C:\WINDOWS\RegisteredPackages

2008-10-19 11:37:31 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-10-19 11:37:31 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-10-19 11:09:16 ----D---- C:\WINDOWS\nview

2008-10-19 11:09:16 ----A---- C:\WINDOWS\system32\nvudisp.exe

2008-10-19 11:04:27 ----R---- C:\WINDOWS\Alcmtr.exe

2008-10-19 11:02:31 ----D---- C:\WINDOWS\system32\Lang

2008-10-19 11:01:20 ----R---- C:\WINDOWS\system32\ChCfg.exe

2008-10-19 11:01:00 ----D---- C:\WINDOWS\system32\RTCOM

2008-10-19 11:00:59 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-10-19 11:00:55 ----R---- C:\WINDOWS\SoundMan.exe

2008-10-19 11:00:55 ----R---- C:\WINDOWS\SkyTel.exe

2008-10-19 11:00:54 ----R---- C:\WINDOWS\RtlUpd.exe

2008-10-19 11:00:50 ----R---- C:\WINDOWS\RTLCPL.exe

2008-10-19 11:00:41 ----R---- C:\WINDOWS\RTHDCPL.exe

2008-10-19 11:00:40 ----R---- C:\WINDOWS\MicCal.exe

2008-10-19 11:00:37 ----R---- C:\WINDOWS\alcwzrd.exe

2008-10-19 11:00:37 ----D---- C:\Arquivos de programas\Realtek

2008-10-19 11:00:36 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

2008-10-19 11:00:35 ----A---- C:\WINDOWS\HideWin.exe

2008-10-19 11:00:34 ----R---- C:\WINDOWS\RtlExUpd.dll

2008-10-19 11:00:31 ----D---- C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-10-19 11:00:26 ----D---- C:\Arquivos de programas\DIFX

2008-10-19 11:00:24 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-10-19 10:58:42 ----N---- C:\WINDOWS\system32\nvuide.exe

2008-10-19 10:58:41 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-10-19 10:58:36 ----A---- C:\WINDOWS\system32\nvunrm.exe

2008-10-19 10:58:32 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

2008-10-19 10:56:53 ----HD---- C:\Arquivos de programas\Uninstall Information

2008-10-19 10:56:15 ----D---- C:\WINDOWS\SoftwareDistribution

2008-10-19 10:56:14 ----SD---- C:\WINDOWS\system32\Microsoft

2008-10-19 10:56:14 ----D---- C:\WINDOWS\Prefetch

2008-10-19 10:56:14 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-19 10:51:47 ----D---- C:\WINDOWS\system32\xircom

2008-10-19 10:51:47 ----D---- C:\Arquivos de programas\xerox

2008-10-19 10:51:47 ----D---- C:\Arquivos de programas\microsoft frontpage

2008-10-19 10:51:34 ----A---- C:\WINDOWS\control.ini

2008-10-19 10:51:34 ----A---- C:\AUTOEXEC.BAT

2008-10-19 10:51:26 ----A---- C:\WINDOWS\OEWABLog.txt

2008-10-19 10:51:23 ----A---- C:\WINDOWS\system32\mapi32.dll

2008-10-19 10:50:45 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-19 10:50:45 ----RD---- C:\WINDOWS\Offline Web Pages

2008-10-19 10:50:45 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-10-19 10:50:40 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-10-19 10:50:37 ----HD---- C:\Arquivos de programas\WindowsUpdate

2008-10-19 10:50:35 ----D---- C:\Arquivos de programas\Serviços on-line

2008-10-19 10:50:24 ----D---- C:\WINDOWS\system32\DirectX

2008-10-19 10:50:20 ----A---- C:\WINDOWS\system32\atrace.dll

2008-10-19 10:50:18 ----A---- C:\WINDOWS\system32\desktop.ini

2008-10-19 10:50:18 ----A---- C:\WINDOWS\desktop.ini

2008-10-19 10:50:13 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2008-10-19 10:50:12 ----A---- C:\WINDOWS\system32\acctres.dll

2008-10-19 10:50:11 ----D---- C:\Arquivos de programas\Arquivos comuns\Serviços

2008-10-19 10:50:10 ----SD---- C:\WINDOWS\Tasks

2008-10-19 10:50:10 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-10-19 10:50:09 ----D---- C:\Arquivos de programas\Arquivos comuns\MSSoap

2008-10-19 10:50:06 ----D---- C:\WINDOWS\system32\Macromed

2008-10-19 10:50:06 ----D---- C:\WINDOWS\srchasst

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-10-19 10:50:04 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wups.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-10-19 10:50:03 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-10-19 10:50:00 ----D---- C:\Arquivos de programas\Movie Maker

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-10-19 10:49:48 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-10-19 10:49:46 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-10-19 10:49:46 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-10-19 10:49:45 ----D---- C:\WINDOWS\system32\Restore

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\srclient.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\mnmdd.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2008-10-19 10:49:45 ----A---- C:\WINDOWS\system32\ils.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\msconf.dll

2008-10-19 10:49:44 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2008-10-19 10:49:42 ----D---- C:\Arquivos de programas\NetMeeting

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-10-19 10:49:42 ----A---- C:\WINDOWS\system32\inetres.dll

2008-10-19 10:49:41 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-10-19 10:49:41 ----A---- C:\WINDOWS\system32\inetcomm(2).dll

2008-10-19 10:49:40 ----D---- C:\Arquivos de programas\Outlook Express

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\mstask.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\isign32.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-10-19 10:49:40 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-10-19 10:49:36 ----D---- C:\Arquivos de programas\Arquivos comuns\System

2008-10-19 10:49:35 ----D---- C:\Arquivos de programas\Internet Explorer

2008-10-19 10:49:08 ----D---- C:\Arquivos de programas\ComPlus Applications

2008-10-19 10:49:07 ----A---- C:\WINDOWS\vbaddin.ini

2008-10-19 10:49:07 ----A---- C:\WINDOWS\vb.ini

2008-10-19 10:49:03 ----D---- C:\WINDOWS\Registration

2008-10-19 10:48:58 ----D---- C:\Arquivos de programas\Windows Media Player

2008-10-19 10:48:53 ----D---- C:\Arquivos de programas\Messenger

2008-10-19 10:48:51 ----D---- C:\Arquivos de programas\MSN Gaming Zone

2008-10-19 10:48:51 ----A---- C:\WINDOWS\system32\write.exe

2008-10-19 10:48:45 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-10-19 10:48:45 ----A---- C:\WINDOWS\system32\hticons.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\winchat.exe

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avwav.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-10-19 10:48:44 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-10-19 10:48:40 ----A---- C:\WINDOWS\system32\getuname.dll

2008-10-19 10:48:40 ----A---- C:\WINDOWS\system32\charmap.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\winmine.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\sol.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\reset.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\freecell.exe

2008-10-19 10:48:39 ----A---- C:\WINDOWS\system32\calc.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tskill.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\tscon.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\shadow.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\regini.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\msg.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\logoff.exe

2008-10-19 10:48:38 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-10-19 10:48:34 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\sndrec32.exe

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-10-19 10:48:33 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-10-19 10:48:32 ----D---- C:\Arquivos de programas\Windows NT

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\spider.exe

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-10-19 10:48:32 ----A---- C:\WINDOWS\system32\clipbrd.exe

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\tsgqec.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2008-10-19 10:48:31 ----A---- C:\WINDOWS\system32\aaclient.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-10-19 10:48:30 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-10-19 10:48:29 ----D---- C:\WINDOWS\system32\MsDtc

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-10-19 10:48:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-10-19 10:48:28 ----D---- C:\WINDOWS\system32\Com

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-10-19 10:48:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\stclient.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\colbact.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-10-19 10:48:27 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comuid.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-10-19 10:48:26 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-10-19 10:48:22 ----A---- C:\WINDOWS\system32\cmprops.dll

2008-10-19 08:47:46 ----A---- C:\WINDOWS\system32\h323log.txt

2008-10-19 08:46:00 ----A---- C:\WINDOWS\system32\usbui.dll

2008-10-19 08:45:15 ----A---- C:\WINDOWS\imsins.BAK

2008-10-19 08:45:13 ----SHD---- C:\WINDOWS\Installer

2008-10-19 08:45:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-10-19 08:45:12 ----D---- C:\Arquivos de programas\Arquivos comuns\ODBC

2008-10-19 08:45:12 ----A---- C:\WINDOWS\ODBCINST.INI

2008-10-19 08:45:10 ----D---- C:\Arquivos de programas\Arquivos comuns\SpeechEngines

2008-10-19 08:45:09 ----RD---- C:\Arquivos de programas

2008-10-19 08:45:09 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

2008-10-19 08:45:09 ----D---- C:\Arquivos de programas\Arquivos comuns

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2008-10-19 08:45:07 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdur.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdru.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2008-10-19 08:45:05 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2008-10-19 08:45:04 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2008-10-19 08:45:03 ----RA---- C:\WINDOWS\system32\kbdest.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdro.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2008-10-19 08:45:02 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\irclass.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-10-19 08:44:58 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-10-19 08:44:56 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-10-19 08:44:56 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-10-19 08:44:56 ----A---- C:\WINDOWS\system32\batt.dll

2008-10-19 08:44:55 ----A---- C:\WINDOWS\system32\storprop.dll

2008-10-19 08:44:55 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-10-19 08:44:49 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

2008-10-19 08:44:47 ----RA---- C:\WINDOWS\SET8.tmp

2008-10-19 08:44:45 ----RA---- C:\WINDOWS\SET4.tmp

2008-10-19 08:44:44 ----RA---- C:\WINDOWS\SET3.tmp

2008-10-19 08:44:40 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-19 08:44:40 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-19 08:44:35 ----SD---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

2008-10-19 08:44:20 ----A---- C:\WINDOWS\setuplog.txt

2008-10-19 08:44:17 ----D---- C:\Documents and Settings

2008-10-19 08:44:16 ----SHD---- C:\System Volume Information

2008-10-19 08:43:27 ----RASH---- C:\boot.ini

2008-10-19 08:40:44 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-19 08:40:44 ----RSD---- C:\WINDOWS\Fonts

2008-10-19 08:40:44 ----RD---- C:\WINDOWS\Web

2008-10-19 08:40:44 ----HD---- C:\WINDOWS\inf

2008-10-19 08:40:44 ----D---- C:\WINDOWS\WinSxS

2008-10-19 08:40:44 ----D---- C:\WINDOWS\twain_32

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Temp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\wins

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\wbem

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\usmt

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\spool

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ShellExt

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\Setup

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ras

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\pt-BR

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\oobe

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\npp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\mui

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\inetsrv

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\IME

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\icsxml

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\ias

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\export

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\drivers

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\dhcp

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\config

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\3com_dmi

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\3076

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\2052

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1054

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1046

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1042

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1041

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1037

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1033

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1031

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1028

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32\1025

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system32

2008-10-19 08:40:44 ----D---- C:\WINDOWS\system

2008-10-19 08:40:44 ----D---- C:\WINDOWS\security

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Resources

2008-10-19 08:40:44 ----D---- C:\WINDOWS\repair

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Provisioning

2008-10-19 08:40:44 ----D---- C:\WINDOWS\PeerNet

2008-10-19 08:40:44 ----D---- C:\WINDOWS\pchealth

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Network Diagnostic

2008-10-19 08:40:44 ----D---- C:\WINDOWS\mui

2008-10-19 08:40:44 ----D---- C:\WINDOWS\msapps

2008-10-19 08:40:44 ----D---- C:\WINDOWS\msagent

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Media

2008-10-19 08:40:44 ----D---- C:\WINDOWS\L2Schemas

2008-10-19 08:40:44 ----D---- C:\WINDOWS\java

2008-10-19 08:40:44 ----D---- C:\WINDOWS\ime

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Help

2008-10-19 08:40:44 ----D---- C:\WINDOWS\ehome

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Driver Cache

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Debug

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Cursors

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Connection Wizard

2008-10-19 08:40:44 ----D---- C:\WINDOWS\Config

2008-10-19 08:40:44 ----D---- C:\WINDOWS\AppPatch

2008-10-19 08:40:44 ----D---- C:\WINDOWS\addins

2008-10-19 08:40:44 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2008-10-19 12:05:24 ----A---- C:\WINDOWS\win.ini

2008-10-19 08:45:08 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]

R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-10-19 15424]

R1 WS2IFSL;Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-28 12032]

R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-10-19 512096]

R3 HDAudBus;Driver de Barramento Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-16 6853088]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]

R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []

S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-05 85969]

S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]

S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]

S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]

S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]

S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Arquivos de programas\Java\jre6\bin\jqs.exe [2008-10-22 152984]

R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]

R2 NOD32krn;NOD32 Kernel Service; C:\Arquivos de programas\Eset\nod32krn.exe [2008-10-19 552064]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-16 155716]

R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

S3 getPlus® Helper;getPlus® Helper; C:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]

S3 gusvc;Google Updater Service; C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-19 138168]

S3 NBService;NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe []

S3 NMIndexingService;NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]

S3 ServiceLayer;ServiceLayer; C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]

S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Arquivos de programas\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

ComboFix 08-11-18.04 - Ivone de Carlo 2008-11-19 13:20:19.5 - NTFSx86 MINIMAL

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.835 [GMT -2:00]

Executando de: C:\Documents and Settings\Ivone de Carlo\Desktop\ComboFix.exe

.

já tô com vontade de quebrar essa porcaria!!!

* pelo menos as paginas do explorer já não estão abrindo sozinhas e o teclado esta obedecendo a digitação.

Desculpe mas já tô perdendo a cabeça com esse pc!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara ivesicfs

Desculpe mas já tô perdendo a cabeça com esse pc!!!
Tenha calma e paciência que tudo vai se acertar ;)

PERGUNTA: você chegou a executar o MalwareBytes Anti-Malware e o ComboFix como pedi em minha última mensagem? Se sim, é o logs deles que preciso :)

Caso não, por favor, execute-os! E poste seus logs em sua próxima resposta!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes' Anti-Malware 1.30

Versão do banco de dados: 1403

Windows 5.1.2600 Service Pack 3

2008-11-17 11:04:51

mbam-log-2008-11-17 (11-04-51).txt

Tipo de Verificação: Rápida

Objetos verificados: 55811

Tempo decorrido: 4 minute(s), 25 second(s)

Processos da Memória infectados: 0

Módulos de Memória Infectados: 2

Chaves do Registro infectadas: 16

Valores do Registro infectados: 3

Ítens do Registro infectados: 2

Pastas infectadas: 0

Arquivos infectados: 43

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

Módulos de Memória Infectados:

C:\WINDOWS\system32\prmviodo.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\wvUmnNdA.dll (Trojan.Vundo.H) -> Delete on reboot.

Chaves do Registro infectadas:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6816f8dc-1c43-440e-89a1-0fa937e347f5} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\{6816f8dc-1c43-440e-89a1-0fa937e347f5} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75abcf92-9764-4dfa-a83f-5142c3905052} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvuoevm (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{75abcf92-9764-4dfa-a83f-5142c3905052} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6816f8dc-1c43-440e-89a1-0fa937e347f5} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{831cbac4-8283-4653-9d81-feb9f3f6e47c} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{831cbac2-8283-4653-9d81-feb9f3f6e47c} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75abcf92-9764-4dfa-a83f-5142c3905052} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/uni.gpc (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valores do Registro infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\b81ffedb (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{75abcf92-9764-4dfa-a83f-5142c3905052} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\uni.gpc (Trojan.Agent) -> Quarantined and deleted successfully.

Ítens do Registro infectados:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\wvumnnda -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvumnnda -> Delete on reboot.

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

Arquivos infectados:

C:\WINDOWS\system32\wvUmnNdA.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\AdNnmUvw.ini (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\AdNnmUvw.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tuvUOEVM.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\afkknwiv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\viwnkkfa.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\cagroxal.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\laxorgac.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ccjfdony.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ynodfjcc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\egimgdha.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ahdgmige.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\epvxdfxk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kxfdxvpe.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jyxwhwfl.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lfwhwxyj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lwsxpuub.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\buupxswl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\prmviodo.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\odoivmrp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\rzpyvy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\bxmdonmt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\fcccdDvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\geBqnNET.Vdll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\iifGYsrO.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\qoMdBsrQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\rcuawg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ogceheef.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\pouzjc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\nvsavghj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\zfcdam.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\gwwoetqq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tuvUOEVM.V00dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tuvUOEVM.Vdll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tuvWpPIB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\twsdmvou.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Ivone de Carlo\Configurações locais\Temp\dbtjtivg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Ivone de Carlo\Configurações locais\Temp\rkljssrj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Ivone de Carlo\Configurações locais\Temp\gvympccg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Ivone de Carlo\Configurações locais\Temp\pjutnosl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\Downloaded Program Files\uni.gpc (Trojan.Agent) -> Delete on reboot.

C:\WINDOWS\system32\dllhosts.exe (Trojan.Agent) -> Quarantined and deleted successfully.

combofix

ComboFix 08-11-18.04 - Ivone de Carlo 2008-11-19 13:20:19.5 - NTFSx86 MINIMAL

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.835 [GMT -2:00]

Executando de: C:\Documents and Settings\Ivone de Carlo\Desktop\ComboFix.exe

.

Me desculpe tô tão nervosa com isso que acabei postando errado .

Abraços

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara ivesicfs

Opa.. já fizemos uma boa limpeza :)

Novamente...

Faça o download de DDS e salve no desktop.

  • Temporariamente desative os seus programas de proteção.
  • Duplo clique em dds.scr.
  • Quando terminar, o DDS.txt irá abrir.
  • Salve os resultados e cole-os na sua próxima resposta

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde, Diego.

SEgue Log dds

DDS (Version 1.0) - NTFSx86

Run by Ivone de Carlo at 13:31:01.45 on 2008-11-21

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.1023.671 [GMT -2:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\MSN Messenger\usnsvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Documents and Settings\Ivone de Carlo\Desktop\dds.scr

============== Psuedo HJT Report ===============

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

BHO: {6d73ae40-1a08-445a-abbf-fb1890feecb0} - c:\windows\system32\yhwfgq.dll

BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\arquivos de programas\java\jre6\bin\ssv.dll

BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\arquivos de programas\google\googletoolbarnotifier\3.1.807.1746\swg.dll

BHO: {C41A1C0E-EA6C-11D4-B1B8-444553540008} - c:\windows\downloaded program files\gbiehuni.dll

BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\arquivos de programas\arquivos comuns\ahead\lib\NMBgMonitor.exe"

uRun: [swg] c:\arquivos de programas\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [msnmsgr] "c:\arquivos de programas\msn messenger\msnmsgr.exe" /background

mRun: [skyTel] SkyTel.EXE

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [nod32kui] "c:\arquivos de programas\eset\nod32kui.exe" /WAITSERVICE

mRun: [sunJavaUpdateSched] "c:\arquivos de programas\java\jre6\bin\jusched.exe"

mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [NeroFilterCheck] c:\arquivos de programas\arquivos comuns\nero\lib\NeroCheck.exe

mRun: [NBKeyScan] "c:\arquivos de programas\nero\nero8\nero backitup\NBKeyScan.exe"

mRun: [iSUSPM Startup] c:\arquiv~1\arquiv~1\instal~1\update~1\isuspm.exe -startup

mRun: [iSUSScheduler] "c:\arquivos de programas\arquivos comuns\installshield\updateservice\issch.exe" -start

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\micros~1.lnk - c:\arquivos de programas\microsoft office\office10\OSA.EXE

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office10\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

LSP: c:\windows\system32\imon.dll

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\arquivos de programas\arquivos comuns\microsoft shared\web folders\PKMCDO.DLL

Notify: GbPluginUni - c:\windows\downloaded program files\gbiehuni.dll

SEH: {E37CB5F0-51F5-4395-A808-5FA49E399008} - c:\windows\downloaded program files\gbiehuni.dll

============= SERVICES / DRIVERS ===============

S3 getPlus® Helper;getPlus® Helper;c:\arquivos de programas\nos\bin\getPlus_HelperSvc.exe [2008-10-24 33752]

=============== Created Last 30 ================

2008-11-20 15:17 3,497,832 a------- c:\windows\system32\d3dx9_34.dll

2008-11-20 13:57 73,728 a------- c:\windows\system32\ISUSPM.cpl

2008-11-20 13:57 <DIR> --d----- c:\arquivos de programas\Activision

2008-11-19 17:36 54,156 a---h--- c:\windows\QTFont.qfn

2008-11-19 17:36 1,409 a------- c:\windows\QTFont.for

2008-11-19 13:30 <DIR> --d----- C:\ComboFix

2008-11-19 13:29 <DIR> --d----- C:\ComboFix(4)

2008-11-19 13:29 <DIR> --d----- C:\ComboFix(3)

2008-11-19 13:20 <DIR> --d----- C:\ComboFix(2)

2008-11-18 17:33 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PCSuite

2008-11-17 18:44 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2008-11-17 18:44 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

2008-11-17 11:10 455,296 ac------ c:\windows\system32\dllcache\mrxsmb.sys

2008-11-17 10:57 <DIR> --d----- c:\docume~1\ivoned~1\dadosd~1\Malwarebytes

2008-11-17 10:57 15,504 a------- c:\windows\system32\drivers\mbam.sys

2008-11-17 10:57 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys

2008-11-17 10:57 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

2008-11-17 10:57 <DIR> --d----- c:\arquivos de programas\Malwarebytes' Anti-Malware

2008-11-17 10:25 <DIR> --d----- c:\docume~1\ivoned~1\dadosd~1\Desktopicon

2008-11-17 10:25 124,688 a------- c:\windows\system32\MSWINSCK.OCX

2008-11-17 10:25 <DIR> --d----- c:\arquivos de programas\DsNET Corp

2008-11-17 09:32 <DIR> --d----- c:\arquivos de programas\ffdshow

2008-11-17 09:05 113,152 a------- c:\windows\system32\yhwfgq.dll

2008-11-17 09:05 113,152 a------- c:\windows\system32\xlnkrulf.dll

2008-11-17 09:00 113,152 a------- c:\windows\system32\ftotdn.dll

2008-11-17 09:00 113,152 a------- c:\windows\system32\pmyeoaer.dll

2008-11-16 03:36 <DIR> --d----- c:\docume~1\ivoned~1\dadosd~1\NeroDigital™

2008-11-16 03:35 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Messenger Plus!

2008-11-16 03:35 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

2008-11-15 22:46 1,597,717 ---sh--- c:\windows\system32\tolklokg.ini

2008-11-15 22:43 114,688 a------- c:\windows\system32\mipjpm.dll

2008-11-15 22:43 114,688 a------- c:\windows\system32\yedymmnd.dll

2008-11-15 15:06 221,184 a------- c:\windows\system32\wmpns.dll

2008-11-14 14:13 114,688 a------- c:\windows\system32\kcddkl.dll

2008-11-14 14:13 114,688 a------- c:\windows\system32\lhuuwatv.dll

2008-11-14 14:11 1,597,704 ---sh--- c:\windows\system32\mqwtrhvs.ini

2008-11-14 04:09 7,168 a--sh--- c:\windows\Thumbs.db

2008-11-13 23:53 115,712 a------- c:\windows\system32\xwbqgt.dll

2008-11-13 23:53 115,712 a------- c:\windows\system32\pykkxmbo.dll

2008-11-13 23:47 1,592,664 ---sh--- c:\windows\system32\ajcwfmbn.ini

2008-11-12 17:43 114,688 a------- c:\windows\system32\uapvhh.dll

2008-11-12 17:43 114,688 a------- c:\windows\system32\sviptlpd.dll

2008-11-12 17:41 1,592,655 ---sh--- c:\windows\system32\skqxbiur.ini

2008-11-12 11:23 400,896 a------- c:\windows\system32\CF20655.exe

2008-11-12 02:34 400,896 a------- c:\windows\system32\CF15316.exe

2008-11-12 02:15 400,896 a------- c:\windows\system32\CF11580.exe

2008-11-12 01:11 0 a------- c:\windows\Irremote.ini

2008-11-11 17:05 116,736 a------- c:\windows\system32\uhpnjc.dll

2008-11-11 17:05 116,736 a------- c:\windows\system32\iwyflhjd.dll

2008-11-10 11:17 <DIR> --d----- c:\arquivos de programas\Messenger Plus! Live

2008-11-10 10:03 1,972,654 ---sh--- c:\windows\system32\tkdkkmeq.ini

2008-11-10 09:58 116,736 a------- c:\windows\system32\npejgbbx.dll

2008-11-10 09:58 116,736 a------- c:\windows\system32\lubzlz.dll

2008-11-09 19:20 112,640 a------- c:\windows\system32\sggpxy.dll

2008-11-09 19:20 112,640 a------- c:\windows\system32\muxwwxcf.dll

2008-11-09 19:20 1,962,915 ---sh--- c:\windows\system32\npdoufph.ini

2008-11-08 23:59 <DIR> a-dshr-- C:\cmdcons

2008-11-08 23:50 161,792 a------- c:\windows\SWREG.exe

2008-11-08 23:50 98,816 a------- c:\windows\sed.exe

2008-11-08 23:49 400,896 a------- c:\windows\system32\CF21419.exe

2008-11-08 23:22 1,962,915 ---sh--- c:\windows\system32\ijlmmlkb.ini

2008-11-08 16:52 1,962,915 ---sh--- c:\windows\system32\arhnfibp.ini

2008-11-07 18:15 268 a---h--- C:\sqmdata08.sqm

2008-11-07 18:15 244 a---h--- C:\sqmnoopt08.sqm

2008-11-07 12:47 268 a---h--- C:\sqmdata07.sqm

2008-11-07 12:47 244 a---h--- C:\sqmnoopt07.sqm

2008-11-07 12:20 116,736 a------- c:\windows\system32\iwbiej.dll

2008-11-07 12:20 116,736 a------- c:\windows\system32\etswmnbf.dll

2008-11-07 12:18 1,963,450 ---sh--- c:\windows\system32\fmsdxptv.ini

2008-11-07 12:08 268 a---h--- C:\sqmdata06.sqm

2008-11-07 12:08 244 a---h--- C:\sqmnoopt06.sqm

2008-11-07 08:16 1,957,432 ---sh--- c:\windows\system32\ayystelu.ini

2008-11-07 08:13 113,664 a------- c:\windows\system32\oyeirckx.dll

2008-11-07 08:13 113,664 a------- c:\windows\system32\npspfv.dll

2008-11-07 03:39 113,664 a------- c:\windows\system32\tkspmd.dll

2008-11-07 03:39 113,664 a------- c:\windows\system32\bepqishg.dll

2008-11-07 03:37 1,957,738 ---sh--- c:\windows\system32\fpiueiql.ini

2008-11-07 01:00 <DIR> --d----- c:\arquivos de programas\Eurekr.com

2008-11-06 17:40 113,664 a------- c:\windows\system32\xywcgd.dll

2008-11-06 17:40 113,664 a------- c:\windows\system32\bxwdmqst.dll

2008-11-05 17:19 111,616 a------- c:\windows\system32\pgdqyt.dll

2008-11-05 17:19 111,616 a------- c:\windows\system32\uudvvhmb.dll

2008-11-05 13:45 <DIR> --d----- c:\arquivos de programas\trend micro

2008-11-05 13:03 250 a------- c:\windows\gmer.ini

2008-11-04 13:29 1,947,814 ---sh--- c:\windows\system32\efesdres.ini

2008-11-04 13:27 116,224 a------- c:\windows\system32\vsyjsb.dll

2008-11-04 13:27 116,224 a------- c:\windows\system32\uaupfali.dll

2008-11-04 13:26 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nokia

2008-11-04 13:24 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

2008-11-02 23:52 <DIR> --d----- c:\arquivos de programas\EsetOnlineScanner

2008-11-02 14:03 1,519,272 ---sh--- c:\windows\system32\lheryibg.ini

2008-11-02 01:21 <DIR> --d----- c:\windows\pss

2008-11-02 01:09 1,519,254 ---sh--- c:\windows\system32\orfwbral.ini

2008-10-31 12:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\GbPlugin

2008-10-30 01:31 <DIR> --d----- c:\arquivos de programas\MyFantasyMaker

2008-10-30 01:30 <DIR> --d----- c:\windows\Downloaded Installations

2008-10-28 01:39 <DIR> --d----- c:\arquivos de programas\Custom Technology

2008-10-28 01:38 719,872 a------- c:\windows\system32\devil.dll

2008-10-28 01:38 313,344 a------- c:\windows\system32\avisynth.dll

2008-10-28 01:37 <DIR> --d----- c:\arquivos de programas\DIKO

2008-10-27 01:51 <DIR> --d----- C:\ZCVideoDVD

2008-10-27 01:49 77 a------- c:\windows\ZC DVD Creator Platinum.INI

2008-10-27 01:49 <DIR> --d----- c:\arquivos de programas\ZC DVD Creator Platinum

2008-10-27 00:54 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

2008-10-25 11:38 <DIR> --d----- c:\docume~1\ivoned~1\dadosd~1\LimeWire

2008-10-25 00:07 <DIR> --d----- c:\docume~1\ivoned~1\dadosd~1\PC Suite

2008-10-24 21:11 97 a------- c:\windows\system32\Monitored2.dat

2008-10-24 21:11 366,080 a------- c:\windows\system32\doskeys.exe

2008-10-24 21:11 37,888 a------- c:\windows\system32\rar.exe

2008-10-24 19:48 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

2008-10-24 19:48 26,112 a------- c:\windows\system32\drivers\usbser.sys

2008-10-24 19:47 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf

2008-10-24 19:47 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2008-10-24 19:37 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Suite

2008-10-24 19:36 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Nokia

2008-10-24 19:36 21,632 a------- c:\windows\system32\drivers\pccsmcfd.sys

2008-10-24 19:36 <DIR> --d----- c:\arquivos de programas\PC Connectivity Solution

2008-10-24 19:36 8,064 a------- c:\windows\system32\drivers\usbser_lowerfltj.sys

2008-10-24 19:36 8,064 a------- c:\windows\system32\drivers\usbser_lowerflt.sys

2008-10-24 19:36 20,864 a------- c:\windows\system32\drivers\ccdcmbo.sys

2008-10-24 19:36 1,419,232 a------- c:\windows\system32\wdfcoinstaller01005.dll

2008-10-24 19:36 659,968 a------- c:\windows\system32\nmwcdcocls.dll

2008-10-24 19:36 17,536 a------- c:\windows\system32\drivers\ccdcmb.sys

2008-10-24 19:36 90,624 a------- c:\windows\system32\nmwcdcls.dll

2008-10-24 19:36 <DIR> --d----- c:\arquivos de programas\Nokia

2008-10-24 19:35 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Installations

2008-10-22 17:07 <DIR> --d----- c:\windows\system32\appmgmt

2008-10-22 17:04 410,976 a------- c:\windows\system32\deploytk.dll

2008-10-22 17:04 73,728 a------- c:\windows\system32\javacpl.cpl

==================== Find3M ====================

2008-11-20 13:57 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

2008-11-19 16:46 490,962 a------- c:\windows\system32\perfh016.dat

2008-11-19 16:46 92,866 a------- c:\windows\system32\perfc016.dat

2008-11-17 13:22 116,736 a------- c:\windows\system32\kinzpr.dll

2008-11-16 03:35 <DIR> --d----- c:\arquivos de programas\MSN Messenger

2008-11-14 04:09 <DIR> --d----- c:\arquivos de programas\Messenger

2008-11-14 04:09 <DIR> --d----- c:\arquivos de programas\K-Lite Codec Pack

2008-11-12 12:24 <DIR> --d----- c:\arquivos de programas\Nero

2008-10-22 17:19 <DIR> --d----- c:\arquivos de programas\ESET

2008-10-20 14:45 <DIR> --d----- c:\arquivos de programas\MSXML 4.0

2008-10-19 21:33 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

2008-10-19 11:51 298,104 a------- c:\windows\system32\imon.dll

2008-10-19 11:04 <DIR> --d----- c:\arquivos de programas\Realtek

2008-10-19 11:02 15,600 a------- c:\windows\gdrv.sys

2008-10-19 11:00 315,392 a------- c:\windows\HideWin.exe

2008-10-19 10:50 <DIR> --d-h--- c:\arquivos de programas\WindowsUpdate

2008-10-19 10:50 <DIR> --d----- c:\arquivos de programas\Serviços on-line

2008-10-19 10:50 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

2008-10-19 10:50 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

2008-10-19 10:49 21,844 a------- c:\windows\system32\emptyregdb.dat

2008-10-19 10:48 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

2008-10-19 10:48 <DIR> --d----- c:\arquivos de programas\Windows NT

2008-10-19 08:45 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

2008-10-19 08:45 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll

2008-09-15 13:26 1,846,528 a------- c:\windows\system32\win32k.sys

2008-09-09 23:15 1,307,648 a------- c:\windows\system32\msxml6.dll

2008-09-04 15:16 1,106,944 a------- c:\windows\system32\msxml3.dll

2008-08-26 06:11 826,368 a------- c:\windows\system32\wininet.dll

============= FINISH: 13:31:11.35 ===============

será que conseguiremos matar essa hidra????rsrsrs

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×