Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
herguim

micro muito lento... será vírus?

Recommended Posts

Boa tarde,

Gostaria que verificassem se tenho alguma infecção no meu pc pois o mesmo anda travando desde a inicialização dos aplicativos até a navegação.

Demora uma eternidade para abrir "meu computador", iniciar, painel de controle, etc...

O que devo fazer e como fazer?

Grato,

Herguim:confused:

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigado...

segue logs:

DDS (Ver_09-03-16.01) - NTFSx86

Run by Hernani at 0:42:01,00 on sex 27/03/2009

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.507.117 [GMT -3:00]

AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated)

AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)

FW: PC Tools Firewall Plus *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe

C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FWService.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FirewallGUI.exe

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\ctfmon.exe

D:\ARQUIVOS DE PROGRAMAS\Limpadores\Trash it!\Trash it Scheduler.exe

D:\ARQUIVOS DE PROGRAMAS\FIREFOX\firefox.exe

C:\WINDOWS\system32\wscntfy.exe

D:\DOWNLOADS\dds.scr

C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\arquivos de programas\segurança\kav2009\ievkbd.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Trash it Scheduler] d:\arquivos de programas\limpadores\trash it!\Trash it Scheduler.exe

mRun: [AVP] "d:\arquivos de programas\segurança\kav2009\avp.exe"

mPolicies-system: HideFastUserSwitching = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000

IE: E&xportar para o Microsoft Excel

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\arquivos de programas\segurança\kav2009\SCIEPlgn.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL

LSP: c:\arquivos de programas\arquivos comuns\pc tools\lsp\PCTLsp.dll

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237237095484

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~2\office12\GR99D3~1.DLL

Notify: igfxcui - igfxdev.dll

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: d:\arquiv~1\segura~1\kav2009\mzvkbd.dll,d:\arquiv~1\segura~1\kav2009\mzvkbd3.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hernani\dadosd~1\mozilla\firefox\profiles\twmmii6j.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/ig?hl=pt-BR&source=iglk

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nppl3260.dll

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprjplug.dll

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprpjplug.dll

---- FIREFOX POLICIES ----

d:\arquivos de programas\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-16 28544]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-3-20 130424]

R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-26 226832]

R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-3-15 159600]

R2 AVP;Kaspersky Anti-Virus;d:\arquivos de programas\segurança\kav2009\avp.exe [2008-11-11 206088]

R2 LF30FS;LF30FS;d:\arquivos de programas\segurança\lockfolder\LF30XP.sys [2004-11-19 101488]

R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-3-15 73840]

R2 PCToolsFirewallPlus;PC Tools Firewall Plus;d:\arquivos de programas\segurança\pc tools firewall plus\pc tools firewall plus\FWService.exe [2009-3-7 146800]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]

R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-3-15 95640]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-14 222976]

S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2009-3-14 26488]

S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009-3-26 64392]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]

S3 sdAuxService;PC Tools Auxiliary Service;d:\arquivos de programas\spyware doctor\pctsAuxs.exe [2009-3-26 348752]

S3 sdCoreService;PC Tools Security Service;d:\arquivos de programas\spyware doctor\pctsSvc.exe [2009-3-26 1095560]

S3 TfNetMon;TfNetMon; [x]

S4 a2free;a-squared Free Service;d:\arquivos de programas\segurança\a-squared free\a2service.exe [2009-3-7 425080]

=============== Created Last 30 ================

2009-03-26 23:51 142 a------- c:\windows\system32\spupdsvc.inf

2009-03-26 22:59 <DIR> --d----- c:\windows\system32\KB905474

2009-03-26 22:14 691,712 a------- c:\windows\is-HUAAE.exe

2009-03-26 22:14 11,868 a------- c:\windows\is-HUAAE.msg

2009-03-26 22:14 268 a------- c:\windows\is-HUAAE.lst

2009-03-26 22:13 64,392 a------- c:\windows\system32\drivers\pctplsg.sys

2009-03-26 22:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PC Tools

2009-03-26 21:26 189,102 a------- C:\1current.trs

2009-03-26 21:22 24,364,032 a------- C:\current.trs

2009-03-26 21:01 101,287 a------- c:\windows\system32\drivers\klin.dat

2009-03-26 21:01 89,601 a------- c:\windows\system32\drivers\klick.dat

2009-03-26 21:00 1,447,968 a--sh--- c:\windows\system32\drivers\fidbox.dat

2009-03-26 21:00 237,600 a--sh--- c:\windows\system32\drivers\fidbox2.dat

2009-03-26 21:00 13,440 a--sh--- c:\windows\system32\drivers\fidbox.idx

2009-03-26 21:00 2,940 a--sh--- c:\windows\system32\drivers\fidbox2.idx

2009-03-26 21:00 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab

2009-03-26 20:22 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files

2009-03-26 18:32 <DIR> --d----- c:\windows\LastGood.Tmp

2009-03-25 16:45 5,632 ac------ c:\windows\system32\dllcache\kbdheb.dll

2009-03-25 16:41 18,688 ac------ c:\windows\system32\dllcache\irsir.sys

2009-03-25 16:40 28,672 ac------ c:\windows\system32\dllcache\irmon.dll

2009-03-25 16:25 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll

2009-03-25 16:19 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll

2009-03-25 16:12 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll

2009-03-25 16:08 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys

2009-03-25 13:22 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll

2009-03-25 13:22 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll

2009-03-25 13:22 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll

2009-03-25 13:22 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe

2009-03-25 13:22 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe

2009-03-25 13:22 99,865 ac------ c:\windows\system32\dllcache\xlog.exe

2009-03-25 13:22 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys

2009-03-25 13:22 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys

2009-03-25 13:22 19,200 ac------ c:\windows\system32\dllcache\wstcodec.sys

2009-03-25 13:22 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys

2009-03-25 13:22 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll

2009-03-25 13:20 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

2009-03-25 13:19 17,024 ac------ c:\windows\system32\dllcache\stcusb.sys

2009-03-25 13:18 161,632 ac------ c:\windows\system32\dllcache\sgsmusb.sys

2009-03-25 13:17 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys

2009-03-25 13:16 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe

2009-03-25 13:15 5,504 ac------ c:\windows\system32\dllcache\mstee.sys

2009-03-25 13:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys

2009-03-25 13:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys

2009-03-25 13:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys

2009-03-25 13:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys

2009-03-25 13:14 35,200 ac------ c:\windows\system32\dllcache\msgame.sys

2009-03-25 13:14 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys

2009-03-25 13:14 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax

2009-03-25 13:14 51,200 ac------ c:\windows\system32\dllcache\msdv.sys

2009-03-25 13:14 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys

2009-03-25 13:14 15,232 ac------ c:\windows\system32\dllcache\mpe.sys

2009-03-25 13:14 12,288 ac------ c:\windows\system32\dllcache\mouhid.sys

2009-03-25 13:14 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys

2009-03-25 13:12 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys

2009-03-25 13:11 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll

2009-03-25 13:10 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll

2009-03-25 13:09 907,904 ac------ c:\windows\system32\dllcache\hcf_msft.sys

2009-03-25 13:08 347,966 ac------ c:\windows\system32\dllcache\es56tpi.sys

2009-03-25 13:07 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys

2009-03-25 13:06 28,672 ac------ c:\windows\system32\dllcache\cyycoins.dll

2009-03-25 13:05 13,952 ac------ c:\windows\system32\dllcache\cmbatt.sys

2009-03-25 13:04 14,080 ac------ c:\windows\system32\dllcache\bulltlp3.sys

2009-03-25 13:03 96,128 ac------ c:\windows\system32\dllcache\ati.dll

2009-03-25 13:02 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll

2009-03-25 11:31 8 a------- c:\windows\scanreg.ini

2009-03-25 11:04 <DIR> --d----- c:\windows\MindSoft Utilities 2009 for Windows XP

2009-03-24 11:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SWF Studio

2009-03-24 11:02 <DIR> --d----- c:\docume~1\hernani\dadosd~1\KeePass

2009-03-24 11:01 <DIR> --d-h--- C:\89a93d7abf118d1e5a5d

2009-03-24 11:01 <DIR> --d-h--- C:\4fce31b89cfde0a00e4386baa9baec6d

2009-03-24 11:01 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\IconTweaker

2009-03-23 21:31 147,456 a------- c:\windows\system32\igfxCoIn_v5009.dll

2009-03-23 21:16 53,248 a------- c:\windows\system32\CSVer.dll

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH3

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH2

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH1

2009-03-22 23:53 <DIR> --d----- c:\documents and settings\hernani\Contacts

2009-03-22 18:30 720,896 a------- c:\windows\iun6002.exe

2009-03-22 16:11 <DIR> --d----- c:\windows\pss

2009-03-22 00:36 <DIR> --d----- c:\windows\system32\GroupPolicy

2009-03-22 00:25 39 a------- C:\ntosboot.bat

2009-03-21 13:58 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Everstrike Software

2009-03-21 10:52 37,376 a------- c:\windows\system32\VbVfw.dll

2009-03-21 10:40 721,168 a------- c:\windows\system32\VB40032.DLL

2009-03-21 10:40 60,416 a------- c:\windows\ST4UNST.EXE

2009-03-20 23:16 130,424 a------- c:\windows\system32\drivers\PCTCore.sys

2009-03-20 22:54 <DIR> --d----- c:\arquivos de programas\ASUS

2009-03-20 22:53 <DIR> --d----- c:\windows\AsDmiHtm

2009-03-19 19:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Malwarebytes

2009-03-19 19:08 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

2009-03-19 13:22 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys

2009-03-19 13:18 18,704 a----r-- c:\windows\system32\drivers\se59nd5.sys

2009-03-19 13:18 4,128 a----r-- c:\windows\system32\drivers\se59cr.sys

2009-03-19 13:18 90,800 a----r-- c:\windows\system32\drivers\se59unic.sys

2009-03-19 13:18 88,624 a----r-- c:\windows\system32\drivers\se59mgmt.sys

2009-03-19 13:18 86,432 a----r-- c:\windows\system32\drivers\se59obex.sys

2009-03-19 13:18 97,088 a----r-- c:\windows\system32\drivers\se59mdm.sys

2009-03-19 13:18 9,360 a----r-- c:\windows\system32\drivers\se59mdfl.sys

2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cmnt.sys

2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cm.sys

2009-03-19 13:18 61,536 a----r-- c:\windows\system32\drivers\se59bus.sys

2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59whnt.sys

2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59wh.sys

2009-03-19 12:55 54,156 a---h--- c:\windows\QTFont.qfn

2009-03-19 12:55 1,409 a------- c:\windows\QTFont.for

2009-03-19 11:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Teleca

2009-03-19 11:12 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Sony Ericsson

2009-03-19 11:07 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson

2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Sony Ericsson Shared

2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Teleca Shared

2009-03-19 11:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Teleca

2009-03-19 11:06 <DIR> --d----- c:\windows\Downloaded Installations

2009-03-18 09:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\IObit

2009-03-17 12:45 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\vsosdk

2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\xing shared

2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

2009-03-17 10:51 87,608 a------- c:\docume~1\hernani\dadosd~1\inst.exe

2009-03-17 10:51 47,360 a------- c:\windows\system32\drivers\pcouffin.sys

2009-03-17 10:51 47,360 a------- c:\docume~1\hernani\dadosd~1\pcouffin.sys

2009-03-17 10:51 217,127 a------- c:\windows\system32\drv43260.dll

2009-03-17 10:51 208,935 a------- c:\windows\system32\drv33260.dll

2009-03-17 10:51 102,439 a------- c:\windows\system32\sipr3260.dll

2009-03-17 10:51 626,688 a------- c:\windows\system32\vp7vfw.dll

2009-03-17 10:51 176,165 a------- c:\windows\system32\drv23260.dll

2009-03-17 10:51 65,602 a------- c:\windows\system32\cook3260.dll

2009-03-17 10:51 1,184,984 a------- c:\windows\system32\wvc1dmod.dll

2009-03-17 10:51 <DIR> --d----- c:\arquivos de programas\VSO

2009-03-16 23:25 410,984 a------- c:\windows\system32\deploytk.dll

2009-03-16 23:25 73,728 a------- c:\windows\system32\javacpl.cpl

2009-03-16 22:16 28,544 a------- c:\windows\system32\drivers\pavboot.sys

2009-03-16 22:15 <DIR> --d----- c:\arquivos de programas\Panda Security

2009-03-16 21:26 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

2009-03-16 20:34 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll

2009-03-16 20:34 467,984 a------- c:\windows\system32\d3dx10_39.dll

2009-03-16 20:33 3,851,784 a------- c:\windows\system32\D3DX9_39.dll

2009-03-16 20:33 2,414,360 a------- c:\windows\system32\d3dx9_31.dll

2009-03-16 20:33 <DIR> --d----- c:\windows\Logs

2009-03-16 20:33 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PassMark

2009-03-16 20:05 <DIR> --d----- c:\arquivos de programas\LSI SoftModem

2009-03-16 19:55 14,048 -------- c:\windows\system32\spmsg2.dll

2009-03-16 19:47 <DIR> --d----- c:\windows\system32\XPSViewer

2009-03-16 19:46 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll

2009-03-16 19:46 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-03-16 19:46 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll

2009-03-16 19:46 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-03-16 19:46 1,676,288 -------- c:\windows\system32\xpssvcs.dll

2009-03-16 19:46 575,488 -------- c:\windows\system32\xpsshhdr.dll

2009-03-16 19:46 117,760 -------- c:\windows\system32\prntvpt.dll

2009-03-16 19:33 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll

2009-03-16 19:33 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll

2009-03-16 19:33 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe

2009-03-16 19:33 1,024,000 -c------ c:\windows\system32\dllcache\ieframe.dll.mui

2009-03-16 19:33 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll

2009-03-16 19:33 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat

2009-03-16 19:33 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll

2009-03-16 19:33 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

2009-03-16 19:33 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll

2009-03-16 19:17 2,070,272 ac------ c:\windows\system32\dllcache\ntkrnlpa.exe

2009-03-16 19:17 2,193,408 ac------ c:\windows\system32\dllcache\ntoskrnl.exe

2009-03-16 19:16 172,032 ac------ c:\windows\system32\dllcache\scrrun.dll

2009-03-16 19:16 172,032 a------- c:\windows\system32\scrrun.dll

2009-03-16 18:51 <DIR> --d----- c:\windows\l2schemas

2009-03-16 18:51 <DIR> --d----- c:\windows\system32\bits

2009-03-16 18:48 <DIR> --d----- c:\windows\ServicePackFiles

2009-03-16 18:46 <DIR> --d----- c:\windows\network diagnostic

2009-03-16 18:31 1,309,184 ac------ c:\windows\system32\dllcache\mtlstrm.sys

2009-03-16 18:30 104,960 ac------ c:\windows\system32\dllcache\atinrvxx.sys

2009-03-16 18:14 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint

2009-03-16 18:12 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

2009-03-16 18:01 <DIR> --d----- c:\windows\system32\PreInstall

2009-03-16 17:58 31,768 a------- c:\windows\system32\wucltui.dll.mui

2009-03-16 17:58 18,968 a------- c:\windows\system32\wuaueng.dll.mui

2009-03-16 17:58 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui

2009-03-16 17:58 27,672 a------- c:\windows\system32\wuapi.dll.mui

2009-03-16 17:58 <DIR> --d----- c:\windows\system32\SoftwareDistribution

2009-03-16 17:08 32,592 a------- c:\windows\system32\msonpmon.dll

2009-03-16 17:00 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

2009-03-16 16:32 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Desktopicon

2009-03-16 15:53 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint 5.2

2009-03-16 14:52 <DIR> --d----- c:\windows\LastGood(2)

2009-03-16 12:14 81,408 a------- c:\windows\system32\devcon_x64.exe

2009-03-16 12:14 55,808 a------- c:\windows\system32\devcon.exe

2009-03-15 23:20 <DIR> --d----- c:\arquivos de programas\uTorrent

2009-03-15 23:20 <DIR> --d----- c:\docume~1\hernani\dadosd~1\uTorrent

2009-03-15 18:11 211 a--sh--- C:\BOOT.BKK

2009-03-15 15:07 <DIR> --d----- c:\windows\system32\NtmsData

2009-03-15 15:06 <DIR> --d----- c:\windows\system32\pt-br

2009-03-15 14:43 <DIR> --d----- c:\windows\$hf_mig$

2009-03-15 14:32 268 a---h--- C:\sqmdata05.sqm

2009-03-15 14:32 244 a---h--- C:\sqmnoopt05.sqm

2009-03-15 14:26 <DIR> --d----- c:\docume~1\hernani\dadosd~1\GlarySoft

2009-03-15 14:20 268 a---h--- C:\sqmdata04.sqm

2009-03-15 14:20 244 a---h--- C:\sqmnoopt04.sqm

2009-03-15 13:53 268 a---h--- C:\sqmdata03.sqm

2009-03-15 13:53 244 a---h--- C:\sqmnoopt03.sqm

2009-03-15 13:52 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Tools

2009-03-15 13:49 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys

2009-03-15 13:49 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys

2009-03-15 13:49 97,408 a------- c:\windows\system32\drivers\pctfw.sys

2009-03-15 13:49 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PC Tools

2009-03-15 13:49 95,640 a------- c:\windows\system32\drivers\pctplfw.sys

2009-03-15 13:42 <DIR> --d----- c:\docume~1\hernani\dadosd~1\SUPERAntiSpyware.com

2009-03-15 13:42 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SUPERAntiSpyware.com

2009-03-15 13:40 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PCToolsFirewallPlus

2009-03-15 11:05 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Drivers HeadQuarters

2009-03-15 06:57 421,888 a------- c:\windows\system32\ac3filter.acm

2009-03-15 06:55 69 a------- c:\windows\NeroDigital.ini

2009-03-14 23:45 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

2009-03-14 23:44 <DIR> --d----- c:\windows\system32\LogFiles

2009-03-14 23:44 26,488 a------- c:\windows\system32\spupdsvc.exe

2009-03-14 21:58 421 a------- c:\windows\ODBC.INI

2009-03-14 21:57 <DIR> --d----- c:\windows\ShellNew

2009-03-14 21:44 <DIR> --d-hr-- c:\documents and settings\hernani\Dados de aplicativos

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Modelos

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Configurações locais

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de rede

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de impressão

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Meus documentos

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Menu Iniciar

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Favoritos

2009-03-14 21:44 <DIR> --d----- c:\documents and settings\Hernani

2009-03-14 21:43 <DIR> --d----- c:\windows\system32\Microsoft

2009-03-14 21:41 28,288 ac------ c:\windows\system32\dllcache\xjis.nls

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winzm.ime

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winsp.ime

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winpy.ime

2009-03-14 21:41 79,360 ac------ c:\windows\system32\dllcache\winar30.ime

2009-03-14 21:41 72,704 ac------ c:\windows\system32\dllcache\wingb.ime

2009-03-14 21:41 65,536 ac------ c:\windows\system32\dllcache\winime.ime

2009-03-14 21:41 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll

2009-03-14 21:41 31,488 ac------ c:\windows\system32\dllcache\weitekp9.sys

2009-03-14 21:41 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll

2009-03-14 21:41 5,632 ac------ c:\windows\system32\dllcache\w3svapi.dll

2009-03-14 21:39 108,827 ac------ c:\windows\system32\dllcache\hanja.lex

2009-03-14 21:38 <DIR> --dsh--- c:\documents and settings\all users\DRM

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\Serviços on-line

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Messenger

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Windows NT

2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

2009-03-14 18:06 <DIR> --d-h--- c:\documents and settings\all users\Modelos

2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Documentos

2009-03-14 18:06 <DIR> --d----- c:\documents and settings\all users\Favoritos

2009-03-14 18:04 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

2009-03-14 13:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\Nero

2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

2009-03-14 13:07 <DIR> --d----- c:\arquivos de programas\Realtek

2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\VIA

2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

2009-03-14 12:50 <DIR> --d----- c:\arquivos de programas\MSN Messenger

==================== Find3M ====================

2009-03-26 21:08 33,808 a------- c:\windows\system32\drivers\klbg.sys

2009-03-23 23:44 471,376 a------- c:\windows\system32\perfh016.dat

2009-03-23 23:44 80,198 a------- c:\windows\system32\perfc016.dat

2009-03-21 20:20 107 ---sh--- c:\arquivos de programas\Desktop.ini

2009-03-17 12:05 348,160 a------- c:\windows\system32\msvcr71.dll

2009-03-17 12:05 499,712 a------- c:\windows\system32\msvcp71.dll

2009-03-14 22:14 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

2009-03-14 21:36 21,844 a------- c:\windows\system32\emptyregdb.dat

2009-03-10 22:18 265,096 -------- c:\windows\system32\SETC.tmp

2009-02-09 15:56 67,584 a------- c:\windows\system32\ff_vfw.dll

2009-02-09 11:06 1,846,912 a------- c:\windows\system32\win32k.sys

2009-01-07 15:14 60,273 a------- c:\windows\system32\pthreadGC2.dll

============= FINISH: 0:43:02,20 ===============

GMER 1.0.15.14944 - http://www.gmer.net

Rootkit scan 2009-03-27 07:32:12

Windows 5.1.2600 Service Pack 3

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwAdjustPrivilegesToken [0xAA57C1DA]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwAllocateVirtualMemory [0xA9E73B94]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwAssignProcessToJobObject [0xA9E73586]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwClose [0xAA57C7AE]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwConnectPort [0xA9E735DA]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateFile [0xA9E73640]

SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateKey [0xF8374506]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateProcess [0xA9E7372E]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateProcessEx [0xA9E737BA]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xAA57FB7C]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateThread [0xA9E7384A]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDebugActiveProcess [0xA9E73980]

SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteKey [0xF8374CC8]

SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteValueKey [0xF8374F88]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeviceIoControlFile [0xAA57DEAC]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDuplicateObject [0xA9E739D4]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateKey [0xAA57C0A8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateValueKey [0xAA57C110]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwFsControlFile [0xAA57DD5E]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwLoadDriver [0xA9E73A3A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenFile [0xAA57D9F8]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenKey [0xA9E73A8C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenProcess [0xAA57C3B2]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenSection [0xA9E73AE4]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenThread [0xA9E73B3C]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwProtectVirtualMemory [0xA9E73BFA]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryKey [0xAA57C178]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryMultipleValueKey [0xAA57BE7C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryValueKey [0xAA57BC5A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueueApcThread [0xAA57F888]

SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwRenameKey [0xF83753EC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwReplaceKey [0xAA57B5D2]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRequestWaitReplyPort [0xAA57EA74]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRestoreKey [0xAA57B734]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwResumeThread [0xA9E73CB6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSaveKey [0xAA57B3D0]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSecureConnectPort [0xA9E73D74]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetContextThread [0xAA57C6AC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSecurityObject [0xAA57F71A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSystemInformation [0xAA57FBD0]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSetValueKey [0xA9E73D08]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSuspendProcess [0xA9E73DDE]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSuspendThread [0xAA57FDE0]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSystemDebugControl [0xA9E73E30]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwTerminateProcess [0xA9E73E90]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwWriteVirtualMemory [0xA9E73EF4]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) FsRtlCheckLockForReadAccess

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP AA593626 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)

.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP AA5939E0 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)

.text ntkrnlpa.exe!ZwCallbackReturn + 2CC8 80504564 6 Bytes [88, 4F, 37, F8, AC, DE]

.text ntkrnlpa.exe!ZwCallbackReturn + 2D14 805045B0 2 Bytes [5E, DD]

.text ntkrnlpa.exe!ZwCallbackReturn + 2D94 80504630 2 Bytes [F8, D9]

.text ntkrnlpa.exe!ZwCallbackReturn + 2EE4 80504780 4 Bytes JMP 83D8AA57

.text ntkrnlpa.exe!ZwCallbackReturn + 2FB8 80504854 12 Bytes [DE, 3D, E7, A9, E0, FD, 57, ...] {FIDIVR WORD [0xfde0a9e7]; PUSH EDI; STOSB ; XOR [ESI], BH; OUT 0xa9, EAX}

? C:\WINDOWS\system32\Drivers\mchInjDrv.sys O sistema não pode encontrar o arquivo especificado. !

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\csrss.exe[772] KERNEL32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 01270001

.text C:\WINDOWS\system32\winlogon.exe[796] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 015D0001

.text C:\WINDOWS\system32\services.exe[840] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00FF0001

.text C:\WINDOWS\system32\lsass.exe[852] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00CF0001

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00E00001

.text ...

.text C:\WINDOWS\system32\wscntfy.exe[1388] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

.text C:\WINDOWS\system32\spoolsv.exe[1416] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00EA0001

.text C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe[1460] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00900001

? D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[1472] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[1472] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }

.text C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe[1504] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 005C0001

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1528] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 01F70001

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe[1560] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00950001

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[1576] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00790001

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[1576] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FWService.exe[1596] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 04820001

.text C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe[1728] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 010B0001

.text C:\WINDOWS\System32\alg.exe[2252] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00710001

.text C:\WINDOWS\System32\alg.exe[2252] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

.text C:\WINDOWS\Explorer.EXE[2552] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00D90001

.text C:\WINDOWS\Explorer.EXE[2552] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FirewallGUI.exe[2708] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00DE0001

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FirewallGUI.exe[2708] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

.text C:\WINDOWS\system32\svchost.exe[2888] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00690001

.text C:\WINDOWS\system32\svchost.exe[2888] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

? D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00B40001

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!ChangeDisplaySettingsExA 7E37384E 6 Bytes JMP 5F15001E

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetForegroundWindow 7E3742ED 6 Bytes JMP 5F0E001E

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetWindowsHookExW 7E37820F 6 Bytes JMP 5F0B001E

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetWindowPos 7E3799F3 3 Bytes [FF, 25, 1E]

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetWindowPos + 4 7E3799F7 2 Bytes [12, 5F]

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetWindowsHookExA 7E381211 6 Bytes JMP 5F05001E

.text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!ChangeDisplaySettingsExW 7E3A95BD 6 Bytes JMP 5F18001E

.text C:\WINDOWS\system32\ctfmon.exe[3036] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00B00001

.text C:\WINDOWS\system32\ctfmon.exe[3036] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

.text D:\ARQUIVOS DE PROGRAMAS\Limpadores\Trash it!\Trash it Scheduler.exe[3044] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00F20001

.text D:\ARQUIVOS DE PROGRAMAS\Limpadores\Trash it!\Trash it Scheduler.exe[3044] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

.text D:\DOWNLOADS\gmer\gmer.exe[3316] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [F7D8C530] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [F7D8C530] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs LF30XP.sys

Device \FileSystem\Mup \Dfs LF30XP.sys

Device \FileSystem\InCDfs \InCDFsDisk LF30XP.sys

AttachedDevice \Driver\Tcpip \Device\Ip pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

Device \Driver\AgereSoftModem \Device\AgereModem5 LF30XP.sys

Device \Driver\Serial \Device\Serial0 LF30XP.sys

Device \FileSystem\RAW \Device\RawTape LF30XP.sys

Device \Driver\rdpdr \Device\RdpDrPort LF30XP.sys

AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

AttachedDevice \Driver\Tcpip \Device\Tcp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

Device \Driver\Parport \Device\ParallelPort0 LF30XP.sys

Device \Driver\ParVdm \Device\ParallelVdm0 LF30XP.sys

Device \Driver\rdpdr \Device\RdpDr LF30XP.sys

Device \FileSystem\Rdbss \Device\FsWrap LF30XP.sys

Device \Driver\Parport \Device\Parallel0 LF30XP.sys

Device \FileSystem\InCDfs \Device\InCDfsComm LF30XP.sys

Device \FileSystem\Mup \Device\Mup LF30XP.sys

AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

AttachedDevice \Driver\Tcpip \Device\Udp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

AttachedDevice \Driver\Tcpip \Device\RawIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

Device \FileSystem\RAW \Device\RawDisk LF30XP.sys

Device \Driver\Ptilink \Device\ParTechInc0 LF30XP.sys

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver LF30XP.sys

Device \FileSystem\MRxSmb \Device\LanmanRedirector LF30XP.sys

Device \FileSystem\Npfs \Device\NamedPipe LF30XP.sys

Device \FileSystem\Msfs \Device\Mailslot LF30XP.sys

Device \Driver\AFD \Device\Afd LF30XP.sys

Device \FileSystem\RAW \Device\RawCdRom LF30XP.sys

Device \Driver\AgereSoftModem \Device\AGRSM_xface LF30XP.sys

Device \FileSystem\Mup \Device\WinDfs\Root LF30XP.sys

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer LF30XP.sys

Device \FileSystem\KLIF \FileSystem\Filters\KLIF LF30XP.sys

Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer LF30XP.sys

Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer LF30XP.sys

Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer LF30XP.sys

Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer LF30XP.sys

Device \FileSystem\InCDfs \GLOBAL??\BsUDF LF30XP.sys

Device \FileSystem\Cdfs \Cdfs LF30XP.sys

---- Files - GMER 1.0.15 ----

File D:\DOWNLOADS\Filmes Convertidos\big bubble butt brazilian orgy 7.avi -638082366 bytes

File D:\DOWNLOADS\BB 0 bytes

File D:\DOWNLOADS\BB\01.wmv 34124574 bytes

File D:\DOWNLOADS\BB\02.wmv 38660794 bytes

File D:\DOWNLOADS\BB\03.wmv 42908968 bytes

File D:\DOWNLOADS\BB\04.wmv 42300944 bytes

File D:\DOWNLOADS\BB\05.wmv 51453328 bytes

File D:\DOWNLOADS\BB\06.wmv 42956974 bytes

File D:\DOWNLOADS\BB\07.wmv 38412782 bytes

File D:\DOWNLOADS\BB\08.wmv 41204902 bytes

File D:\DOWNLOADS\BB\syl_02-joined.wmv 331251644 bytes

File D:\DOWNLOADS\BB\Thumbs.db 49152 bytes

---- EOF - GMER 1.0.15 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Seu log não apresenta sinais de malwares.

Baixe o ATF-Cleaner.

  • Clique em ATF-Cleaner.exe .
  • Em "Select Files To Delete", marque Select All.
  • Clique em Empty Selected.
  • Na janela Done Cleaning dê o OK e Exit.

Atenção: Se utiliza o Firefox:

  • No topo clique em Firefox e escolha: Select All
  • Depois, clique em Empty Selected.

Atenção: Se utiliza o Opera:

  • No topo clique em Opera e escolha: Select All
  • Depois, clique em Empty Selected.

Temporariamente desactive o seu anti-virus!

Faça um Online Scan em Eset Online Scanner

  • Nota: Apenas compatível com o Internet Explorer
  • Marque a caixa "SIM, aceito as condições de uso"
  • Clique no botão "Iniciar"
  • Marque a caixa "YES, I accept the Terms of Use".
  • Clique no botão Start.
  • Quando perguntado, aceite a licença e instale o contolor ActiveX.
  • Certifique-se que a opção "Remove found threats" não está marcada e a opção "Scan unwanted applications" está marcada.
  • Na sua próxima resposta, gere e cole um novo log do DDS e o resultado do scan (C:\Program Files\EsetOnlineScanner\log.txt)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigado pela rapidez das respostas... Muito Bom!!!!

Segue abaixo os logs solicitados:

DDS (Ver_09-03-16.01) - NTFSx86

Run by Hernani at 11:53:53,50 on s*b 28/03/2009

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.507.197 [GMT -3:00]

AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)

FW: Kaspersky Internet Security *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe

C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\SpyEmergency\Spy Emergency 2008\SpyEmergencySrv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\WINDOWS\system32\ctfmon.exe

D:\ARQUIVOS DE PROGRAMAS\NetVirtua.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

D:\DOWNLOADS\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ievkbd.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [spyEmergency] "d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergency.exe"

mRun: [AVP] "d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe"

mPolicies-system: HideFastUserSwitching = 0 (0x0)

IE: "Adicionar ao Bloqueador de banner de anúncio" - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000

IE: E&xportar para o Microsoft Excel

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\SCIEPlgn.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237237095484

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~2\office12\GR99D3~1.DLL

Notify: igfxcui - igfxdev.dll

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: d:\arquiv~1\segura~1\kis800~1.506\mzvkbd.dll,d:\arquiv~1\segura~1\kis800~1.506\mzvkbd3.dll,d:\arquiv~1\segura~1\kis800~1.506\adialhk.dll,d:\arquiv~1\segura~1\kis800~1.506\kloehk.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hernani\dadosd~1\mozilla\firefox\profiles\twmmii6j.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/ig?hl=pt-BR&source=iglk

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nppl3260.dll

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprjplug.dll

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprpjplug.dll

---- FIREFOX POLICIES ----

d:\arquivos de programas\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-16 28544]

R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-27 226832]

R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [2009-3-27 12344]

R2 AVP;Kaspersky Internet Security;d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe [2008-11-11 206088]

R2 LF30FS;LF30FS;d:\arquivos de programas\segurança\lockfolder\LF30XP.sys [2004-11-19 101488]

R2 SpyEmrgSrv;Spy Emergency Engine Service;d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergencySrv.exe [2009-3-27 694840]

R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]

R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [2009-3-27 14392]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-14 222976]

S3 pctplsg;pctplsg; [x]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]

S3 TfNetMon;TfNetMon; [x]

S4 a2free;a-squared Free Service;d:\arquivos de programas\segurança\a-squared free\a2service.exe [2009-3-7 425080]

=============== Created Last 30 ================

2009-03-28 11:09 <DIR> --d----- c:\arquivos de programas\EsetOnlineScanner

2009-03-28 09:49 218 a------- c:\windows\sremcon_winlogon.dat

2009-03-28 09:49 181 a------- c:\windows\sremcon_startup.dat

2009-03-27 22:12 3,840 a------- c:\windows\sremcon_drivers.dat

2009-03-27 22:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Se Analyzer Tool SA

2009-03-27 21:59 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Spy Emergency

2009-03-27 21:59 23,096 a------- c:\windows\system32\sremcon.exe

2009-03-27 21:59 14,392 a------- c:\windows\system32\drivers\spyemrg_guard.sys

2009-03-27 21:59 12,344 a------- c:\windows\system32\drivers\spyemrg.sys

2009-03-27 21:59 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\NETGATE

2009-03-27 21:21 101,287 a------- c:\windows\system32\drivers\klin.dat

2009-03-27 21:21 89,601 a------- c:\windows\system32\drivers\klick.dat

2009-03-27 21:20 1,964,064 a--sh--- c:\windows\system32\drivers\fidbox.dat

2009-03-27 21:20 311,328 a--sh--- c:\windows\system32\drivers\fidbox2.dat

2009-03-27 21:20 17,472 a--sh--- c:\windows\system32\drivers\fidbox.idx

2009-03-27 21:20 3,192 a--sh--- c:\windows\system32\drivers\fidbox2.idx

2009-03-27 21:20 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab

2009-03-27 18:48 691,712 a------- c:\windows\is-CP01N.exe

2009-03-27 18:48 11,868 a------- c:\windows\is-CP01N.msg

2009-03-27 18:48 267 a------- c:\windows\is-CP01N.lst

2009-03-27 17:50 <DIR> --d----- c:\windows\PIF

2009-03-27 16:14 268 a------- c:\windows\is-UL41U.lst

2009-03-27 16:14 691,712 a------- c:\windows\is-UL41U.exe

2009-03-27 16:14 11,868 a------- c:\windows\is-UL41U.msg

2009-03-26 22:14 691,712 a------- c:\windows\is-HUAAE.exe

2009-03-26 22:14 11,868 a------- c:\windows\is-HUAAE.msg

2009-03-26 22:14 268 a------- c:\windows\is-HUAAE.lst

2009-03-26 22:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PC Tools

2009-03-26 21:26 189,102 a------- C:\1current.trs

2009-03-26 21:22 24,364,032 a------- C:\current.trs

2009-03-26 20:22 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files

2009-03-26 18:32 <DIR> --d----- c:\windows\LastGood.Tmp

2009-03-25 16:45 5,632 ac------ c:\windows\system32\dllcache\kbdheb.dll

2009-03-25 16:41 18,688 ac------ c:\windows\system32\dllcache\irsir.sys

2009-03-25 16:40 28,672 ac------ c:\windows\system32\dllcache\irmon.dll

2009-03-25 16:25 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll

2009-03-25 16:19 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll

2009-03-25 16:12 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll

2009-03-25 16:08 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys

2009-03-25 13:22 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll

2009-03-25 13:22 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll

2009-03-25 13:22 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll

2009-03-25 13:22 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe

2009-03-25 13:22 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe

2009-03-25 13:22 99,865 ac------ c:\windows\system32\dllcache\xlog.exe

2009-03-25 13:22 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys

2009-03-25 13:22 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys

2009-03-25 13:22 19,200 ac------ c:\windows\system32\dllcache\wstcodec.sys

2009-03-25 13:22 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys

2009-03-25 13:22 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll

2009-03-25 13:20 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

2009-03-25 13:19 17,024 ac------ c:\windows\system32\dllcache\stcusb.sys

2009-03-25 13:18 161,632 ac------ c:\windows\system32\dllcache\sgsmusb.sys

2009-03-25 13:17 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys

2009-03-25 13:16 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe

2009-03-25 13:15 5,504 ac------ c:\windows\system32\dllcache\mstee.sys

2009-03-25 13:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys

2009-03-25 13:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys

2009-03-25 13:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys

2009-03-25 13:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys

2009-03-25 13:14 35,200 ac------ c:\windows\system32\dllcache\msgame.sys

2009-03-25 13:14 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys

2009-03-25 13:14 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax

2009-03-25 13:14 51,200 ac------ c:\windows\system32\dllcache\msdv.sys

2009-03-25 13:14 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys

2009-03-25 13:14 15,232 ac------ c:\windows\system32\dllcache\mpe.sys

2009-03-25 13:14 12,288 ac------ c:\windows\system32\dllcache\mouhid.sys

2009-03-25 13:14 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys

2009-03-25 13:12 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys

2009-03-25 13:11 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll

2009-03-25 13:10 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll

2009-03-25 13:09 907,904 ac------ c:\windows\system32\dllcache\hcf_msft.sys

2009-03-25 13:08 347,966 ac------ c:\windows\system32\dllcache\es56tpi.sys

2009-03-25 13:07 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys

2009-03-25 13:06 28,672 ac------ c:\windows\system32\dllcache\cyycoins.dll

2009-03-25 13:05 13,952 ac------ c:\windows\system32\dllcache\cmbatt.sys

2009-03-25 13:04 14,080 ac------ c:\windows\system32\dllcache\bulltlp3.sys

2009-03-25 13:03 96,128 ac------ c:\windows\system32\dllcache\ati.dll

2009-03-25 13:02 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll

2009-03-25 11:31 8 a------- c:\windows\scanreg.ini

2009-03-25 11:04 <DIR> --d----- c:\windows\MindSoft Utilities 2009 for Windows XP

2009-03-24 11:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SWF Studio

2009-03-24 11:02 <DIR> --d----- c:\docume~1\hernani\dadosd~1\KeePass

2009-03-24 11:01 <DIR> --d-h--- C:\89a93d7abf118d1e5a5d

2009-03-24 11:01 <DIR> --d-h--- C:\4fce31b89cfde0a00e4386baa9baec6d

2009-03-24 11:01 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\IconTweaker

2009-03-23 21:31 147,456 a------- c:\windows\system32\igfxCoIn_v5009.dll

2009-03-23 21:16 53,248 a------- c:\windows\system32\CSVer.dll

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH3

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH2

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH1

2009-03-22 23:53 <DIR> --d----- c:\documents and settings\hernani\Contacts

2009-03-22 18:30 720,896 a------- c:\windows\iun6002.exe

2009-03-22 16:11 <DIR> --d----- c:\windows\pss

2009-03-22 00:36 <DIR> --d----- c:\windows\system32\GroupPolicy

2009-03-22 00:25 39 a------- C:\ntosboot.bat

2009-03-21 13:58 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Everstrike Software

2009-03-21 10:52 37,376 a------- c:\windows\system32\VbVfw.dll

2009-03-21 10:40 721,168 a------- c:\windows\system32\VB40032.DLL

2009-03-21 10:40 60,416 a------- c:\windows\ST4UNST.EXE

2009-03-20 22:54 <DIR> --d----- c:\arquivos de programas\ASUS

2009-03-20 22:53 <DIR> --d----- c:\windows\AsDmiHtm

2009-03-19 19:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Malwarebytes

2009-03-19 19:08 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

2009-03-19 13:22 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys

2009-03-19 13:18 18,704 a----r-- c:\windows\system32\drivers\se59nd5.sys

2009-03-19 13:18 4,128 a----r-- c:\windows\system32\drivers\se59cr.sys

2009-03-19 13:18 90,800 a----r-- c:\windows\system32\drivers\se59unic.sys

2009-03-19 13:18 88,624 a----r-- c:\windows\system32\drivers\se59mgmt.sys

2009-03-19 13:18 86,432 a----r-- c:\windows\system32\drivers\se59obex.sys

2009-03-19 13:18 97,088 a----r-- c:\windows\system32\drivers\se59mdm.sys

2009-03-19 13:18 9,360 a----r-- c:\windows\system32\drivers\se59mdfl.sys

2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cmnt.sys

2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cm.sys

2009-03-19 13:18 61,536 a----r-- c:\windows\system32\drivers\se59bus.sys

2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59whnt.sys

2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59wh.sys

2009-03-19 12:55 54,156 a---h--- c:\windows\QTFont.qfn

2009-03-19 12:55 1,409 a------- c:\windows\QTFont.for

2009-03-19 11:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Teleca

2009-03-19 11:12 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Sony Ericsson

2009-03-19 11:07 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson

2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Sony Ericsson Shared

2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Teleca Shared

2009-03-19 11:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Teleca

2009-03-19 11:06 <DIR> --d----- c:\windows\Downloaded Installations

2009-03-18 09:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\IObit

2009-03-17 12:45 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\vsosdk

2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\xing shared

2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

2009-03-17 10:51 87,608 a------- c:\docume~1\hernani\dadosd~1\inst.exe

2009-03-17 10:51 47,360 a------- c:\windows\system32\drivers\pcouffin.sys

2009-03-17 10:51 47,360 a------- c:\docume~1\hernani\dadosd~1\pcouffin.sys

2009-03-17 10:51 217,127 a------- c:\windows\system32\drv43260.dll

2009-03-17 10:51 208,935 a------- c:\windows\system32\drv33260.dll

2009-03-17 10:51 102,439 a------- c:\windows\system32\sipr3260.dll

2009-03-17 10:51 626,688 a------- c:\windows\system32\vp7vfw.dll

2009-03-17 10:51 176,165 a------- c:\windows\system32\drv23260.dll

2009-03-17 10:51 65,602 a------- c:\windows\system32\cook3260.dll

2009-03-17 10:51 1,184,984 a------- c:\windows\system32\wvc1dmod.dll

2009-03-17 10:51 <DIR> --d----- c:\arquivos de programas\VSO

2009-03-16 23:25 410,984 a------- c:\windows\system32\deploytk.dll

2009-03-16 23:25 73,728 a------- c:\windows\system32\javacpl.cpl

2009-03-16 22:16 28,544 a------- c:\windows\system32\drivers\pavboot.sys

2009-03-16 22:15 <DIR> --d----- c:\arquivos de programas\Panda Security

2009-03-16 21:26 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

2009-03-16 20:34 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll

2009-03-16 20:34 467,984 a------- c:\windows\system32\d3dx10_39.dll

2009-03-16 20:33 3,851,784 a------- c:\windows\system32\D3DX9_39.dll

2009-03-16 20:33 2,414,360 a------- c:\windows\system32\d3dx9_31.dll

2009-03-16 20:33 <DIR> --d----- c:\windows\Logs

2009-03-16 20:33 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PassMark

2009-03-16 20:05 <DIR> --d----- c:\arquivos de programas\LSI SoftModem

2009-03-16 19:55 14,048 -------- c:\windows\system32\spmsg2.dll

2009-03-16 19:47 <DIR> --d----- c:\windows\system32\XPSViewer

2009-03-16 19:46 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll

2009-03-16 19:46 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-03-16 19:46 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll

2009-03-16 19:46 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-03-16 19:46 1,676,288 -------- c:\windows\system32\xpssvcs.dll

2009-03-16 19:46 575,488 -------- c:\windows\system32\xpsshhdr.dll

2009-03-16 19:46 117,760 -------- c:\windows\system32\prntvpt.dll

2009-03-16 19:33 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll

2009-03-16 19:33 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll

2009-03-16 19:33 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe

2009-03-16 19:33 1,024,000 -c------ c:\windows\system32\dllcache\ieframe.dll.mui

2009-03-16 19:33 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll

2009-03-16 19:33 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat

2009-03-16 19:33 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll

2009-03-16 19:33 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

2009-03-16 19:33 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll

2009-03-16 19:17 2,070,272 ac------ c:\windows\system32\dllcache\ntkrnlpa.exe

2009-03-16 19:17 2,193,408 ac------ c:\windows\system32\dllcache\ntoskrnl.exe

2009-03-16 19:16 172,032 ac------ c:\windows\system32\dllcache\scrrun.dll

2009-03-16 19:16 172,032 a------- c:\windows\system32\scrrun.dll

2009-03-16 18:51 <DIR> --d----- c:\windows\l2schemas

2009-03-16 18:51 <DIR> --d----- c:\windows\system32\bits

2009-03-16 18:48 <DIR> --d----- c:\windows\ServicePackFiles

2009-03-16 18:46 <DIR> --d----- c:\windows\network diagnostic

2009-03-16 18:31 1,309,184 ac------ c:\windows\system32\dllcache\mtlstrm.sys

2009-03-16 18:30 104,960 ac------ c:\windows\system32\dllcache\atinrvxx.sys

2009-03-16 18:14 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint

2009-03-16 18:12 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

2009-03-16 18:01 <DIR> --d----- c:\windows\system32\PreInstall

2009-03-16 17:58 31,768 a------- c:\windows\system32\wucltui.dll.mui

2009-03-16 17:58 18,968 a------- c:\windows\system32\wuaueng.dll.mui

2009-03-16 17:58 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui

2009-03-16 17:58 27,672 a------- c:\windows\system32\wuapi.dll.mui

2009-03-16 17:58 <DIR> --d----- c:\windows\system32\SoftwareDistribution

2009-03-16 17:08 32,592 a------- c:\windows\system32\msonpmon.dll

2009-03-16 17:00 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

2009-03-16 16:32 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Desktopicon

2009-03-16 15:53 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint 5.2

2009-03-16 14:52 <DIR> --d----- c:\windows\LastGood(2)

2009-03-16 12:14 81,408 a------- c:\windows\system32\devcon_x64.exe

2009-03-16 12:14 55,808 a------- c:\windows\system32\devcon.exe

2009-03-15 23:20 <DIR> --d----- c:\arquivos de programas\uTorrent

2009-03-15 23:20 <DIR> --d----- c:\docume~1\hernani\dadosd~1\uTorrent

2009-03-15 18:11 211 a--sh--- C:\BOOT.BKK

2009-03-15 15:07 <DIR> --d----- c:\windows\system32\NtmsData

2009-03-15 15:06 <DIR> --d----- c:\windows\system32\pt-br

2009-03-15 14:43 <DIR> --d----- c:\windows\$hf_mig$

2009-03-15 14:32 268 a---h--- C:\sqmdata05.sqm

2009-03-15 14:32 244 a---h--- C:\sqmnoopt05.sqm

2009-03-15 14:26 <DIR> --d----- c:\docume~1\hernani\dadosd~1\GlarySoft

2009-03-15 14:20 268 a---h--- C:\sqmdata04.sqm

2009-03-15 14:20 244 a---h--- C:\sqmnoopt04.sqm

2009-03-15 13:53 268 a---h--- C:\sqmdata03.sqm

2009-03-15 13:53 244 a---h--- C:\sqmnoopt03.sqm

2009-03-15 13:52 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Tools

2009-03-15 13:49 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PC Tools

2009-03-15 13:42 <DIR> --d----- c:\docume~1\hernani\dadosd~1\SUPERAntiSpyware.com

2009-03-15 13:42 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SUPERAntiSpyware.com

2009-03-15 13:40 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PCToolsFirewallPlus

2009-03-15 11:05 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Drivers HeadQuarters

2009-03-15 06:57 421,888 a------- c:\windows\system32\ac3filter.acm

2009-03-15 06:55 69 a------- c:\windows\NeroDigital.ini

2009-03-14 23:45 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

2009-03-14 23:44 <DIR> --d----- c:\windows\system32\LogFiles

2009-03-14 23:44 26,488 a------- c:\windows\system32\spupdsvc.exe

2009-03-14 21:58 421 a------- c:\windows\ODBC.INI

2009-03-14 21:57 <DIR> --d----- c:\windows\ShellNew

2009-03-14 21:44 <DIR> --d-hr-- c:\documents and settings\hernani\Dados de aplicativos

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Modelos

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Configurações locais

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de rede

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de impressão

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Meus documentos

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Menu Iniciar

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Favoritos

2009-03-14 21:44 <DIR> --d----- c:\documents and settings\Hernani

2009-03-14 21:43 <DIR> --d----- c:\windows\system32\Microsoft

2009-03-14 21:41 28,288 ac------ c:\windows\system32\dllcache\xjis.nls

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winzm.ime

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winsp.ime

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winpy.ime

2009-03-14 21:41 79,360 ac------ c:\windows\system32\dllcache\winar30.ime

2009-03-14 21:41 72,704 ac------ c:\windows\system32\dllcache\wingb.ime

2009-03-14 21:41 65,536 ac------ c:\windows\system32\dllcache\winime.ime

2009-03-14 21:41 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll

2009-03-14 21:41 31,488 ac------ c:\windows\system32\dllcache\weitekp9.sys

2009-03-14 21:41 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll

2009-03-14 21:41 5,632 ac------ c:\windows\system32\dllcache\w3svapi.dll

2009-03-14 21:39 108,827 ac------ c:\windows\system32\dllcache\hanja.lex

2009-03-14 21:38 <DIR> --dsh--- c:\documents and settings\all users\DRM

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\Serviços on-line

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Messenger

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Windows NT

2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

2009-03-14 18:06 <DIR> --d-h--- c:\documents and settings\all users\Modelos

2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Documentos

2009-03-14 18:06 <DIR> --d----- c:\documents and settings\all users\Favoritos

2009-03-14 18:04 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

2009-03-14 13:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\Nero

2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

2009-03-14 13:07 <DIR> --d----- c:\arquivos de programas\Realtek

2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\VIA

2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

2009-03-14 12:50 <DIR> --d----- c:\arquivos de programas\MSN Messenger

==================== Find3M ====================

2009-03-27 21:34 33,808 a------- c:\windows\system32\drivers\klbg.sys

2009-03-23 23:44 471,376 a------- c:\windows\system32\perfh016.dat

2009-03-23 23:44 80,198 a------- c:\windows\system32\perfc016.dat

2009-03-21 20:20 107 ---sh--- c:\arquivos de programas\Desktop.ini

2009-03-17 12:05 348,160 a------- c:\windows\system32\msvcr71.dll

2009-03-17 12:05 499,712 a------- c:\windows\system32\msvcp71.dll

2009-03-14 22:14 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

2009-03-14 21:36 21,844 a------- c:\windows\system32\emptyregdb.dat

2009-02-09 15:56 67,584 a------- c:\windows\system32\ff_vfw.dll

2009-02-09 11:06 1,846,912 a------- c:\windows\system32\win32k.sys

2009-01-07 15:14 60,273 a------- c:\windows\system32\pthreadGC2.dll

============= FINISH: 11:54:43,68 ===============

DDS (Ver_09-03-16.01) - NTFSx86

Run by Hernani at 11:53:53,50 on s*b 28/03/2009

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.507.197 [GMT -3:00]

AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)

FW: Kaspersky Internet Security *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe

C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\SpyEmergency\Spy Emergency 2008\SpyEmergencySrv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\WINDOWS\system32\ctfmon.exe

D:\ARQUIVOS DE PROGRAMAS\NetVirtua.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

D:\DOWNLOADS\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ievkbd.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [spyEmergency] "d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergency.exe"

mRun: [AVP] "d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe"

mPolicies-system: HideFastUserSwitching = 0 (0x0)

IE: "Adicionar ao Bloqueador de banner de anúncio" - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000

IE: E&xportar para o Microsoft Excel

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\SCIEPlgn.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237237095484

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~2\office12\GR99D3~1.DLL

Notify: igfxcui - igfxdev.dll

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: d:\arquiv~1\segura~1\kis800~1.506\mzvkbd.dll,d:\arquiv~1\segura~1\kis800~1.506\mzvkbd3.dll,d:\arquiv~1\segura~1\kis800~1.506\adialhk.dll,d:\arquiv~1\segura~1\kis800~1.506\kloehk.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hernani\dadosd~1\mozilla\firefox\profiles\twmmii6j.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/ig?hl=pt-BR&source=iglk

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nppl3260.dll

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprjplug.dll

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprpjplug.dll

---- FIREFOX POLICIES ----

d:\arquivos de programas\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-16 28544]

R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-27 226832]

R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [2009-3-27 12344]

R2 AVP;Kaspersky Internet Security;d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe [2008-11-11 206088]

R2 LF30FS;LF30FS;d:\arquivos de programas\segurança\lockfolder\LF30XP.sys [2004-11-19 101488]

R2 SpyEmrgSrv;Spy Emergency Engine Service;d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergencySrv.exe [2009-3-27 694840]

R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]

R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [2009-3-27 14392]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-14 222976]

S3 pctplsg;pctplsg; [x]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]

S3 TfNetMon;TfNetMon; [x]

S4 a2free;a-squared Free Service;d:\arquivos de programas\segurança\a-squared free\a2service.exe [2009-3-7 425080]

=============== Created Last 30 ================

2009-03-28 11:09 <DIR> --d----- c:\arquivos de programas\EsetOnlineScanner

2009-03-28 09:49 218 a------- c:\windows\sremcon_winlogon.dat

2009-03-28 09:49 181 a------- c:\windows\sremcon_startup.dat

2009-03-27 22:12 3,840 a------- c:\windows\sremcon_drivers.dat

2009-03-27 22:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Se Analyzer Tool SA

2009-03-27 21:59 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Spy Emergency

2009-03-27 21:59 23,096 a------- c:\windows\system32\sremcon.exe

2009-03-27 21:59 14,392 a------- c:\windows\system32\drivers\spyemrg_guard.sys

2009-03-27 21:59 12,344 a------- c:\windows\system32\drivers\spyemrg.sys

2009-03-27 21:59 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\NETGATE

2009-03-27 21:21 101,287 a------- c:\windows\system32\drivers\klin.dat

2009-03-27 21:21 89,601 a------- c:\windows\system32\drivers\klick.dat

2009-03-27 21:20 1,964,064 a--sh--- c:\windows\system32\drivers\fidbox.dat

2009-03-27 21:20 311,328 a--sh--- c:\windows\system32\drivers\fidbox2.dat

2009-03-27 21:20 17,472 a--sh--- c:\windows\system32\drivers\fidbox.idx

2009-03-27 21:20 3,192 a--sh--- c:\windows\system32\drivers\fidbox2.idx

2009-03-27 21:20 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab

2009-03-27 18:48 691,712 a------- c:\windows\is-CP01N.exe

2009-03-27 18:48 11,868 a------- c:\windows\is-CP01N.msg

2009-03-27 18:48 267 a------- c:\windows\is-CP01N.lst

2009-03-27 17:50 <DIR> --d----- c:\windows\PIF

2009-03-27 16:14 268 a------- c:\windows\is-UL41U.lst

2009-03-27 16:14 691,712 a------- c:\windows\is-UL41U.exe

2009-03-27 16:14 11,868 a------- c:\windows\is-UL41U.msg

2009-03-26 22:14 691,712 a------- c:\windows\is-HUAAE.exe

2009-03-26 22:14 11,868 a------- c:\windows\is-HUAAE.msg

2009-03-26 22:14 268 a------- c:\windows\is-HUAAE.lst

2009-03-26 22:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PC Tools

2009-03-26 21:26 189,102 a------- C:\1current.trs

2009-03-26 21:22 24,364,032 a------- C:\current.trs

2009-03-26 20:22 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files

2009-03-26 18:32 <DIR> --d----- c:\windows\LastGood.Tmp

2009-03-25 16:45 5,632 ac------ c:\windows\system32\dllcache\kbdheb.dll

2009-03-25 16:41 18,688 ac------ c:\windows\system32\dllcache\irsir.sys

2009-03-25 16:40 28,672 ac------ c:\windows\system32\dllcache\irmon.dll

2009-03-25 16:25 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll

2009-03-25 16:19 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll

2009-03-25 16:12 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll

2009-03-25 16:08 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys

2009-03-25 13:22 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll

2009-03-25 13:22 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll

2009-03-25 13:22 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll

2009-03-25 13:22 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe

2009-03-25 13:22 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe

2009-03-25 13:22 99,865 ac------ c:\windows\system32\dllcache\xlog.exe

2009-03-25 13:22 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys

2009-03-25 13:22 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys

2009-03-25 13:22 19,200 ac------ c:\windows\system32\dllcache\wstcodec.sys

2009-03-25 13:22 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys

2009-03-25 13:22 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll

2009-03-25 13:20 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

2009-03-25 13:19 17,024 ac------ c:\windows\system32\dllcache\stcusb.sys

2009-03-25 13:18 161,632 ac------ c:\windows\system32\dllcache\sgsmusb.sys

2009-03-25 13:17 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys

2009-03-25 13:16 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe

2009-03-25 13:15 5,504 ac------ c:\windows\system32\dllcache\mstee.sys

2009-03-25 13:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys

2009-03-25 13:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys

2009-03-25 13:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys

2009-03-25 13:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys

2009-03-25 13:14 35,200 ac------ c:\windows\system32\dllcache\msgame.sys

2009-03-25 13:14 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys

2009-03-25 13:14 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax

2009-03-25 13:14 51,200 ac------ c:\windows\system32\dllcache\msdv.sys

2009-03-25 13:14 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys

2009-03-25 13:14 15,232 ac------ c:\windows\system32\dllcache\mpe.sys

2009-03-25 13:14 12,288 ac------ c:\windows\system32\dllcache\mouhid.sys

2009-03-25 13:14 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys

2009-03-25 13:12 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys

2009-03-25 13:11 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll

2009-03-25 13:10 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll

2009-03-25 13:09 907,904 ac------ c:\windows\system32\dllcache\hcf_msft.sys

2009-03-25 13:08 347,966 ac------ c:\windows\system32\dllcache\es56tpi.sys

2009-03-25 13:07 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys

2009-03-25 13:06 28,672 ac------ c:\windows\system32\dllcache\cyycoins.dll

2009-03-25 13:05 13,952 ac------ c:\windows\system32\dllcache\cmbatt.sys

2009-03-25 13:04 14,080 ac------ c:\windows\system32\dllcache\bulltlp3.sys

2009-03-25 13:03 96,128 ac------ c:\windows\system32\dllcache\ati.dll

2009-03-25 13:02 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll

2009-03-25 11:31 8 a------- c:\windows\scanreg.ini

2009-03-25 11:04 <DIR> --d----- c:\windows\MindSoft Utilities 2009 for Windows XP

2009-03-24 11:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SWF Studio

2009-03-24 11:02 <DIR> --d----- c:\docume~1\hernani\dadosd~1\KeePass

2009-03-24 11:01 <DIR> --d-h--- C:\89a93d7abf118d1e5a5d

2009-03-24 11:01 <DIR> --d-h--- C:\4fce31b89cfde0a00e4386baa9baec6d

2009-03-24 11:01 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\IconTweaker

2009-03-23 21:31 147,456 a------- c:\windows\system32\igfxCoIn_v5009.dll

2009-03-23 21:16 53,248 a------- c:\windows\system32\CSVer.dll

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH3

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH2

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH1

2009-03-22 23:53 <DIR> --d----- c:\documents and settings\hernani\Contacts

2009-03-22 18:30 720,896 a------- c:\windows\iun6002.exe

2009-03-22 16:11 <DIR> --d----- c:\windows\pss

2009-03-22 00:36 <DIR> --d----- c:\windows\system32\GroupPolicy

2009-03-22 00:25 39 a------- C:\ntosboot.bat

2009-03-21 13:58 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Everstrike Software

2009-03-21 10:52 37,376 a------- c:\windows\system32\VbVfw.dll

2009-03-21 10:40 721,168 a------- c:\windows\system32\VB40032.DLL

2009-03-21 10:40 60,416 a------- c:\windows\ST4UNST.EXE

2009-03-20 22:54 <DIR> --d----- c:\arquivos de programas\ASUS

2009-03-20 22:53 <DIR> --d----- c:\windows\AsDmiHtm

2009-03-19 19:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Malwarebytes

2009-03-19 19:08 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

2009-03-19 13:22 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys

2009-03-19 13:18 18,704 a----r-- c:\windows\system32\drivers\se59nd5.sys

2009-03-19 13:18 4,128 a----r-- c:\windows\system32\drivers\se59cr.sys

2009-03-19 13:18 90,800 a----r-- c:\windows\system32\drivers\se59unic.sys

2009-03-19 13:18 88,624 a----r-- c:\windows\system32\drivers\se59mgmt.sys

2009-03-19 13:18 86,432 a----r-- c:\windows\system32\drivers\se59obex.sys

2009-03-19 13:18 97,088 a----r-- c:\windows\system32\drivers\se59mdm.sys

2009-03-19 13:18 9,360 a----r-- c:\windows\system32\drivers\se59mdfl.sys

2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cmnt.sys

2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cm.sys

2009-03-19 13:18 61,536 a----r-- c:\windows\system32\drivers\se59bus.sys

2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59whnt.sys

2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59wh.sys

2009-03-19 12:55 54,156 a---h--- c:\windows\QTFont.qfn

2009-03-19 12:55 1,409 a------- c:\windows\QTFont.for

2009-03-19 11:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Teleca

2009-03-19 11:12 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Sony Ericsson

2009-03-19 11:07 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson

2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Sony Ericsson Shared

2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Teleca Shared

2009-03-19 11:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Teleca

2009-03-19 11:06 <DIR> --d----- c:\windows\Downloaded Installations

2009-03-18 09:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\IObit

2009-03-17 12:45 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\vsosdk

2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\xing shared

2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

2009-03-17 10:51 87,608 a------- c:\docume~1\hernani\dadosd~1\inst.exe

2009-03-17 10:51 47,360 a------- c:\windows\system32\drivers\pcouffin.sys

2009-03-17 10:51 47,360 a------- c:\docume~1\hernani\dadosd~1\pcouffin.sys

2009-03-17 10:51 217,127 a------- c:\windows\system32\drv43260.dll

2009-03-17 10:51 208,935 a------- c:\windows\system32\drv33260.dll

2009-03-17 10:51 102,439 a------- c:\windows\system32\sipr3260.dll

2009-03-17 10:51 626,688 a------- c:\windows\system32\vp7vfw.dll

2009-03-17 10:51 176,165 a------- c:\windows\system32\drv23260.dll

2009-03-17 10:51 65,602 a------- c:\windows\system32\cook3260.dll

2009-03-17 10:51 1,184,984 a------- c:\windows\system32\wvc1dmod.dll

2009-03-17 10:51 <DIR> --d----- c:\arquivos de programas\VSO

2009-03-16 23:25 410,984 a------- c:\windows\system32\deploytk.dll

2009-03-16 23:25 73,728 a------- c:\windows\system32\javacpl.cpl

2009-03-16 22:16 28,544 a------- c:\windows\system32\drivers\pavboot.sys

2009-03-16 22:15 <DIR> --d----- c:\arquivos de programas\Panda Security

2009-03-16 21:26 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

2009-03-16 20:34 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll

2009-03-16 20:34 467,984 a------- c:\windows\system32\d3dx10_39.dll

2009-03-16 20:33 3,851,784 a------- c:\windows\system32\D3DX9_39.dll

2009-03-16 20:33 2,414,360 a------- c:\windows\system32\d3dx9_31.dll

2009-03-16 20:33 <DIR> --d----- c:\windows\Logs

2009-03-16 20:33 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PassMark

2009-03-16 20:05 <DIR> --d----- c:\arquivos de programas\LSI SoftModem

2009-03-16 19:55 14,048 -------- c:\windows\system32\spmsg2.dll

2009-03-16 19:47 <DIR> --d----- c:\windows\system32\XPSViewer

2009-03-16 19:46 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll

2009-03-16 19:46 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-03-16 19:46 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll

2009-03-16 19:46 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-03-16 19:46 1,676,288 -------- c:\windows\system32\xpssvcs.dll

2009-03-16 19:46 575,488 -------- c:\windows\system32\xpsshhdr.dll

2009-03-16 19:46 117,760 -------- c:\windows\system32\prntvpt.dll

2009-03-16 19:33 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll

2009-03-16 19:33 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll

2009-03-16 19:33 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe

2009-03-16 19:33 1,024,000 -c------ c:\windows\system32\dllcache\ieframe.dll.mui

2009-03-16 19:33 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll

2009-03-16 19:33 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat

2009-03-16 19:33 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll

2009-03-16 19:33 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

2009-03-16 19:33 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll

2009-03-16 19:17 2,070,272 ac------ c:\windows\system32\dllcache\ntkrnlpa.exe

2009-03-16 19:17 2,193,408 ac------ c:\windows\system32\dllcache\ntoskrnl.exe

2009-03-16 19:16 172,032 ac------ c:\windows\system32\dllcache\scrrun.dll

2009-03-16 19:16 172,032 a------- c:\windows\system32\scrrun.dll

2009-03-16 18:51 <DIR> --d----- c:\windows\l2schemas

2009-03-16 18:51 <DIR> --d----- c:\windows\system32\bits

2009-03-16 18:48 <DIR> --d----- c:\windows\ServicePackFiles

2009-03-16 18:46 <DIR> --d----- c:\windows\network diagnostic

2009-03-16 18:31 1,309,184 ac------ c:\windows\system32\dllcache\mtlstrm.sys

2009-03-16 18:30 104,960 ac------ c:\windows\system32\dllcache\atinrvxx.sys

2009-03-16 18:14 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint

2009-03-16 18:12 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

2009-03-16 18:01 <DIR> --d----- c:\windows\system32\PreInstall

2009-03-16 17:58 31,768 a------- c:\windows\system32\wucltui.dll.mui

2009-03-16 17:58 18,968 a------- c:\windows\system32\wuaueng.dll.mui

2009-03-16 17:58 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui

2009-03-16 17:58 27,672 a------- c:\windows\system32\wuapi.dll.mui

2009-03-16 17:58 <DIR> --d----- c:\windows\system32\SoftwareDistribution

2009-03-16 17:08 32,592 a------- c:\windows\system32\msonpmon.dll

2009-03-16 17:00 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

2009-03-16 16:32 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Desktopicon

2009-03-16 15:53 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint 5.2

2009-03-16 14:52 <DIR> --d----- c:\windows\LastGood(2)

2009-03-16 12:14 81,408 a------- c:\windows\system32\devcon_x64.exe

2009-03-16 12:14 55,808 a------- c:\windows\system32\devcon.exe

2009-03-15 23:20 <DIR> --d----- c:\arquivos de programas\uTorrent

2009-03-15 23:20 <DIR> --d----- c:\docume~1\hernani\dadosd~1\uTorrent

2009-03-15 18:11 211 a--sh--- C:\BOOT.BKK

2009-03-15 15:07 <DIR> --d----- c:\windows\system32\NtmsData

2009-03-15 15:06 <DIR> --d----- c:\windows\system32\pt-br

2009-03-15 14:43 <DIR> --d----- c:\windows\$hf_mig$

2009-03-15 14:32 268 a---h--- C:\sqmdata05.sqm

2009-03-15 14:32 244 a---h--- C:\sqmnoopt05.sqm

2009-03-15 14:26 <DIR> --d----- c:\docume~1\hernani\dadosd~1\GlarySoft

2009-03-15 14:20 268 a---h--- C:\sqmdata04.sqm

2009-03-15 14:20 244 a---h--- C:\sqmnoopt04.sqm

2009-03-15 13:53 268 a---h--- C:\sqmdata03.sqm

2009-03-15 13:53 244 a---h--- C:\sqmnoopt03.sqm

2009-03-15 13:52 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Tools

2009-03-15 13:49 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PC Tools

2009-03-15 13:42 <DIR> --d----- c:\docume~1\hernani\dadosd~1\SUPERAntiSpyware.com

2009-03-15 13:42 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SUPERAntiSpyware.com

2009-03-15 13:40 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PCToolsFirewallPlus

2009-03-15 11:05 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Drivers HeadQuarters

2009-03-15 06:57 421,888 a------- c:\windows\system32\ac3filter.acm

2009-03-15 06:55 69 a------- c:\windows\NeroDigital.ini

2009-03-14 23:45 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

2009-03-14 23:44 <DIR> --d----- c:\windows\system32\LogFiles

2009-03-14 23:44 26,488 a------- c:\windows\system32\spupdsvc.exe

2009-03-14 21:58 421 a------- c:\windows\ODBC.INI

2009-03-14 21:57 <DIR> --d----- c:\windows\ShellNew

2009-03-14 21:44 <DIR> --d-hr-- c:\documents and settings\hernani\Dados de aplicativos

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Modelos

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Configurações locais

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de rede

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de impressão

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Meus documentos

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Menu Iniciar

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Favoritos

2009-03-14 21:44 <DIR> --d----- c:\documents and settings\Hernani

2009-03-14 21:43 <DIR> --d----- c:\windows\system32\Microsoft

2009-03-14 21:41 28,288 ac------ c:\windows\system32\dllcache\xjis.nls

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winzm.ime

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winsp.ime

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winpy.ime

2009-03-14 21:41 79,360 ac------ c:\windows\system32\dllcache\winar30.ime

2009-03-14 21:41 72,704 ac------ c:\windows\system32\dllcache\wingb.ime

2009-03-14 21:41 65,536 ac------ c:\windows\system32\dllcache\winime.ime

2009-03-14 21:41 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll

2009-03-14 21:41 31,488 ac------ c:\windows\system32\dllcache\weitekp9.sys

2009-03-14 21:41 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll

2009-03-14 21:41 5,632 ac------ c:\windows\system32\dllcache\w3svapi.dll

2009-03-14 21:39 108,827 ac------ c:\windows\system32\dllcache\hanja.lex

2009-03-14 21:38 <DIR> --dsh--- c:\documents and settings\all users\DRM

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\Serviços on-line

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Messenger

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Windows NT

2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

2009-03-14 18:06 <DIR> --d-h--- c:\documents and settings\all users\Modelos

2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Documentos

2009-03-14 18:06 <DIR> --d----- c:\documents and settings\all users\Favoritos

2009-03-14 18:04 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

2009-03-14 13:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\Nero

2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

2009-03-14 13:07 <DIR> --d----- c:\arquivos de programas\Realtek

2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\VIA

2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

2009-03-14 12:50 <DIR> --d----- c:\arquivos de programas\MSN Messenger

==================== Find3M ====================

2009-03-27 21:34 33,808 a------- c:\windows\system32\drivers\klbg.sys

2009-03-23 23:44 471,376 a------- c:\windows\system32\perfh016.dat

2009-03-23 23:44 80,198 a------- c:\windows\system32\perfc016.dat

2009-03-21 20:20 107 ---sh--- c:\arquivos de programas\Desktop.ini

2009-03-17 12:05 348,160 a------- c:\windows\system32\msvcr71.dll

2009-03-17 12:05 499,712 a------- c:\windows\system32\msvcp71.dll

2009-03-14 22:14 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

2009-03-14 21:36 21,844 a------- c:\windows\system32\emptyregdb.dat

2009-02-09 15:56 67,584 a------- c:\windows\system32\ff_vfw.dll

2009-02-09 11:06 1,846,912 a------- c:\windows\system32\win32k.sys

2009-01-07 15:14 60,273 a------- c:\windows\system32\pthreadGC2.dll

============= FINISH: 11:54:43,68 ===============

DDS (Ver_09-03-16.01) - NTFSx86

Run by Hernani at 11:53:53,50 on s*b 28/03/2009

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.507.197 [GMT -3:00]

AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)

FW: Kaspersky Internet Security *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe

C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\SpyEmergency\Spy Emergency 2008\SpyEmergencySrv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\WINDOWS\system32\ctfmon.exe

D:\ARQUIVOS DE PROGRAMAS\NetVirtua.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

D:\DOWNLOADS\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ievkbd.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [spyEmergency] "d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergency.exe"

mRun: [AVP] "d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe"

mPolicies-system: HideFastUserSwitching = 0 (0x0)

IE: "Adicionar ao Bloqueador de banner de anúncio" - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000

IE: E&xportar para o Microsoft Excel

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\SCIEPlgn.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237237095484

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~2\office12\GR99D3~1.DLL

Notify: igfxcui - igfxdev.dll

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: d:\arquiv~1\segura~1\kis800~1.506\mzvkbd.dll,d:\arquiv~1\segura~1\kis800~1.506\mzvkbd3.dll,d:\arquiv~1\segura~1\kis800~1.506\adialhk.dll,d:\arquiv~1\segura~1\kis800~1.506\kloehk.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hernani\dadosd~1\mozilla\firefox\profiles\twmmii6j.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/ig?hl=pt-BR&source=iglk

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nppl3260.dll

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprjplug.dll

FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprpjplug.dll

---- FIREFOX POLICIES ----

d:\arquivos de programas\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-16 28544]

R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-27 226832]

R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [2009-3-27 12344]

R2 AVP;Kaspersky Internet Security;d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe [2008-11-11 206088]

R2 LF30FS;LF30FS;d:\arquivos de programas\segurança\lockfolder\LF30XP.sys [2004-11-19 101488]

R2 SpyEmrgSrv;Spy Emergency Engine Service;d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergencySrv.exe [2009-3-27 694840]

R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]

R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [2009-3-27 14392]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-14 222976]

S3 pctplsg;pctplsg; [x]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]

S3 TfNetMon;TfNetMon; [x]

S4 a2free;a-squared Free Service;d:\arquivos de programas\segurança\a-squared free\a2service.exe [2009-3-7 425080]

=============== Created Last 30 ================

2009-03-28 11:09 <DIR> --d----- c:\arquivos de programas\EsetOnlineScanner

2009-03-28 09:49 218 a------- c:\windows\sremcon_winlogon.dat

2009-03-28 09:49 181 a------- c:\windows\sremcon_startup.dat

2009-03-27 22:12 3,840 a------- c:\windows\sremcon_drivers.dat

2009-03-27 22:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Se Analyzer Tool SA

2009-03-27 21:59 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Spy Emergency

2009-03-27 21:59 23,096 a------- c:\windows\system32\sremcon.exe

2009-03-27 21:59 14,392 a------- c:\windows\system32\drivers\spyemrg_guard.sys

2009-03-27 21:59 12,344 a------- c:\windows\system32\drivers\spyemrg.sys

2009-03-27 21:59 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\NETGATE

2009-03-27 21:21 101,287 a------- c:\windows\system32\drivers\klin.dat

2009-03-27 21:21 89,601 a------- c:\windows\system32\drivers\klick.dat

2009-03-27 21:20 1,964,064 a--sh--- c:\windows\system32\drivers\fidbox.dat

2009-03-27 21:20 311,328 a--sh--- c:\windows\system32\drivers\fidbox2.dat

2009-03-27 21:20 17,472 a--sh--- c:\windows\system32\drivers\fidbox.idx

2009-03-27 21:20 3,192 a--sh--- c:\windows\system32\drivers\fidbox2.idx

2009-03-27 21:20 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab

2009-03-27 18:48 691,712 a------- c:\windows\is-CP01N.exe

2009-03-27 18:48 11,868 a------- c:\windows\is-CP01N.msg

2009-03-27 18:48 267 a------- c:\windows\is-CP01N.lst

2009-03-27 17:50 <DIR> --d----- c:\windows\PIF

2009-03-27 16:14 268 a------- c:\windows\is-UL41U.lst

2009-03-27 16:14 691,712 a------- c:\windows\is-UL41U.exe

2009-03-27 16:14 11,868 a------- c:\windows\is-UL41U.msg

2009-03-26 22:14 691,712 a------- c:\windows\is-HUAAE.exe

2009-03-26 22:14 11,868 a------- c:\windows\is-HUAAE.msg

2009-03-26 22:14 268 a------- c:\windows\is-HUAAE.lst

2009-03-26 22:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PC Tools

2009-03-26 21:26 189,102 a------- C:\1current.trs

2009-03-26 21:22 24,364,032 a------- C:\current.trs

2009-03-26 20:22 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files

2009-03-26 18:32 <DIR> --d----- c:\windows\LastGood.Tmp

2009-03-25 16:45 5,632 ac------ c:\windows\system32\dllcache\kbdheb.dll

2009-03-25 16:41 18,688 ac------ c:\windows\system32\dllcache\irsir.sys

2009-03-25 16:40 28,672 ac------ c:\windows\system32\dllcache\irmon.dll

2009-03-25 16:25 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll

2009-03-25 16:19 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll

2009-03-25 16:12 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll

2009-03-25 16:08 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys

2009-03-25 13:22 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll

2009-03-25 13:22 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll

2009-03-25 13:22 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll

2009-03-25 13:22 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe

2009-03-25 13:22 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe

2009-03-25 13:22 99,865 ac------ c:\windows\system32\dllcache\xlog.exe

2009-03-25 13:22 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys

2009-03-25 13:22 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys

2009-03-25 13:22 19,200 ac------ c:\windows\system32\dllcache\wstcodec.sys

2009-03-25 13:22 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys

2009-03-25 13:22 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll

2009-03-25 13:20 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

2009-03-25 13:19 17,024 ac------ c:\windows\system32\dllcache\stcusb.sys

2009-03-25 13:18 161,632 ac------ c:\windows\system32\dllcache\sgsmusb.sys

2009-03-25 13:17 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys

2009-03-25 13:16 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe

2009-03-25 13:15 5,504 ac------ c:\windows\system32\dllcache\mstee.sys

2009-03-25 13:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys

2009-03-25 13:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys

2009-03-25 13:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys

2009-03-25 13:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys

2009-03-25 13:14 35,200 ac------ c:\windows\system32\dllcache\msgame.sys

2009-03-25 13:14 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys

2009-03-25 13:14 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax

2009-03-25 13:14 51,200 ac------ c:\windows\system32\dllcache\msdv.sys

2009-03-25 13:14 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys

2009-03-25 13:14 15,232 ac------ c:\windows\system32\dllcache\mpe.sys

2009-03-25 13:14 12,288 ac------ c:\windows\system32\dllcache\mouhid.sys

2009-03-25 13:14 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys

2009-03-25 13:12 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys

2009-03-25 13:11 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll

2009-03-25 13:10 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll

2009-03-25 13:09 907,904 ac------ c:\windows\system32\dllcache\hcf_msft.sys

2009-03-25 13:08 347,966 ac------ c:\windows\system32\dllcache\es56tpi.sys

2009-03-25 13:07 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys

2009-03-25 13:06 28,672 ac------ c:\windows\system32\dllcache\cyycoins.dll

2009-03-25 13:05 13,952 ac------ c:\windows\system32\dllcache\cmbatt.sys

2009-03-25 13:04 14,080 ac------ c:\windows\system32\dllcache\bulltlp3.sys

2009-03-25 13:03 96,128 ac------ c:\windows\system32\dllcache\ati.dll

2009-03-25 13:02 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll

2009-03-25 11:31 8 a------- c:\windows\scanreg.ini

2009-03-25 11:04 <DIR> --d----- c:\windows\MindSoft Utilities 2009 for Windows XP

2009-03-24 11:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SWF Studio

2009-03-24 11:02 <DIR> --d----- c:\docume~1\hernani\dadosd~1\KeePass

2009-03-24 11:01 <DIR> --d-h--- C:\89a93d7abf118d1e5a5d

2009-03-24 11:01 <DIR> --d-h--- C:\4fce31b89cfde0a00e4386baa9baec6d

2009-03-24 11:01 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\IconTweaker

2009-03-23 21:31 147,456 a------- c:\windows\system32\igfxCoIn_v5009.dll

2009-03-23 21:16 53,248 a------- c:\windows\system32\CSVer.dll

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH3

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH2

2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH1

2009-03-22 23:53 <DIR> --d----- c:\documents and settings\hernani\Contacts

2009-03-22 18:30 720,896 a------- c:\windows\iun6002.exe

2009-03-22 16:11 <DIR> --d----- c:\windows\pss

2009-03-22 00:36 <DIR> --d----- c:\windows\system32\GroupPolicy

2009-03-22 00:25 39 a------- C:\ntosboot.bat

2009-03-21 13:58 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Everstrike Software

2009-03-21 10:52 37,376 a------- c:\windows\system32\VbVfw.dll

2009-03-21 10:40 721,168 a------- c:\windows\system32\VB40032.DLL

2009-03-21 10:40 60,416 a------- c:\windows\ST4UNST.EXE

2009-03-20 22:54 <DIR> --d----- c:\arquivos de programas\ASUS

2009-03-20 22:53 <DIR> --d----- c:\windows\AsDmiHtm

2009-03-19 19:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Malwarebytes

2009-03-19 19:08 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

2009-03-19 13:22 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys

2009-03-19 13:18 18,704 a----r-- c:\windows\system32\drivers\se59nd5.sys

2009-03-19 13:18 4,128 a----r-- c:\windows\system32\drivers\se59cr.sys

2009-03-19 13:18 90,800 a----r-- c:\windows\system32\drivers\se59unic.sys

2009-03-19 13:18 88,624 a----r-- c:\windows\system32\drivers\se59mgmt.sys

2009-03-19 13:18 86,432 a----r-- c:\windows\system32\drivers\se59obex.sys

2009-03-19 13:18 97,088 a----r-- c:\windows\system32\drivers\se59mdm.sys

2009-03-19 13:18 9,360 a----r-- c:\windows\system32\drivers\se59mdfl.sys

2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cmnt.sys

2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cm.sys

2009-03-19 13:18 61,536 a----r-- c:\windows\system32\drivers\se59bus.sys

2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59whnt.sys

2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59wh.sys

2009-03-19 12:55 54,156 a---h--- c:\windows\QTFont.qfn

2009-03-19 12:55 1,409 a------- c:\windows\QTFont.for

2009-03-19 11:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Teleca

2009-03-19 11:12 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Sony Ericsson

2009-03-19 11:07 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson

2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Sony Ericsson Shared

2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Teleca Shared

2009-03-19 11:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Teleca

2009-03-19 11:06 <DIR> --d----- c:\windows\Downloaded Installations

2009-03-18 09:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\IObit

2009-03-17 12:45 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\vsosdk

2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\xing shared

2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

2009-03-17 10:51 87,608 a------- c:\docume~1\hernani\dadosd~1\inst.exe

2009-03-17 10:51 47,360 a------- c:\windows\system32\drivers\pcouffin.sys

2009-03-17 10:51 47,360 a------- c:\docume~1\hernani\dadosd~1\pcouffin.sys

2009-03-17 10:51 217,127 a------- c:\windows\system32\drv43260.dll

2009-03-17 10:51 208,935 a------- c:\windows\system32\drv33260.dll

2009-03-17 10:51 102,439 a------- c:\windows\system32\sipr3260.dll

2009-03-17 10:51 626,688 a------- c:\windows\system32\vp7vfw.dll

2009-03-17 10:51 176,165 a------- c:\windows\system32\drv23260.dll

2009-03-17 10:51 65,602 a------- c:\windows\system32\cook3260.dll

2009-03-17 10:51 1,184,984 a------- c:\windows\system32\wvc1dmod.dll

2009-03-17 10:51 <DIR> --d----- c:\arquivos de programas\VSO

2009-03-16 23:25 410,984 a------- c:\windows\system32\deploytk.dll

2009-03-16 23:25 73,728 a------- c:\windows\system32\javacpl.cpl

2009-03-16 22:16 28,544 a------- c:\windows\system32\drivers\pavboot.sys

2009-03-16 22:15 <DIR> --d----- c:\arquivos de programas\Panda Security

2009-03-16 21:26 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

2009-03-16 20:34 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll

2009-03-16 20:34 467,984 a------- c:\windows\system32\d3dx10_39.dll

2009-03-16 20:33 3,851,784 a------- c:\windows\system32\D3DX9_39.dll

2009-03-16 20:33 2,414,360 a------- c:\windows\system32\d3dx9_31.dll

2009-03-16 20:33 <DIR> --d----- c:\windows\Logs

2009-03-16 20:33 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PassMark

2009-03-16 20:05 <DIR> --d----- c:\arquivos de programas\LSI SoftModem

2009-03-16 19:55 14,048 -------- c:\windows\system32\spmsg2.dll

2009-03-16 19:47 <DIR> --d----- c:\windows\system32\XPSViewer

2009-03-16 19:46 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll

2009-03-16 19:46 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-03-16 19:46 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll

2009-03-16 19:46 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-03-16 19:46 1,676,288 -------- c:\windows\system32\xpssvcs.dll

2009-03-16 19:46 575,488 -------- c:\windows\system32\xpsshhdr.dll

2009-03-16 19:46 117,760 -------- c:\windows\system32\prntvpt.dll

2009-03-16 19:33 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll

2009-03-16 19:33 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll

2009-03-16 19:33 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe

2009-03-16 19:33 1,024,000 -c------ c:\windows\system32\dllcache\ieframe.dll.mui

2009-03-16 19:33 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll

2009-03-16 19:33 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat

2009-03-16 19:33 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll

2009-03-16 19:33 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

2009-03-16 19:33 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll

2009-03-16 19:17 2,070,272 ac------ c:\windows\system32\dllcache\ntkrnlpa.exe

2009-03-16 19:17 2,193,408 ac------ c:\windows\system32\dllcache\ntoskrnl.exe

2009-03-16 19:16 172,032 ac------ c:\windows\system32\dllcache\scrrun.dll

2009-03-16 19:16 172,032 a------- c:\windows\system32\scrrun.dll

2009-03-16 18:51 <DIR> --d----- c:\windows\l2schemas

2009-03-16 18:51 <DIR> --d----- c:\windows\system32\bits

2009-03-16 18:48 <DIR> --d----- c:\windows\ServicePackFiles

2009-03-16 18:46 <DIR> --d----- c:\windows\network diagnostic

2009-03-16 18:31 1,309,184 ac------ c:\windows\system32\dllcache\mtlstrm.sys

2009-03-16 18:30 104,960 ac------ c:\windows\system32\dllcache\atinrvxx.sys

2009-03-16 18:14 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint

2009-03-16 18:12 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

2009-03-16 18:01 <DIR> --d----- c:\windows\system32\PreInstall

2009-03-16 17:58 31,768 a------- c:\windows\system32\wucltui.dll.mui

2009-03-16 17:58 18,968 a------- c:\windows\system32\wuaueng.dll.mui

2009-03-16 17:58 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui

2009-03-16 17:58 27,672 a------- c:\windows\system32\wuapi.dll.mui

2009-03-16 17:58 <DIR> --d----- c:\windows\system32\SoftwareDistribution

2009-03-16 17:08 32,592 a------- c:\windows\system32\msonpmon.dll

2009-03-16 17:00 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

2009-03-16 16:32 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Desktopicon

2009-03-16 15:53 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint 5.2

2009-03-16 14:52 <DIR> --d----- c:\windows\LastGood(2)

2009-03-16 12:14 81,408 a------- c:\windows\system32\devcon_x64.exe

2009-03-16 12:14 55,808 a------- c:\windows\system32\devcon.exe

2009-03-15 23:20 <DIR> --d----- c:\arquivos de programas\uTorrent

2009-03-15 23:20 <DIR> --d----- c:\docume~1\hernani\dadosd~1\uTorrent

2009-03-15 18:11 211 a--sh--- C:\BOOT.BKK

2009-03-15 15:07 <DIR> --d----- c:\windows\system32\NtmsData

2009-03-15 15:06 <DIR> --d----- c:\windows\system32\pt-br

2009-03-15 14:43 <DIR> --d----- c:\windows\$hf_mig$

2009-03-15 14:32 268 a---h--- C:\sqmdata05.sqm

2009-03-15 14:32 244 a---h--- C:\sqmnoopt05.sqm

2009-03-15 14:26 <DIR> --d----- c:\docume~1\hernani\dadosd~1\GlarySoft

2009-03-15 14:20 268 a---h--- C:\sqmdata04.sqm

2009-03-15 14:20 244 a---h--- C:\sqmnoopt04.sqm

2009-03-15 13:53 268 a---h--- C:\sqmdata03.sqm

2009-03-15 13:53 244 a---h--- C:\sqmnoopt03.sqm

2009-03-15 13:52 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Tools

2009-03-15 13:49 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PC Tools

2009-03-15 13:42 <DIR> --d----- c:\docume~1\hernani\dadosd~1\SUPERAntiSpyware.com

2009-03-15 13:42 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SUPERAntiSpyware.com

2009-03-15 13:40 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PCToolsFirewallPlus

2009-03-15 11:05 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Drivers HeadQuarters

2009-03-15 06:57 421,888 a------- c:\windows\system32\ac3filter.acm

2009-03-15 06:55 69 a------- c:\windows\NeroDigital.ini

2009-03-14 23:45 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

2009-03-14 23:44 <DIR> --d----- c:\windows\system32\LogFiles

2009-03-14 23:44 26,488 a------- c:\windows\system32\spupdsvc.exe

2009-03-14 21:58 421 a------- c:\windows\ODBC.INI

2009-03-14 21:57 <DIR> --d----- c:\windows\ShellNew

2009-03-14 21:44 <DIR> --d-hr-- c:\documents and settings\hernani\Dados de aplicativos

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Modelos

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Configurações locais

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de rede

2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de impressão

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Meus documentos

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Menu Iniciar

2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Favoritos

2009-03-14 21:44 <DIR> --d----- c:\documents and settings\Hernani

2009-03-14 21:43 <DIR> --d----- c:\windows\system32\Microsoft

2009-03-14 21:41 28,288 ac------ c:\windows\system32\dllcache\xjis.nls

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winzm.ime

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winsp.ime

2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winpy.ime

2009-03-14 21:41 79,360 ac------ c:\windows\system32\dllcache\winar30.ime

2009-03-14 21:41 72,704 ac------ c:\windows\system32\dllcache\wingb.ime

2009-03-14 21:41 65,536 ac------ c:\windows\system32\dllcache\winime.ime

2009-03-14 21:41 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll

2009-03-14 21:41 31,488 ac------ c:\windows\system32\dllcache\weitekp9.sys

2009-03-14 21:41 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll

2009-03-14 21:41 5,632 ac------ c:\windows\system32\dllcache\w3svapi.dll

2009-03-14 21:39 108,827 ac------ c:\windows\system32\dllcache\hanja.lex

2009-03-14 21:38 <DIR> --dsh--- c:\documents and settings\all users\DRM

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\Serviços on-line

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Messenger

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Windows NT

2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

2009-03-14 18:06 <DIR> --d-h--- c:\documents and settings\all users\Modelos

2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Documentos

2009-03-14 18:06 <DIR> --d----- c:\documents and settings\all users\Favoritos

2009-03-14 18:04 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

2009-03-14 13:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\Nero

2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

2009-03-14 13:07 <DIR> --d----- c:\arquivos de programas\Realtek

2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\VIA

2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

2009-03-14 12:50 <DIR> --d----- c:\arquivos de programas\MSN Messenger

==================== Find3M ====================

2009-03-27 21:34 33,808 a------- c:\windows\system32\drivers\klbg.sys

2009-03-23 23:44 471,376 a------- c:\windows\system32\perfh016.dat

2009-03-23 23:44 80,198 a------- c:\windows\system32\perfc016.dat

2009-03-21 20:20 107 ---sh--- c:\arquivos de programas\Desktop.ini

2009-03-17 12:05 348,160 a------- c:\windows\system32\msvcr71.dll

2009-03-17 12:05 499,712 a------- c:\windows\system32\msvcp71.dll

2009-03-14 22:14 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

2009-03-14 21:36 21,844 a------- c:\windows\system32\emptyregdb.dat

2009-02-09 15:56 67,584 a------- c:\windows\system32\ff_vfw.dll

2009-02-09 11:06 1,846,912 a------- c:\windows\system32\win32k.sys

2009-01-07 15:14 60,273 a------- c:\windows\system32\pthreadGC2.dll

============= FINISH: 11:54:43,68 ===============

# version=4

# OnlineScanner.ocx=1.0.0.635

# OnlineScannerDLLA.dll=1, 0, 0, 79

# OnlineScannerDLLW.dll=1, 0, 0, 78

# OnlineScannerUninstaller.exe=1, 0, 0, 49

# vers_standard_module=3972 (20090328)

# vers_arch_module=1.064 (20080214)

# vers_adv_heur_module=1.066 (20070917)

# EOSSerial=6e744ca3e6f2d643805d394eb0e20873

# end=finished

# remove_checked=false

# unwanted_checked=true

# utc_time=2009-03-28 02:50:38

# local_time=2009-03-28 11:50:38 (-0300, Hora oficial do Brasil)

# country="Brazil"

# osver=5.1.2600 NT Service Pack 3

# scanned=265099

# found=0

# scan_time=2294

Compartilhar este post


Link para o post
Compartilhar em outros sites

Os logs estão limpos e o online scan também nada detetou. Seu problema não está relacionado a virus.

Procure ajuda nas restantes áreas do forum para os colegas o continuarem ajudando.

Abraço

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigado pela atenção Lusitano...

Abraço...

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×