Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
herguim

micro muito lento... será vírus?

Recommended Posts

Boa tarde,

Gostaria que verificassem se tenho alguma infecção no meu pc pois o mesmo anda travando desde a inicialização dos aplicativos até a navegação.

Demora uma eternidade para abrir "meu computador", iniciar, painel de controle, etc...

O que devo fazer e como fazer?

Grato,

Herguim:confused:

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Obrigado...

    segue logs:

    DDS (Ver_09-03-16.01) - NTFSx86

    Run by Hernani at 0:42:01,00 on sex 27/03/2009

    Internet Explorer: 7.0.5730.13

    Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.507.117 [GMT -3:00]

    AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated)

    AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)

    FW: PC Tools Firewall Plus *disabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch

    C:\WINDOWS\system32\svchost -k rpcss

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\spoolsv.exe

    C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe

    C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

    C:\Arquivos de programas\Java\jre6\bin\jqs.exe

    C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

    D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FWService.exe

    C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

    C:\WINDOWS\system32\wbem\wmiapsrv.exe

    C:\WINDOWS\System32\alg.exe

    C:\WINDOWS\Explorer.EXE

    D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FirewallGUI.exe

    C:\WINDOWS\system32\svchost.exe -k LocalService

    C:\WINDOWS\system32\ctfmon.exe

    D:\ARQUIVOS DE PROGRAMAS\Limpadores\Trash it!\Trash it Scheduler.exe

    D:\ARQUIVOS DE PROGRAMAS\FIREFOX\firefox.exe

    C:\WINDOWS\system32\wscntfy.exe

    D:\DOWNLOADS\dds.scr

    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com.br/

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\arquivos de programas\segurança\kav2009\ievkbd.dll

    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [Trash it Scheduler] d:\arquivos de programas\limpadores\trash it!\Trash it Scheduler.exe

    mRun: [AVP] "d:\arquivos de programas\segurança\kav2009\avp.exe"

    mPolicies-system: HideFastUserSwitching = 0 (0x0)

    IE: E&xport to Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000

    IE: E&xportar para o Microsoft Excel

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

    IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\arquivos de programas\segurança\kav2009\SCIEPlgn.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~2\office12\ONBttnIE.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL

    LSP: c:\arquivos de programas\arquivos comuns\pc tools\lsp\PCTLsp.dll

    DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237237095484

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~2\office12\GR99D3~1.DLL

    Notify: igfxcui - igfxdev.dll

    Notify: klogon - c:\windows\system32\klogon.dll

    AppInit_DLLs: d:\arquiv~1\segura~1\kav2009\mzvkbd.dll,d:\arquiv~1\segura~1\kav2009\mzvkbd3.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\hernani\dadosd~1\mozilla\firefox\profiles\twmmii6j.default\

    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/ig?hl=pt-BR&source=iglk

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nppl3260.dll

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprjplug.dll

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprpjplug.dll

    ---- FIREFOX POLICIES ----

    d:\arquivos de programas\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

    ============= SERVICES / DRIVERS ===============

    R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-16 28544]

    R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-3-20 130424]

    R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-26 226832]

    R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-3-15 159600]

    R2 AVP;Kaspersky Anti-Virus;d:\arquivos de programas\segurança\kav2009\avp.exe [2008-11-11 206088]

    R2 LF30FS;LF30FS;d:\arquivos de programas\segurança\lockfolder\LF30XP.sys [2004-11-19 101488]

    R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-3-15 73840]

    R2 PCToolsFirewallPlus;PC Tools Firewall Plus;d:\arquivos de programas\segurança\pc tools firewall plus\pc tools firewall plus\FWService.exe [2009-3-7 146800]

    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]

    R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-3-15 95640]

    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-14 222976]

    S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2009-3-14 26488]

    S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009-3-26 64392]

    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]

    S3 sdAuxService;PC Tools Auxiliary Service;d:\arquivos de programas\spyware doctor\pctsAuxs.exe [2009-3-26 348752]

    S3 sdCoreService;PC Tools Security Service;d:\arquivos de programas\spyware doctor\pctsSvc.exe [2009-3-26 1095560]

    S3 TfNetMon;TfNetMon; [x]

    S4 a2free;a-squared Free Service;d:\arquivos de programas\segurança\a-squared free\a2service.exe [2009-3-7 425080]

    =============== Created Last 30 ================

    2009-03-26 23:51 142 a------- c:\windows\system32\spupdsvc.inf

    2009-03-26 22:59 <DIR> --d----- c:\windows\system32\KB905474

    2009-03-26 22:14 691,712 a------- c:\windows\is-HUAAE.exe

    2009-03-26 22:14 11,868 a------- c:\windows\is-HUAAE.msg

    2009-03-26 22:14 268 a------- c:\windows\is-HUAAE.lst

    2009-03-26 22:13 64,392 a------- c:\windows\system32\drivers\pctplsg.sys

    2009-03-26 22:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PC Tools

    2009-03-26 21:26 189,102 a------- C:\1current.trs

    2009-03-26 21:22 24,364,032 a------- C:\current.trs

    2009-03-26 21:01 101,287 a------- c:\windows\system32\drivers\klin.dat

    2009-03-26 21:01 89,601 a------- c:\windows\system32\drivers\klick.dat

    2009-03-26 21:00 1,447,968 a--sh--- c:\windows\system32\drivers\fidbox.dat

    2009-03-26 21:00 237,600 a--sh--- c:\windows\system32\drivers\fidbox2.dat

    2009-03-26 21:00 13,440 a--sh--- c:\windows\system32\drivers\fidbox.idx

    2009-03-26 21:00 2,940 a--sh--- c:\windows\system32\drivers\fidbox2.idx

    2009-03-26 21:00 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab

    2009-03-26 20:22 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files

    2009-03-26 18:32 <DIR> --d----- c:\windows\LastGood.Tmp

    2009-03-25 16:45 5,632 ac------ c:\windows\system32\dllcache\kbdheb.dll

    2009-03-25 16:41 18,688 ac------ c:\windows\system32\dllcache\irsir.sys

    2009-03-25 16:40 28,672 ac------ c:\windows\system32\dllcache\irmon.dll

    2009-03-25 16:25 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll

    2009-03-25 16:19 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll

    2009-03-25 16:12 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll

    2009-03-25 16:08 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys

    2009-03-25 13:22 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll

    2009-03-25 13:22 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll

    2009-03-25 13:22 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll

    2009-03-25 13:22 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe

    2009-03-25 13:22 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe

    2009-03-25 13:22 99,865 ac------ c:\windows\system32\dllcache\xlog.exe

    2009-03-25 13:22 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys

    2009-03-25 13:22 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys

    2009-03-25 13:22 19,200 ac------ c:\windows\system32\dllcache\wstcodec.sys

    2009-03-25 13:22 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys

    2009-03-25 13:22 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll

    2009-03-25 13:20 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

    2009-03-25 13:19 17,024 ac------ c:\windows\system32\dllcache\stcusb.sys

    2009-03-25 13:18 161,632 ac------ c:\windows\system32\dllcache\sgsmusb.sys

    2009-03-25 13:17 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys

    2009-03-25 13:16 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe

    2009-03-25 13:15 5,504 ac------ c:\windows\system32\dllcache\mstee.sys

    2009-03-25 13:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys

    2009-03-25 13:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys

    2009-03-25 13:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys

    2009-03-25 13:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys

    2009-03-25 13:14 35,200 ac------ c:\windows\system32\dllcache\msgame.sys

    2009-03-25 13:14 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys

    2009-03-25 13:14 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax

    2009-03-25 13:14 51,200 ac------ c:\windows\system32\dllcache\msdv.sys

    2009-03-25 13:14 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys

    2009-03-25 13:14 15,232 ac------ c:\windows\system32\dllcache\mpe.sys

    2009-03-25 13:14 12,288 ac------ c:\windows\system32\dllcache\mouhid.sys

    2009-03-25 13:14 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys

    2009-03-25 13:12 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys

    2009-03-25 13:11 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll

    2009-03-25 13:10 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll

    2009-03-25 13:09 907,904 ac------ c:\windows\system32\dllcache\hcf_msft.sys

    2009-03-25 13:08 347,966 ac------ c:\windows\system32\dllcache\es56tpi.sys

    2009-03-25 13:07 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys

    2009-03-25 13:06 28,672 ac------ c:\windows\system32\dllcache\cyycoins.dll

    2009-03-25 13:05 13,952 ac------ c:\windows\system32\dllcache\cmbatt.sys

    2009-03-25 13:04 14,080 ac------ c:\windows\system32\dllcache\bulltlp3.sys

    2009-03-25 13:03 96,128 ac------ c:\windows\system32\dllcache\ati.dll

    2009-03-25 13:02 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll

    2009-03-25 11:31 8 a------- c:\windows\scanreg.ini

    2009-03-25 11:04 <DIR> --d----- c:\windows\MindSoft Utilities 2009 for Windows XP

    2009-03-24 11:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SWF Studio

    2009-03-24 11:02 <DIR> --d----- c:\docume~1\hernani\dadosd~1\KeePass

    2009-03-24 11:01 <DIR> --d-h--- C:\89a93d7abf118d1e5a5d

    2009-03-24 11:01 <DIR> --d-h--- C:\4fce31b89cfde0a00e4386baa9baec6d

    2009-03-24 11:01 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\IconTweaker

    2009-03-23 21:31 147,456 a------- c:\windows\system32\igfxCoIn_v5009.dll

    2009-03-23 21:16 53,248 a------- c:\windows\system32\CSVer.dll

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH3

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH2

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH1

    2009-03-22 23:53 <DIR> --d----- c:\documents and settings\hernani\Contacts

    2009-03-22 18:30 720,896 a------- c:\windows\iun6002.exe

    2009-03-22 16:11 <DIR> --d----- c:\windows\pss

    2009-03-22 00:36 <DIR> --d----- c:\windows\system32\GroupPolicy

    2009-03-22 00:25 39 a------- C:\ntosboot.bat

    2009-03-21 13:58 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Everstrike Software

    2009-03-21 10:52 37,376 a------- c:\windows\system32\VbVfw.dll

    2009-03-21 10:40 721,168 a------- c:\windows\system32\VB40032.DLL

    2009-03-21 10:40 60,416 a------- c:\windows\ST4UNST.EXE

    2009-03-20 23:16 130,424 a------- c:\windows\system32\drivers\PCTCore.sys

    2009-03-20 22:54 <DIR> --d----- c:\arquivos de programas\ASUS

    2009-03-20 22:53 <DIR> --d----- c:\windows\AsDmiHtm

    2009-03-19 19:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Malwarebytes

    2009-03-19 19:08 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

    2009-03-19 13:22 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys

    2009-03-19 13:18 18,704 a----r-- c:\windows\system32\drivers\se59nd5.sys

    2009-03-19 13:18 4,128 a----r-- c:\windows\system32\drivers\se59cr.sys

    2009-03-19 13:18 90,800 a----r-- c:\windows\system32\drivers\se59unic.sys

    2009-03-19 13:18 88,624 a----r-- c:\windows\system32\drivers\se59mgmt.sys

    2009-03-19 13:18 86,432 a----r-- c:\windows\system32\drivers\se59obex.sys

    2009-03-19 13:18 97,088 a----r-- c:\windows\system32\drivers\se59mdm.sys

    2009-03-19 13:18 9,360 a----r-- c:\windows\system32\drivers\se59mdfl.sys

    2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cmnt.sys

    2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cm.sys

    2009-03-19 13:18 61,536 a----r-- c:\windows\system32\drivers\se59bus.sys

    2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59whnt.sys

    2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59wh.sys

    2009-03-19 12:55 54,156 a---h--- c:\windows\QTFont.qfn

    2009-03-19 12:55 1,409 a------- c:\windows\QTFont.for

    2009-03-19 11:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Teleca

    2009-03-19 11:12 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Sony Ericsson

    2009-03-19 11:07 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson

    2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Sony Ericsson Shared

    2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Teleca Shared

    2009-03-19 11:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Teleca

    2009-03-19 11:06 <DIR> --d----- c:\windows\Downloaded Installations

    2009-03-18 09:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\IObit

    2009-03-17 12:45 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\vsosdk

    2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\xing shared

    2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

    2009-03-17 10:51 87,608 a------- c:\docume~1\hernani\dadosd~1\inst.exe

    2009-03-17 10:51 47,360 a------- c:\windows\system32\drivers\pcouffin.sys

    2009-03-17 10:51 47,360 a------- c:\docume~1\hernani\dadosd~1\pcouffin.sys

    2009-03-17 10:51 217,127 a------- c:\windows\system32\drv43260.dll

    2009-03-17 10:51 208,935 a------- c:\windows\system32\drv33260.dll

    2009-03-17 10:51 102,439 a------- c:\windows\system32\sipr3260.dll

    2009-03-17 10:51 626,688 a------- c:\windows\system32\vp7vfw.dll

    2009-03-17 10:51 176,165 a------- c:\windows\system32\drv23260.dll

    2009-03-17 10:51 65,602 a------- c:\windows\system32\cook3260.dll

    2009-03-17 10:51 1,184,984 a------- c:\windows\system32\wvc1dmod.dll

    2009-03-17 10:51 <DIR> --d----- c:\arquivos de programas\VSO

    2009-03-16 23:25 410,984 a------- c:\windows\system32\deploytk.dll

    2009-03-16 23:25 73,728 a------- c:\windows\system32\javacpl.cpl

    2009-03-16 22:16 28,544 a------- c:\windows\system32\drivers\pavboot.sys

    2009-03-16 22:15 <DIR> --d----- c:\arquivos de programas\Panda Security

    2009-03-16 21:26 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

    2009-03-16 20:34 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll

    2009-03-16 20:34 467,984 a------- c:\windows\system32\d3dx10_39.dll

    2009-03-16 20:33 3,851,784 a------- c:\windows\system32\D3DX9_39.dll

    2009-03-16 20:33 2,414,360 a------- c:\windows\system32\d3dx9_31.dll

    2009-03-16 20:33 <DIR> --d----- c:\windows\Logs

    2009-03-16 20:33 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PassMark

    2009-03-16 20:05 <DIR> --d----- c:\arquivos de programas\LSI SoftModem

    2009-03-16 19:55 14,048 -------- c:\windows\system32\spmsg2.dll

    2009-03-16 19:47 <DIR> --d----- c:\windows\system32\XPSViewer

    2009-03-16 19:46 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll

    2009-03-16 19:46 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe

    2009-03-16 19:46 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll

    2009-03-16 19:46 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll

    2009-03-16 19:46 1,676,288 -------- c:\windows\system32\xpssvcs.dll

    2009-03-16 19:46 575,488 -------- c:\windows\system32\xpsshhdr.dll

    2009-03-16 19:46 117,760 -------- c:\windows\system32\prntvpt.dll

    2009-03-16 19:33 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll

    2009-03-16 19:33 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll

    2009-03-16 19:33 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe

    2009-03-16 19:33 1,024,000 -c------ c:\windows\system32\dllcache\ieframe.dll.mui

    2009-03-16 19:33 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll

    2009-03-16 19:33 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat

    2009-03-16 19:33 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll

    2009-03-16 19:33 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

    2009-03-16 19:33 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll

    2009-03-16 19:17 2,070,272 ac------ c:\windows\system32\dllcache\ntkrnlpa.exe

    2009-03-16 19:17 2,193,408 ac------ c:\windows\system32\dllcache\ntoskrnl.exe

    2009-03-16 19:16 172,032 ac------ c:\windows\system32\dllcache\scrrun.dll

    2009-03-16 19:16 172,032 a------- c:\windows\system32\scrrun.dll

    2009-03-16 18:51 <DIR> --d----- c:\windows\l2schemas

    2009-03-16 18:51 <DIR> --d----- c:\windows\system32\bits

    2009-03-16 18:48 <DIR> --d----- c:\windows\ServicePackFiles

    2009-03-16 18:46 <DIR> --d----- c:\windows\network diagnostic

    2009-03-16 18:31 1,309,184 ac------ c:\windows\system32\dllcache\mtlstrm.sys

    2009-03-16 18:30 104,960 ac------ c:\windows\system32\dllcache\atinrvxx.sys

    2009-03-16 18:14 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint

    2009-03-16 18:12 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

    2009-03-16 18:01 <DIR> --d----- c:\windows\system32\PreInstall

    2009-03-16 17:58 31,768 a------- c:\windows\system32\wucltui.dll.mui

    2009-03-16 17:58 18,968 a------- c:\windows\system32\wuaueng.dll.mui

    2009-03-16 17:58 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui

    2009-03-16 17:58 27,672 a------- c:\windows\system32\wuapi.dll.mui

    2009-03-16 17:58 <DIR> --d----- c:\windows\system32\SoftwareDistribution

    2009-03-16 17:08 32,592 a------- c:\windows\system32\msonpmon.dll

    2009-03-16 17:00 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

    2009-03-16 16:32 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Desktopicon

    2009-03-16 15:53 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint 5.2

    2009-03-16 14:52 <DIR> --d----- c:\windows\LastGood(2)

    2009-03-16 12:14 81,408 a------- c:\windows\system32\devcon_x64.exe

    2009-03-16 12:14 55,808 a------- c:\windows\system32\devcon.exe

    2009-03-15 23:20 <DIR> --d----- c:\arquivos de programas\uTorrent

    2009-03-15 23:20 <DIR> --d----- c:\docume~1\hernani\dadosd~1\uTorrent

    2009-03-15 18:11 211 a--sh--- C:\BOOT.BKK

    2009-03-15 15:07 <DIR> --d----- c:\windows\system32\NtmsData

    2009-03-15 15:06 <DIR> --d----- c:\windows\system32\pt-br

    2009-03-15 14:43 <DIR> --d----- c:\windows\$hf_mig$

    2009-03-15 14:32 268 a---h--- C:\sqmdata05.sqm

    2009-03-15 14:32 244 a---h--- C:\sqmnoopt05.sqm

    2009-03-15 14:26 <DIR> --d----- c:\docume~1\hernani\dadosd~1\GlarySoft

    2009-03-15 14:20 268 a---h--- C:\sqmdata04.sqm

    2009-03-15 14:20 244 a---h--- C:\sqmnoopt04.sqm

    2009-03-15 13:53 268 a---h--- C:\sqmdata03.sqm

    2009-03-15 13:53 244 a---h--- C:\sqmnoopt03.sqm

    2009-03-15 13:52 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Tools

    2009-03-15 13:49 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys

    2009-03-15 13:49 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys

    2009-03-15 13:49 97,408 a------- c:\windows\system32\drivers\pctfw.sys

    2009-03-15 13:49 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PC Tools

    2009-03-15 13:49 95,640 a------- c:\windows\system32\drivers\pctplfw.sys

    2009-03-15 13:42 <DIR> --d----- c:\docume~1\hernani\dadosd~1\SUPERAntiSpyware.com

    2009-03-15 13:42 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SUPERAntiSpyware.com

    2009-03-15 13:40 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PCToolsFirewallPlus

    2009-03-15 11:05 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Drivers HeadQuarters

    2009-03-15 06:57 421,888 a------- c:\windows\system32\ac3filter.acm

    2009-03-15 06:55 69 a------- c:\windows\NeroDigital.ini

    2009-03-14 23:45 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

    2009-03-14 23:44 <DIR> --d----- c:\windows\system32\LogFiles

    2009-03-14 23:44 26,488 a------- c:\windows\system32\spupdsvc.exe

    2009-03-14 21:58 421 a------- c:\windows\ODBC.INI

    2009-03-14 21:57 <DIR> --d----- c:\windows\ShellNew

    2009-03-14 21:44 <DIR> --d-hr-- c:\documents and settings\hernani\Dados de aplicativos

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Modelos

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Configurações locais

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de rede

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de impressão

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Meus documentos

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Menu Iniciar

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Favoritos

    2009-03-14 21:44 <DIR> --d----- c:\documents and settings\Hernani

    2009-03-14 21:43 <DIR> --d----- c:\windows\system32\Microsoft

    2009-03-14 21:41 28,288 ac------ c:\windows\system32\dllcache\xjis.nls

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winzm.ime

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winsp.ime

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winpy.ime

    2009-03-14 21:41 79,360 ac------ c:\windows\system32\dllcache\winar30.ime

    2009-03-14 21:41 72,704 ac------ c:\windows\system32\dllcache\wingb.ime

    2009-03-14 21:41 65,536 ac------ c:\windows\system32\dllcache\winime.ime

    2009-03-14 21:41 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll

    2009-03-14 21:41 31,488 ac------ c:\windows\system32\dllcache\weitekp9.sys

    2009-03-14 21:41 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll

    2009-03-14 21:41 5,632 ac------ c:\windows\system32\dllcache\w3svapi.dll

    2009-03-14 21:39 108,827 ac------ c:\windows\system32\dllcache\hanja.lex

    2009-03-14 21:38 <DIR> --dsh--- c:\documents and settings\all users\DRM

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\Serviços on-line

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Messenger

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Windows NT

    2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

    2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

    2009-03-14 18:06 <DIR> --d-h--- c:\documents and settings\all users\Modelos

    2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

    2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Documentos

    2009-03-14 18:06 <DIR> --d----- c:\documents and settings\all users\Favoritos

    2009-03-14 18:04 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

    2009-03-14 13:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

    2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\Nero

    2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

    2009-03-14 13:07 <DIR> --d----- c:\arquivos de programas\Realtek

    2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\VIA

    2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

    2009-03-14 12:50 <DIR> --d----- c:\arquivos de programas\MSN Messenger

    ==================== Find3M ====================

    2009-03-26 21:08 33,808 a------- c:\windows\system32\drivers\klbg.sys

    2009-03-23 23:44 471,376 a------- c:\windows\system32\perfh016.dat

    2009-03-23 23:44 80,198 a------- c:\windows\system32\perfc016.dat

    2009-03-21 20:20 107 ---sh--- c:\arquivos de programas\Desktop.ini

    2009-03-17 12:05 348,160 a------- c:\windows\system32\msvcr71.dll

    2009-03-17 12:05 499,712 a------- c:\windows\system32\msvcp71.dll

    2009-03-14 22:14 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

    2009-03-14 21:36 21,844 a------- c:\windows\system32\emptyregdb.dat

    2009-03-10 22:18 265,096 -------- c:\windows\system32\SETC.tmp

    2009-02-09 15:56 67,584 a------- c:\windows\system32\ff_vfw.dll

    2009-02-09 11:06 1,846,912 a------- c:\windows\system32\win32k.sys

    2009-01-07 15:14 60,273 a------- c:\windows\system32\pthreadGC2.dll

    ============= FINISH: 0:43:02,20 ===============

    GMER 1.0.15.14944 - http://www.gmer.net

    Rootkit scan 2009-03-27 07:32:12

    Windows 5.1.2600 Service Pack 3

    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwAdjustPrivilegesToken [0xAA57C1DA]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwAllocateVirtualMemory [0xA9E73B94]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwAssignProcessToJobObject [0xA9E73586]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwClose [0xAA57C7AE]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwConnectPort [0xA9E735DA]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateFile [0xA9E73640]

    SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateKey [0xF8374506]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateProcess [0xA9E7372E]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateProcessEx [0xA9E737BA]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xAA57FB7C]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateThread [0xA9E7384A]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDebugActiveProcess [0xA9E73980]

    SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteKey [0xF8374CC8]

    SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteValueKey [0xF8374F88]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeviceIoControlFile [0xAA57DEAC]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDuplicateObject [0xA9E739D4]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateKey [0xAA57C0A8]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateValueKey [0xAA57C110]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwFsControlFile [0xAA57DD5E]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwLoadDriver [0xA9E73A3A]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenFile [0xAA57D9F8]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenKey [0xA9E73A8C]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenProcess [0xAA57C3B2]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenSection [0xA9E73AE4]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenThread [0xA9E73B3C]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwProtectVirtualMemory [0xA9E73BFA]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryKey [0xAA57C178]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryMultipleValueKey [0xAA57BE7C]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryValueKey [0xAA57BC5A]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueueApcThread [0xAA57F888]

    SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwRenameKey [0xF83753EC]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwReplaceKey [0xAA57B5D2]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRequestWaitReplyPort [0xAA57EA74]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRestoreKey [0xAA57B734]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwResumeThread [0xA9E73CB6]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSaveKey [0xAA57B3D0]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSecureConnectPort [0xA9E73D74]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetContextThread [0xAA57C6AC]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSecurityObject [0xAA57F71A]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSystemInformation [0xAA57FBD0]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSetValueKey [0xA9E73D08]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSuspendProcess [0xA9E73DDE]

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSuspendThread [0xAA57FDE0]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSystemDebugControl [0xA9E73E30]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwTerminateProcess [0xA9E73E90]

    SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwWriteVirtualMemory [0xA9E73EF4]

    Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) FsRtlCheckLockForReadAccess

    Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) IoIsOperationSynchronous

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP AA593626 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)

    .text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP AA5939E0 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)

    .text ntkrnlpa.exe!ZwCallbackReturn + 2CC8 80504564 6 Bytes [88, 4F, 37, F8, AC, DE]

    .text ntkrnlpa.exe!ZwCallbackReturn + 2D14 805045B0 2 Bytes [5E, DD]

    .text ntkrnlpa.exe!ZwCallbackReturn + 2D94 80504630 2 Bytes [F8, D9]

    .text ntkrnlpa.exe!ZwCallbackReturn + 2EE4 80504780 4 Bytes JMP 83D8AA57

    .text ntkrnlpa.exe!ZwCallbackReturn + 2FB8 80504854 12 Bytes [DE, 3D, E7, A9, E0, FD, 57, ...] {FIDIVR WORD [0xfde0a9e7]; PUSH EDI; STOSB ; XOR [ESI], BH; OUT 0xa9, EAX}

    ? C:\WINDOWS\system32\Drivers\mchInjDrv.sys O sistema não pode encontrar o arquivo especificado. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\WINDOWS\system32\csrss.exe[772] KERNEL32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 01270001

    .text C:\WINDOWS\system32\winlogon.exe[796] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 015D0001

    .text C:\WINDOWS\system32\services.exe[840] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00FF0001

    .text C:\WINDOWS\system32\lsass.exe[852] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00CF0001

    .text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00E00001

    .text ...

    .text C:\WINDOWS\system32\wscntfy.exe[1388] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    .text C:\WINDOWS\system32\spoolsv.exe[1416] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00EA0001

    .text C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe[1460] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00900001

    ? D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[1472] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[1472] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }

    .text C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe[1504] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 005C0001

    .text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1528] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 01F70001

    .text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe[1560] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00950001

    .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[1576] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00790001

    .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[1576] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FWService.exe[1596] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 04820001

    .text C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe[1728] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 010B0001

    .text C:\WINDOWS\System32\alg.exe[2252] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00710001

    .text C:\WINDOWS\System32\alg.exe[2252] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    .text C:\WINDOWS\Explorer.EXE[2552] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00D90001

    .text C:\WINDOWS\Explorer.EXE[2552] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FirewallGUI.exe[2708] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00DE0001

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\PC Tools Firewall Plus\PC Tools Firewall Plus\FirewallGUI.exe[2708] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    .text C:\WINDOWS\system32\svchost.exe[2888] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00690001

    .text C:\WINDOWS\system32\svchost.exe[2888] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    ? D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00B40001

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!ChangeDisplaySettingsExA 7E37384E 6 Bytes JMP 5F15001E

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetForegroundWindow 7E3742ED 6 Bytes JMP 5F0E001E

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetWindowsHookExW 7E37820F 6 Bytes JMP 5F0B001E

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetWindowPos 7E3799F3 3 Bytes [FF, 25, 1E]

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetWindowPos + 4 7E3799F7 2 Bytes [12, 5F]

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!SetWindowsHookExA 7E381211 6 Bytes JMP 5F05001E

    .text D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\KAV2009\avp.exe[2996] USER32.dll!ChangeDisplaySettingsExW 7E3A95BD 6 Bytes JMP 5F18001E

    .text C:\WINDOWS\system32\ctfmon.exe[3036] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00B00001

    .text C:\WINDOWS\system32\ctfmon.exe[3036] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    .text D:\ARQUIVOS DE PROGRAMAS\Limpadores\Trash it!\Trash it Scheduler.exe[3044] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00F20001

    .text D:\ARQUIVOS DE PROGRAMAS\Limpadores\Trash it!\Trash it Scheduler.exe[3044] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    .text D:\DOWNLOADS\gmer\gmer.exe[3316] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes CALL 7170003D

    ---- Kernel IAT/EAT - GMER 1.0.15 ----

    IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [F7D8C530] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

    IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [F7D8C530] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs LF30XP.sys

    Device \FileSystem\Mup \Dfs LF30XP.sys

    Device \FileSystem\InCDfs \InCDFsDisk LF30XP.sys

    AttachedDevice \Driver\Tcpip \Device\Ip pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

    AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

    Device \Driver\AgereSoftModem \Device\AgereModem5 LF30XP.sys

    Device \Driver\Serial \Device\Serial0 LF30XP.sys

    Device \FileSystem\RAW \Device\RawTape LF30XP.sys

    Device \Driver\rdpdr \Device\RdpDrPort LF30XP.sys

    AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

    AttachedDevice \Driver\Tcpip \Device\Tcp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

    Device \Driver\Parport \Device\ParallelPort0 LF30XP.sys

    Device \Driver\ParVdm \Device\ParallelVdm0 LF30XP.sys

    Device \Driver\rdpdr \Device\RdpDr LF30XP.sys

    Device \FileSystem\Rdbss \Device\FsWrap LF30XP.sys

    Device \Driver\Parport \Device\Parallel0 LF30XP.sys

    Device \FileSystem\InCDfs \Device\InCDfsComm LF30XP.sys

    Device \FileSystem\Mup \Device\Mup LF30XP.sys

    AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

    AttachedDevice \Driver\Tcpip \Device\Udp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

    AttachedDevice \Driver\Tcpip \Device\RawIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

    AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

    Device \FileSystem\RAW \Device\RawDisk LF30XP.sys

    Device \Driver\Ptilink \Device\ParTechInc0 LF30XP.sys

    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver LF30XP.sys

    Device \FileSystem\MRxSmb \Device\LanmanRedirector LF30XP.sys

    Device \FileSystem\Npfs \Device\NamedPipe LF30XP.sys

    Device \FileSystem\Msfs \Device\Mailslot LF30XP.sys

    Device \Driver\AFD \Device\Afd LF30XP.sys

    Device \FileSystem\RAW \Device\RawCdRom LF30XP.sys

    Device \Driver\AgereSoftModem \Device\AGRSM_xface LF30XP.sys

    Device \FileSystem\Mup \Device\WinDfs\Root LF30XP.sys

    Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer LF30XP.sys

    Device \FileSystem\KLIF \FileSystem\Filters\KLIF LF30XP.sys

    Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer LF30XP.sys

    Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer LF30XP.sys

    Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer LF30XP.sys

    Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer LF30XP.sys

    Device \FileSystem\InCDfs \GLOBAL??\BsUDF LF30XP.sys

    Device \FileSystem\Cdfs \Cdfs LF30XP.sys

    ---- Files - GMER 1.0.15 ----

    File D:\DOWNLOADS\Filmes Convertidos\big bubble butt brazilian orgy 7.avi -638082366 bytes

    File D:\DOWNLOADS\BB 0 bytes

    File D:\DOWNLOADS\BB\01.wmv 34124574 bytes

    File D:\DOWNLOADS\BB\02.wmv 38660794 bytes

    File D:\DOWNLOADS\BB\03.wmv 42908968 bytes

    File D:\DOWNLOADS\BB\04.wmv 42300944 bytes

    File D:\DOWNLOADS\BB\05.wmv 51453328 bytes

    File D:\DOWNLOADS\BB\06.wmv 42956974 bytes

    File D:\DOWNLOADS\BB\07.wmv 38412782 bytes

    File D:\DOWNLOADS\BB\08.wmv 41204902 bytes

    File D:\DOWNLOADS\BB\syl_02-joined.wmv 331251644 bytes

    File D:\DOWNLOADS\BB\Thumbs.db 49152 bytes

    ---- EOF - GMER 1.0.15 ----

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Olá

    Seu log não apresenta sinais de malwares.

    Baixe o ATF-Cleaner.

    • Clique em ATF-Cleaner.exe .
    • Em "Select Files To Delete", marque Select All.
    • Clique em Empty Selected.
    • Na janela Done Cleaning dê o OK e Exit.

    Atenção: Se utiliza o Firefox:

    • No topo clique em Firefox e escolha: Select All
    • Depois, clique em Empty Selected.

    Atenção: Se utiliza o Opera:

    • No topo clique em Opera e escolha: Select All
    • Depois, clique em Empty Selected.

    Temporariamente desactive o seu anti-virus!

    Faça um Online Scan em Eset Online Scanner

    • Nota: Apenas compatível com o Internet Explorer
    • Marque a caixa "SIM, aceito as condições de uso"
    • Clique no botão "Iniciar"
    • Marque a caixa "YES, I accept the Terms of Use".
    • Clique no botão Start.
    • Quando perguntado, aceite a licença e instale o contolor ActiveX.
    • Certifique-se que a opção "Remove found threats" não está marcada e a opção "Scan unwanted applications" está marcada.
    • Na sua próxima resposta, gere e cole um novo log do DDS e o resultado do scan (C:\Program Files\EsetOnlineScanner\log.txt)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Obrigado pela rapidez das respostas... Muito Bom!!!!

    Segue abaixo os logs solicitados:

    DDS (Ver_09-03-16.01) - NTFSx86

    Run by Hernani at 11:53:53,50 on s*b 28/03/2009

    Internet Explorer: 7.0.5730.13

    Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.507.197 [GMT -3:00]

    AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)

    FW: Kaspersky Internet Security *disabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch

    svchost.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\spoolsv.exe

    C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe

    C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

    C:\Arquivos de programas\Java\jre6\bin\jqs.exe

    C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

    C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

    D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\SpyEmergency\Spy Emergency 2008\SpyEmergencySrv.exe

    C:\WINDOWS\system32\wbem\wmiapsrv.exe

    C:\WINDOWS\Explorer.EXE

    svchost.exe

    C:\WINDOWS\system32\ctfmon.exe

    D:\ARQUIVOS DE PROGRAMAS\NetVirtua.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    C:\WINDOWS\system32\wscntfy.exe

    C:\Arquivos de programas\Internet Explorer\iexplore.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    C:\WINDOWS\system32\NOTEPAD.EXE

    D:\DOWNLOADS\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com.br/

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ievkbd.dll

    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [spyEmergency] "d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergency.exe"

    mRun: [AVP] "d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe"

    mPolicies-system: HideFastUserSwitching = 0 (0x0)

    IE: "Adicionar ao Bloqueador de banner de anúncio" - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ie_banner_deny.htm

    IE: E&xport to Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000

    IE: E&xportar para o Microsoft Excel

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

    IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\SCIEPlgn.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~2\office12\ONBttnIE.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL

    DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

    DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237237095484

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~2\office12\GR99D3~1.DLL

    Notify: igfxcui - igfxdev.dll

    Notify: klogon - c:\windows\system32\klogon.dll

    AppInit_DLLs: d:\arquiv~1\segura~1\kis800~1.506\mzvkbd.dll,d:\arquiv~1\segura~1\kis800~1.506\mzvkbd3.dll,d:\arquiv~1\segura~1\kis800~1.506\adialhk.dll,d:\arquiv~1\segura~1\kis800~1.506\kloehk.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\hernani\dadosd~1\mozilla\firefox\profiles\twmmii6j.default\

    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/ig?hl=pt-BR&source=iglk

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nppl3260.dll

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprjplug.dll

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprpjplug.dll

    ---- FIREFOX POLICIES ----

    d:\arquivos de programas\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

    ============= SERVICES / DRIVERS ===============

    R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-16 28544]

    R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-27 226832]

    R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [2009-3-27 12344]

    R2 AVP;Kaspersky Internet Security;d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe [2008-11-11 206088]

    R2 LF30FS;LF30FS;d:\arquivos de programas\segurança\lockfolder\LF30XP.sys [2004-11-19 101488]

    R2 SpyEmrgSrv;Spy Emergency Engine Service;d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergencySrv.exe [2009-3-27 694840]

    R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]

    R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [2009-3-27 14392]

    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-14 222976]

    S3 pctplsg;pctplsg; [x]

    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]

    S3 TfNetMon;TfNetMon; [x]

    S4 a2free;a-squared Free Service;d:\arquivos de programas\segurança\a-squared free\a2service.exe [2009-3-7 425080]

    =============== Created Last 30 ================

    2009-03-28 11:09 <DIR> --d----- c:\arquivos de programas\EsetOnlineScanner

    2009-03-28 09:49 218 a------- c:\windows\sremcon_winlogon.dat

    2009-03-28 09:49 181 a------- c:\windows\sremcon_startup.dat

    2009-03-27 22:12 3,840 a------- c:\windows\sremcon_drivers.dat

    2009-03-27 22:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Se Analyzer Tool SA

    2009-03-27 21:59 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Spy Emergency

    2009-03-27 21:59 23,096 a------- c:\windows\system32\sremcon.exe

    2009-03-27 21:59 14,392 a------- c:\windows\system32\drivers\spyemrg_guard.sys

    2009-03-27 21:59 12,344 a------- c:\windows\system32\drivers\spyemrg.sys

    2009-03-27 21:59 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\NETGATE

    2009-03-27 21:21 101,287 a------- c:\windows\system32\drivers\klin.dat

    2009-03-27 21:21 89,601 a------- c:\windows\system32\drivers\klick.dat

    2009-03-27 21:20 1,964,064 a--sh--- c:\windows\system32\drivers\fidbox.dat

    2009-03-27 21:20 311,328 a--sh--- c:\windows\system32\drivers\fidbox2.dat

    2009-03-27 21:20 17,472 a--sh--- c:\windows\system32\drivers\fidbox.idx

    2009-03-27 21:20 3,192 a--sh--- c:\windows\system32\drivers\fidbox2.idx

    2009-03-27 21:20 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab

    2009-03-27 18:48 691,712 a------- c:\windows\is-CP01N.exe

    2009-03-27 18:48 11,868 a------- c:\windows\is-CP01N.msg

    2009-03-27 18:48 267 a------- c:\windows\is-CP01N.lst

    2009-03-27 17:50 <DIR> --d----- c:\windows\PIF

    2009-03-27 16:14 268 a------- c:\windows\is-UL41U.lst

    2009-03-27 16:14 691,712 a------- c:\windows\is-UL41U.exe

    2009-03-27 16:14 11,868 a------- c:\windows\is-UL41U.msg

    2009-03-26 22:14 691,712 a------- c:\windows\is-HUAAE.exe

    2009-03-26 22:14 11,868 a------- c:\windows\is-HUAAE.msg

    2009-03-26 22:14 268 a------- c:\windows\is-HUAAE.lst

    2009-03-26 22:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PC Tools

    2009-03-26 21:26 189,102 a------- C:\1current.trs

    2009-03-26 21:22 24,364,032 a------- C:\current.trs

    2009-03-26 20:22 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files

    2009-03-26 18:32 <DIR> --d----- c:\windows\LastGood.Tmp

    2009-03-25 16:45 5,632 ac------ c:\windows\system32\dllcache\kbdheb.dll

    2009-03-25 16:41 18,688 ac------ c:\windows\system32\dllcache\irsir.sys

    2009-03-25 16:40 28,672 ac------ c:\windows\system32\dllcache\irmon.dll

    2009-03-25 16:25 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll

    2009-03-25 16:19 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll

    2009-03-25 16:12 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll

    2009-03-25 16:08 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys

    2009-03-25 13:22 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll

    2009-03-25 13:22 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll

    2009-03-25 13:22 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll

    2009-03-25 13:22 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe

    2009-03-25 13:22 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe

    2009-03-25 13:22 99,865 ac------ c:\windows\system32\dllcache\xlog.exe

    2009-03-25 13:22 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys

    2009-03-25 13:22 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys

    2009-03-25 13:22 19,200 ac------ c:\windows\system32\dllcache\wstcodec.sys

    2009-03-25 13:22 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys

    2009-03-25 13:22 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll

    2009-03-25 13:20 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

    2009-03-25 13:19 17,024 ac------ c:\windows\system32\dllcache\stcusb.sys

    2009-03-25 13:18 161,632 ac------ c:\windows\system32\dllcache\sgsmusb.sys

    2009-03-25 13:17 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys

    2009-03-25 13:16 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe

    2009-03-25 13:15 5,504 ac------ c:\windows\system32\dllcache\mstee.sys

    2009-03-25 13:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys

    2009-03-25 13:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys

    2009-03-25 13:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys

    2009-03-25 13:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys

    2009-03-25 13:14 35,200 ac------ c:\windows\system32\dllcache\msgame.sys

    2009-03-25 13:14 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys

    2009-03-25 13:14 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax

    2009-03-25 13:14 51,200 ac------ c:\windows\system32\dllcache\msdv.sys

    2009-03-25 13:14 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys

    2009-03-25 13:14 15,232 ac------ c:\windows\system32\dllcache\mpe.sys

    2009-03-25 13:14 12,288 ac------ c:\windows\system32\dllcache\mouhid.sys

    2009-03-25 13:14 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys

    2009-03-25 13:12 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys

    2009-03-25 13:11 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll

    2009-03-25 13:10 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll

    2009-03-25 13:09 907,904 ac------ c:\windows\system32\dllcache\hcf_msft.sys

    2009-03-25 13:08 347,966 ac------ c:\windows\system32\dllcache\es56tpi.sys

    2009-03-25 13:07 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys

    2009-03-25 13:06 28,672 ac------ c:\windows\system32\dllcache\cyycoins.dll

    2009-03-25 13:05 13,952 ac------ c:\windows\system32\dllcache\cmbatt.sys

    2009-03-25 13:04 14,080 ac------ c:\windows\system32\dllcache\bulltlp3.sys

    2009-03-25 13:03 96,128 ac------ c:\windows\system32\dllcache\ati.dll

    2009-03-25 13:02 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll

    2009-03-25 11:31 8 a------- c:\windows\scanreg.ini

    2009-03-25 11:04 <DIR> --d----- c:\windows\MindSoft Utilities 2009 for Windows XP

    2009-03-24 11:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SWF Studio

    2009-03-24 11:02 <DIR> --d----- c:\docume~1\hernani\dadosd~1\KeePass

    2009-03-24 11:01 <DIR> --d-h--- C:\89a93d7abf118d1e5a5d

    2009-03-24 11:01 <DIR> --d-h--- C:\4fce31b89cfde0a00e4386baa9baec6d

    2009-03-24 11:01 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\IconTweaker

    2009-03-23 21:31 147,456 a------- c:\windows\system32\igfxCoIn_v5009.dll

    2009-03-23 21:16 53,248 a------- c:\windows\system32\CSVer.dll

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH3

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH2

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH1

    2009-03-22 23:53 <DIR> --d----- c:\documents and settings\hernani\Contacts

    2009-03-22 18:30 720,896 a------- c:\windows\iun6002.exe

    2009-03-22 16:11 <DIR> --d----- c:\windows\pss

    2009-03-22 00:36 <DIR> --d----- c:\windows\system32\GroupPolicy

    2009-03-22 00:25 39 a------- C:\ntosboot.bat

    2009-03-21 13:58 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Everstrike Software

    2009-03-21 10:52 37,376 a------- c:\windows\system32\VbVfw.dll

    2009-03-21 10:40 721,168 a------- c:\windows\system32\VB40032.DLL

    2009-03-21 10:40 60,416 a------- c:\windows\ST4UNST.EXE

    2009-03-20 22:54 <DIR> --d----- c:\arquivos de programas\ASUS

    2009-03-20 22:53 <DIR> --d----- c:\windows\AsDmiHtm

    2009-03-19 19:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Malwarebytes

    2009-03-19 19:08 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

    2009-03-19 13:22 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys

    2009-03-19 13:18 18,704 a----r-- c:\windows\system32\drivers\se59nd5.sys

    2009-03-19 13:18 4,128 a----r-- c:\windows\system32\drivers\se59cr.sys

    2009-03-19 13:18 90,800 a----r-- c:\windows\system32\drivers\se59unic.sys

    2009-03-19 13:18 88,624 a----r-- c:\windows\system32\drivers\se59mgmt.sys

    2009-03-19 13:18 86,432 a----r-- c:\windows\system32\drivers\se59obex.sys

    2009-03-19 13:18 97,088 a----r-- c:\windows\system32\drivers\se59mdm.sys

    2009-03-19 13:18 9,360 a----r-- c:\windows\system32\drivers\se59mdfl.sys

    2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cmnt.sys

    2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cm.sys

    2009-03-19 13:18 61,536 a----r-- c:\windows\system32\drivers\se59bus.sys

    2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59whnt.sys

    2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59wh.sys

    2009-03-19 12:55 54,156 a---h--- c:\windows\QTFont.qfn

    2009-03-19 12:55 1,409 a------- c:\windows\QTFont.for

    2009-03-19 11:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Teleca

    2009-03-19 11:12 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Sony Ericsson

    2009-03-19 11:07 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson

    2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Sony Ericsson Shared

    2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Teleca Shared

    2009-03-19 11:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Teleca

    2009-03-19 11:06 <DIR> --d----- c:\windows\Downloaded Installations

    2009-03-18 09:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\IObit

    2009-03-17 12:45 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\vsosdk

    2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\xing shared

    2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

    2009-03-17 10:51 87,608 a------- c:\docume~1\hernani\dadosd~1\inst.exe

    2009-03-17 10:51 47,360 a------- c:\windows\system32\drivers\pcouffin.sys

    2009-03-17 10:51 47,360 a------- c:\docume~1\hernani\dadosd~1\pcouffin.sys

    2009-03-17 10:51 217,127 a------- c:\windows\system32\drv43260.dll

    2009-03-17 10:51 208,935 a------- c:\windows\system32\drv33260.dll

    2009-03-17 10:51 102,439 a------- c:\windows\system32\sipr3260.dll

    2009-03-17 10:51 626,688 a------- c:\windows\system32\vp7vfw.dll

    2009-03-17 10:51 176,165 a------- c:\windows\system32\drv23260.dll

    2009-03-17 10:51 65,602 a------- c:\windows\system32\cook3260.dll

    2009-03-17 10:51 1,184,984 a------- c:\windows\system32\wvc1dmod.dll

    2009-03-17 10:51 <DIR> --d----- c:\arquivos de programas\VSO

    2009-03-16 23:25 410,984 a------- c:\windows\system32\deploytk.dll

    2009-03-16 23:25 73,728 a------- c:\windows\system32\javacpl.cpl

    2009-03-16 22:16 28,544 a------- c:\windows\system32\drivers\pavboot.sys

    2009-03-16 22:15 <DIR> --d----- c:\arquivos de programas\Panda Security

    2009-03-16 21:26 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

    2009-03-16 20:34 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll

    2009-03-16 20:34 467,984 a------- c:\windows\system32\d3dx10_39.dll

    2009-03-16 20:33 3,851,784 a------- c:\windows\system32\D3DX9_39.dll

    2009-03-16 20:33 2,414,360 a------- c:\windows\system32\d3dx9_31.dll

    2009-03-16 20:33 <DIR> --d----- c:\windows\Logs

    2009-03-16 20:33 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PassMark

    2009-03-16 20:05 <DIR> --d----- c:\arquivos de programas\LSI SoftModem

    2009-03-16 19:55 14,048 -------- c:\windows\system32\spmsg2.dll

    2009-03-16 19:47 <DIR> --d----- c:\windows\system32\XPSViewer

    2009-03-16 19:46 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll

    2009-03-16 19:46 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe

    2009-03-16 19:46 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll

    2009-03-16 19:46 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll

    2009-03-16 19:46 1,676,288 -------- c:\windows\system32\xpssvcs.dll

    2009-03-16 19:46 575,488 -------- c:\windows\system32\xpsshhdr.dll

    2009-03-16 19:46 117,760 -------- c:\windows\system32\prntvpt.dll

    2009-03-16 19:33 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll

    2009-03-16 19:33 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll

    2009-03-16 19:33 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe

    2009-03-16 19:33 1,024,000 -c------ c:\windows\system32\dllcache\ieframe.dll.mui

    2009-03-16 19:33 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll

    2009-03-16 19:33 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat

    2009-03-16 19:33 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll

    2009-03-16 19:33 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

    2009-03-16 19:33 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll

    2009-03-16 19:17 2,070,272 ac------ c:\windows\system32\dllcache\ntkrnlpa.exe

    2009-03-16 19:17 2,193,408 ac------ c:\windows\system32\dllcache\ntoskrnl.exe

    2009-03-16 19:16 172,032 ac------ c:\windows\system32\dllcache\scrrun.dll

    2009-03-16 19:16 172,032 a------- c:\windows\system32\scrrun.dll

    2009-03-16 18:51 <DIR> --d----- c:\windows\l2schemas

    2009-03-16 18:51 <DIR> --d----- c:\windows\system32\bits

    2009-03-16 18:48 <DIR> --d----- c:\windows\ServicePackFiles

    2009-03-16 18:46 <DIR> --d----- c:\windows\network diagnostic

    2009-03-16 18:31 1,309,184 ac------ c:\windows\system32\dllcache\mtlstrm.sys

    2009-03-16 18:30 104,960 ac------ c:\windows\system32\dllcache\atinrvxx.sys

    2009-03-16 18:14 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint

    2009-03-16 18:12 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

    2009-03-16 18:01 <DIR> --d----- c:\windows\system32\PreInstall

    2009-03-16 17:58 31,768 a------- c:\windows\system32\wucltui.dll.mui

    2009-03-16 17:58 18,968 a------- c:\windows\system32\wuaueng.dll.mui

    2009-03-16 17:58 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui

    2009-03-16 17:58 27,672 a------- c:\windows\system32\wuapi.dll.mui

    2009-03-16 17:58 <DIR> --d----- c:\windows\system32\SoftwareDistribution

    2009-03-16 17:08 32,592 a------- c:\windows\system32\msonpmon.dll

    2009-03-16 17:00 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

    2009-03-16 16:32 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Desktopicon

    2009-03-16 15:53 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint 5.2

    2009-03-16 14:52 <DIR> --d----- c:\windows\LastGood(2)

    2009-03-16 12:14 81,408 a------- c:\windows\system32\devcon_x64.exe

    2009-03-16 12:14 55,808 a------- c:\windows\system32\devcon.exe

    2009-03-15 23:20 <DIR> --d----- c:\arquivos de programas\uTorrent

    2009-03-15 23:20 <DIR> --d----- c:\docume~1\hernani\dadosd~1\uTorrent

    2009-03-15 18:11 211 a--sh--- C:\BOOT.BKK

    2009-03-15 15:07 <DIR> --d----- c:\windows\system32\NtmsData

    2009-03-15 15:06 <DIR> --d----- c:\windows\system32\pt-br

    2009-03-15 14:43 <DIR> --d----- c:\windows\$hf_mig$

    2009-03-15 14:32 268 a---h--- C:\sqmdata05.sqm

    2009-03-15 14:32 244 a---h--- C:\sqmnoopt05.sqm

    2009-03-15 14:26 <DIR> --d----- c:\docume~1\hernani\dadosd~1\GlarySoft

    2009-03-15 14:20 268 a---h--- C:\sqmdata04.sqm

    2009-03-15 14:20 244 a---h--- C:\sqmnoopt04.sqm

    2009-03-15 13:53 268 a---h--- C:\sqmdata03.sqm

    2009-03-15 13:53 244 a---h--- C:\sqmnoopt03.sqm

    2009-03-15 13:52 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Tools

    2009-03-15 13:49 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PC Tools

    2009-03-15 13:42 <DIR> --d----- c:\docume~1\hernani\dadosd~1\SUPERAntiSpyware.com

    2009-03-15 13:42 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SUPERAntiSpyware.com

    2009-03-15 13:40 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PCToolsFirewallPlus

    2009-03-15 11:05 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Drivers HeadQuarters

    2009-03-15 06:57 421,888 a------- c:\windows\system32\ac3filter.acm

    2009-03-15 06:55 69 a------- c:\windows\NeroDigital.ini

    2009-03-14 23:45 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

    2009-03-14 23:44 <DIR> --d----- c:\windows\system32\LogFiles

    2009-03-14 23:44 26,488 a------- c:\windows\system32\spupdsvc.exe

    2009-03-14 21:58 421 a------- c:\windows\ODBC.INI

    2009-03-14 21:57 <DIR> --d----- c:\windows\ShellNew

    2009-03-14 21:44 <DIR> --d-hr-- c:\documents and settings\hernani\Dados de aplicativos

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Modelos

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Configurações locais

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de rede

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de impressão

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Meus documentos

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Menu Iniciar

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Favoritos

    2009-03-14 21:44 <DIR> --d----- c:\documents and settings\Hernani

    2009-03-14 21:43 <DIR> --d----- c:\windows\system32\Microsoft

    2009-03-14 21:41 28,288 ac------ c:\windows\system32\dllcache\xjis.nls

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winzm.ime

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winsp.ime

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winpy.ime

    2009-03-14 21:41 79,360 ac------ c:\windows\system32\dllcache\winar30.ime

    2009-03-14 21:41 72,704 ac------ c:\windows\system32\dllcache\wingb.ime

    2009-03-14 21:41 65,536 ac------ c:\windows\system32\dllcache\winime.ime

    2009-03-14 21:41 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll

    2009-03-14 21:41 31,488 ac------ c:\windows\system32\dllcache\weitekp9.sys

    2009-03-14 21:41 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll

    2009-03-14 21:41 5,632 ac------ c:\windows\system32\dllcache\w3svapi.dll

    2009-03-14 21:39 108,827 ac------ c:\windows\system32\dllcache\hanja.lex

    2009-03-14 21:38 <DIR> --dsh--- c:\documents and settings\all users\DRM

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\Serviços on-line

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Messenger

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Windows NT

    2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

    2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

    2009-03-14 18:06 <DIR> --d-h--- c:\documents and settings\all users\Modelos

    2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

    2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Documentos

    2009-03-14 18:06 <DIR> --d----- c:\documents and settings\all users\Favoritos

    2009-03-14 18:04 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

    2009-03-14 13:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

    2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\Nero

    2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

    2009-03-14 13:07 <DIR> --d----- c:\arquivos de programas\Realtek

    2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\VIA

    2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

    2009-03-14 12:50 <DIR> --d----- c:\arquivos de programas\MSN Messenger

    ==================== Find3M ====================

    2009-03-27 21:34 33,808 a------- c:\windows\system32\drivers\klbg.sys

    2009-03-23 23:44 471,376 a------- c:\windows\system32\perfh016.dat

    2009-03-23 23:44 80,198 a------- c:\windows\system32\perfc016.dat

    2009-03-21 20:20 107 ---sh--- c:\arquivos de programas\Desktop.ini

    2009-03-17 12:05 348,160 a------- c:\windows\system32\msvcr71.dll

    2009-03-17 12:05 499,712 a------- c:\windows\system32\msvcp71.dll

    2009-03-14 22:14 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

    2009-03-14 21:36 21,844 a------- c:\windows\system32\emptyregdb.dat

    2009-02-09 15:56 67,584 a------- c:\windows\system32\ff_vfw.dll

    2009-02-09 11:06 1,846,912 a------- c:\windows\system32\win32k.sys

    2009-01-07 15:14 60,273 a------- c:\windows\system32\pthreadGC2.dll

    ============= FINISH: 11:54:43,68 ===============

    DDS (Ver_09-03-16.01) - NTFSx86

    Run by Hernani at 11:53:53,50 on s*b 28/03/2009

    Internet Explorer: 7.0.5730.13

    Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.507.197 [GMT -3:00]

    AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)

    FW: Kaspersky Internet Security *disabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch

    svchost.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\spoolsv.exe

    C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe

    C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

    C:\Arquivos de programas\Java\jre6\bin\jqs.exe

    C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

    C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

    D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\SpyEmergency\Spy Emergency 2008\SpyEmergencySrv.exe

    C:\WINDOWS\system32\wbem\wmiapsrv.exe

    C:\WINDOWS\Explorer.EXE

    svchost.exe

    C:\WINDOWS\system32\ctfmon.exe

    D:\ARQUIVOS DE PROGRAMAS\NetVirtua.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    C:\WINDOWS\system32\wscntfy.exe

    C:\Arquivos de programas\Internet Explorer\iexplore.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    C:\WINDOWS\system32\NOTEPAD.EXE

    D:\DOWNLOADS\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com.br/

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ievkbd.dll

    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [spyEmergency] "d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergency.exe"

    mRun: [AVP] "d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe"

    mPolicies-system: HideFastUserSwitching = 0 (0x0)

    IE: "Adicionar ao Bloqueador de banner de anúncio" - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ie_banner_deny.htm

    IE: E&xport to Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000

    IE: E&xportar para o Microsoft Excel

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

    IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\SCIEPlgn.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~2\office12\ONBttnIE.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL

    DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

    DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237237095484

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~2\office12\GR99D3~1.DLL

    Notify: igfxcui - igfxdev.dll

    Notify: klogon - c:\windows\system32\klogon.dll

    AppInit_DLLs: d:\arquiv~1\segura~1\kis800~1.506\mzvkbd.dll,d:\arquiv~1\segura~1\kis800~1.506\mzvkbd3.dll,d:\arquiv~1\segura~1\kis800~1.506\adialhk.dll,d:\arquiv~1\segura~1\kis800~1.506\kloehk.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\hernani\dadosd~1\mozilla\firefox\profiles\twmmii6j.default\

    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/ig?hl=pt-BR&source=iglk

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nppl3260.dll

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprjplug.dll

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprpjplug.dll

    ---- FIREFOX POLICIES ----

    d:\arquivos de programas\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

    ============= SERVICES / DRIVERS ===============

    R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-16 28544]

    R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-27 226832]

    R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [2009-3-27 12344]

    R2 AVP;Kaspersky Internet Security;d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe [2008-11-11 206088]

    R2 LF30FS;LF30FS;d:\arquivos de programas\segurança\lockfolder\LF30XP.sys [2004-11-19 101488]

    R2 SpyEmrgSrv;Spy Emergency Engine Service;d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergencySrv.exe [2009-3-27 694840]

    R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]

    R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [2009-3-27 14392]

    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-14 222976]

    S3 pctplsg;pctplsg; [x]

    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]

    S3 TfNetMon;TfNetMon; [x]

    S4 a2free;a-squared Free Service;d:\arquivos de programas\segurança\a-squared free\a2service.exe [2009-3-7 425080]

    =============== Created Last 30 ================

    2009-03-28 11:09 <DIR> --d----- c:\arquivos de programas\EsetOnlineScanner

    2009-03-28 09:49 218 a------- c:\windows\sremcon_winlogon.dat

    2009-03-28 09:49 181 a------- c:\windows\sremcon_startup.dat

    2009-03-27 22:12 3,840 a------- c:\windows\sremcon_drivers.dat

    2009-03-27 22:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Se Analyzer Tool SA

    2009-03-27 21:59 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Spy Emergency

    2009-03-27 21:59 23,096 a------- c:\windows\system32\sremcon.exe

    2009-03-27 21:59 14,392 a------- c:\windows\system32\drivers\spyemrg_guard.sys

    2009-03-27 21:59 12,344 a------- c:\windows\system32\drivers\spyemrg.sys

    2009-03-27 21:59 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\NETGATE

    2009-03-27 21:21 101,287 a------- c:\windows\system32\drivers\klin.dat

    2009-03-27 21:21 89,601 a------- c:\windows\system32\drivers\klick.dat

    2009-03-27 21:20 1,964,064 a--sh--- c:\windows\system32\drivers\fidbox.dat

    2009-03-27 21:20 311,328 a--sh--- c:\windows\system32\drivers\fidbox2.dat

    2009-03-27 21:20 17,472 a--sh--- c:\windows\system32\drivers\fidbox.idx

    2009-03-27 21:20 3,192 a--sh--- c:\windows\system32\drivers\fidbox2.idx

    2009-03-27 21:20 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab

    2009-03-27 18:48 691,712 a------- c:\windows\is-CP01N.exe

    2009-03-27 18:48 11,868 a------- c:\windows\is-CP01N.msg

    2009-03-27 18:48 267 a------- c:\windows\is-CP01N.lst

    2009-03-27 17:50 <DIR> --d----- c:\windows\PIF

    2009-03-27 16:14 268 a------- c:\windows\is-UL41U.lst

    2009-03-27 16:14 691,712 a------- c:\windows\is-UL41U.exe

    2009-03-27 16:14 11,868 a------- c:\windows\is-UL41U.msg

    2009-03-26 22:14 691,712 a------- c:\windows\is-HUAAE.exe

    2009-03-26 22:14 11,868 a------- c:\windows\is-HUAAE.msg

    2009-03-26 22:14 268 a------- c:\windows\is-HUAAE.lst

    2009-03-26 22:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PC Tools

    2009-03-26 21:26 189,102 a------- C:\1current.trs

    2009-03-26 21:22 24,364,032 a------- C:\current.trs

    2009-03-26 20:22 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files

    2009-03-26 18:32 <DIR> --d----- c:\windows\LastGood.Tmp

    2009-03-25 16:45 5,632 ac------ c:\windows\system32\dllcache\kbdheb.dll

    2009-03-25 16:41 18,688 ac------ c:\windows\system32\dllcache\irsir.sys

    2009-03-25 16:40 28,672 ac------ c:\windows\system32\dllcache\irmon.dll

    2009-03-25 16:25 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll

    2009-03-25 16:19 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll

    2009-03-25 16:12 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll

    2009-03-25 16:08 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys

    2009-03-25 13:22 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll

    2009-03-25 13:22 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll

    2009-03-25 13:22 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll

    2009-03-25 13:22 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe

    2009-03-25 13:22 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe

    2009-03-25 13:22 99,865 ac------ c:\windows\system32\dllcache\xlog.exe

    2009-03-25 13:22 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys

    2009-03-25 13:22 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys

    2009-03-25 13:22 19,200 ac------ c:\windows\system32\dllcache\wstcodec.sys

    2009-03-25 13:22 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys

    2009-03-25 13:22 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll

    2009-03-25 13:20 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

    2009-03-25 13:19 17,024 ac------ c:\windows\system32\dllcache\stcusb.sys

    2009-03-25 13:18 161,632 ac------ c:\windows\system32\dllcache\sgsmusb.sys

    2009-03-25 13:17 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys

    2009-03-25 13:16 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe

    2009-03-25 13:15 5,504 ac------ c:\windows\system32\dllcache\mstee.sys

    2009-03-25 13:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys

    2009-03-25 13:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys

    2009-03-25 13:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys

    2009-03-25 13:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys

    2009-03-25 13:14 35,200 ac------ c:\windows\system32\dllcache\msgame.sys

    2009-03-25 13:14 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys

    2009-03-25 13:14 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax

    2009-03-25 13:14 51,200 ac------ c:\windows\system32\dllcache\msdv.sys

    2009-03-25 13:14 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys

    2009-03-25 13:14 15,232 ac------ c:\windows\system32\dllcache\mpe.sys

    2009-03-25 13:14 12,288 ac------ c:\windows\system32\dllcache\mouhid.sys

    2009-03-25 13:14 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys

    2009-03-25 13:12 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys

    2009-03-25 13:11 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll

    2009-03-25 13:10 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll

    2009-03-25 13:09 907,904 ac------ c:\windows\system32\dllcache\hcf_msft.sys

    2009-03-25 13:08 347,966 ac------ c:\windows\system32\dllcache\es56tpi.sys

    2009-03-25 13:07 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys

    2009-03-25 13:06 28,672 ac------ c:\windows\system32\dllcache\cyycoins.dll

    2009-03-25 13:05 13,952 ac------ c:\windows\system32\dllcache\cmbatt.sys

    2009-03-25 13:04 14,080 ac------ c:\windows\system32\dllcache\bulltlp3.sys

    2009-03-25 13:03 96,128 ac------ c:\windows\system32\dllcache\ati.dll

    2009-03-25 13:02 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll

    2009-03-25 11:31 8 a------- c:\windows\scanreg.ini

    2009-03-25 11:04 <DIR> --d----- c:\windows\MindSoft Utilities 2009 for Windows XP

    2009-03-24 11:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SWF Studio

    2009-03-24 11:02 <DIR> --d----- c:\docume~1\hernani\dadosd~1\KeePass

    2009-03-24 11:01 <DIR> --d-h--- C:\89a93d7abf118d1e5a5d

    2009-03-24 11:01 <DIR> --d-h--- C:\4fce31b89cfde0a00e4386baa9baec6d

    2009-03-24 11:01 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\IconTweaker

    2009-03-23 21:31 147,456 a------- c:\windows\system32\igfxCoIn_v5009.dll

    2009-03-23 21:16 53,248 a------- c:\windows\system32\CSVer.dll

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH3

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH2

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH1

    2009-03-22 23:53 <DIR> --d----- c:\documents and settings\hernani\Contacts

    2009-03-22 18:30 720,896 a------- c:\windows\iun6002.exe

    2009-03-22 16:11 <DIR> --d----- c:\windows\pss

    2009-03-22 00:36 <DIR> --d----- c:\windows\system32\GroupPolicy

    2009-03-22 00:25 39 a------- C:\ntosboot.bat

    2009-03-21 13:58 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Everstrike Software

    2009-03-21 10:52 37,376 a------- c:\windows\system32\VbVfw.dll

    2009-03-21 10:40 721,168 a------- c:\windows\system32\VB40032.DLL

    2009-03-21 10:40 60,416 a------- c:\windows\ST4UNST.EXE

    2009-03-20 22:54 <DIR> --d----- c:\arquivos de programas\ASUS

    2009-03-20 22:53 <DIR> --d----- c:\windows\AsDmiHtm

    2009-03-19 19:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Malwarebytes

    2009-03-19 19:08 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

    2009-03-19 13:22 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys

    2009-03-19 13:18 18,704 a----r-- c:\windows\system32\drivers\se59nd5.sys

    2009-03-19 13:18 4,128 a----r-- c:\windows\system32\drivers\se59cr.sys

    2009-03-19 13:18 90,800 a----r-- c:\windows\system32\drivers\se59unic.sys

    2009-03-19 13:18 88,624 a----r-- c:\windows\system32\drivers\se59mgmt.sys

    2009-03-19 13:18 86,432 a----r-- c:\windows\system32\drivers\se59obex.sys

    2009-03-19 13:18 97,088 a----r-- c:\windows\system32\drivers\se59mdm.sys

    2009-03-19 13:18 9,360 a----r-- c:\windows\system32\drivers\se59mdfl.sys

    2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cmnt.sys

    2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cm.sys

    2009-03-19 13:18 61,536 a----r-- c:\windows\system32\drivers\se59bus.sys

    2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59whnt.sys

    2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59wh.sys

    2009-03-19 12:55 54,156 a---h--- c:\windows\QTFont.qfn

    2009-03-19 12:55 1,409 a------- c:\windows\QTFont.for

    2009-03-19 11:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Teleca

    2009-03-19 11:12 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Sony Ericsson

    2009-03-19 11:07 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson

    2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Sony Ericsson Shared

    2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Teleca Shared

    2009-03-19 11:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Teleca

    2009-03-19 11:06 <DIR> --d----- c:\windows\Downloaded Installations

    2009-03-18 09:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\IObit

    2009-03-17 12:45 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\vsosdk

    2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\xing shared

    2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

    2009-03-17 10:51 87,608 a------- c:\docume~1\hernani\dadosd~1\inst.exe

    2009-03-17 10:51 47,360 a------- c:\windows\system32\drivers\pcouffin.sys

    2009-03-17 10:51 47,360 a------- c:\docume~1\hernani\dadosd~1\pcouffin.sys

    2009-03-17 10:51 217,127 a------- c:\windows\system32\drv43260.dll

    2009-03-17 10:51 208,935 a------- c:\windows\system32\drv33260.dll

    2009-03-17 10:51 102,439 a------- c:\windows\system32\sipr3260.dll

    2009-03-17 10:51 626,688 a------- c:\windows\system32\vp7vfw.dll

    2009-03-17 10:51 176,165 a------- c:\windows\system32\drv23260.dll

    2009-03-17 10:51 65,602 a------- c:\windows\system32\cook3260.dll

    2009-03-17 10:51 1,184,984 a------- c:\windows\system32\wvc1dmod.dll

    2009-03-17 10:51 <DIR> --d----- c:\arquivos de programas\VSO

    2009-03-16 23:25 410,984 a------- c:\windows\system32\deploytk.dll

    2009-03-16 23:25 73,728 a------- c:\windows\system32\javacpl.cpl

    2009-03-16 22:16 28,544 a------- c:\windows\system32\drivers\pavboot.sys

    2009-03-16 22:15 <DIR> --d----- c:\arquivos de programas\Panda Security

    2009-03-16 21:26 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

    2009-03-16 20:34 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll

    2009-03-16 20:34 467,984 a------- c:\windows\system32\d3dx10_39.dll

    2009-03-16 20:33 3,851,784 a------- c:\windows\system32\D3DX9_39.dll

    2009-03-16 20:33 2,414,360 a------- c:\windows\system32\d3dx9_31.dll

    2009-03-16 20:33 <DIR> --d----- c:\windows\Logs

    2009-03-16 20:33 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PassMark

    2009-03-16 20:05 <DIR> --d----- c:\arquivos de programas\LSI SoftModem

    2009-03-16 19:55 14,048 -------- c:\windows\system32\spmsg2.dll

    2009-03-16 19:47 <DIR> --d----- c:\windows\system32\XPSViewer

    2009-03-16 19:46 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll

    2009-03-16 19:46 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe

    2009-03-16 19:46 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll

    2009-03-16 19:46 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll

    2009-03-16 19:46 1,676,288 -------- c:\windows\system32\xpssvcs.dll

    2009-03-16 19:46 575,488 -------- c:\windows\system32\xpsshhdr.dll

    2009-03-16 19:46 117,760 -------- c:\windows\system32\prntvpt.dll

    2009-03-16 19:33 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll

    2009-03-16 19:33 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll

    2009-03-16 19:33 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe

    2009-03-16 19:33 1,024,000 -c------ c:\windows\system32\dllcache\ieframe.dll.mui

    2009-03-16 19:33 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll

    2009-03-16 19:33 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat

    2009-03-16 19:33 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll

    2009-03-16 19:33 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

    2009-03-16 19:33 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll

    2009-03-16 19:17 2,070,272 ac------ c:\windows\system32\dllcache\ntkrnlpa.exe

    2009-03-16 19:17 2,193,408 ac------ c:\windows\system32\dllcache\ntoskrnl.exe

    2009-03-16 19:16 172,032 ac------ c:\windows\system32\dllcache\scrrun.dll

    2009-03-16 19:16 172,032 a------- c:\windows\system32\scrrun.dll

    2009-03-16 18:51 <DIR> --d----- c:\windows\l2schemas

    2009-03-16 18:51 <DIR> --d----- c:\windows\system32\bits

    2009-03-16 18:48 <DIR> --d----- c:\windows\ServicePackFiles

    2009-03-16 18:46 <DIR> --d----- c:\windows\network diagnostic

    2009-03-16 18:31 1,309,184 ac------ c:\windows\system32\dllcache\mtlstrm.sys

    2009-03-16 18:30 104,960 ac------ c:\windows\system32\dllcache\atinrvxx.sys

    2009-03-16 18:14 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint

    2009-03-16 18:12 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

    2009-03-16 18:01 <DIR> --d----- c:\windows\system32\PreInstall

    2009-03-16 17:58 31,768 a------- c:\windows\system32\wucltui.dll.mui

    2009-03-16 17:58 18,968 a------- c:\windows\system32\wuaueng.dll.mui

    2009-03-16 17:58 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui

    2009-03-16 17:58 27,672 a------- c:\windows\system32\wuapi.dll.mui

    2009-03-16 17:58 <DIR> --d----- c:\windows\system32\SoftwareDistribution

    2009-03-16 17:08 32,592 a------- c:\windows\system32\msonpmon.dll

    2009-03-16 17:00 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

    2009-03-16 16:32 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Desktopicon

    2009-03-16 15:53 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint 5.2

    2009-03-16 14:52 <DIR> --d----- c:\windows\LastGood(2)

    2009-03-16 12:14 81,408 a------- c:\windows\system32\devcon_x64.exe

    2009-03-16 12:14 55,808 a------- c:\windows\system32\devcon.exe

    2009-03-15 23:20 <DIR> --d----- c:\arquivos de programas\uTorrent

    2009-03-15 23:20 <DIR> --d----- c:\docume~1\hernani\dadosd~1\uTorrent

    2009-03-15 18:11 211 a--sh--- C:\BOOT.BKK

    2009-03-15 15:07 <DIR> --d----- c:\windows\system32\NtmsData

    2009-03-15 15:06 <DIR> --d----- c:\windows\system32\pt-br

    2009-03-15 14:43 <DIR> --d----- c:\windows\$hf_mig$

    2009-03-15 14:32 268 a---h--- C:\sqmdata05.sqm

    2009-03-15 14:32 244 a---h--- C:\sqmnoopt05.sqm

    2009-03-15 14:26 <DIR> --d----- c:\docume~1\hernani\dadosd~1\GlarySoft

    2009-03-15 14:20 268 a---h--- C:\sqmdata04.sqm

    2009-03-15 14:20 244 a---h--- C:\sqmnoopt04.sqm

    2009-03-15 13:53 268 a---h--- C:\sqmdata03.sqm

    2009-03-15 13:53 244 a---h--- C:\sqmnoopt03.sqm

    2009-03-15 13:52 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Tools

    2009-03-15 13:49 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PC Tools

    2009-03-15 13:42 <DIR> --d----- c:\docume~1\hernani\dadosd~1\SUPERAntiSpyware.com

    2009-03-15 13:42 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SUPERAntiSpyware.com

    2009-03-15 13:40 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PCToolsFirewallPlus

    2009-03-15 11:05 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Drivers HeadQuarters

    2009-03-15 06:57 421,888 a------- c:\windows\system32\ac3filter.acm

    2009-03-15 06:55 69 a------- c:\windows\NeroDigital.ini

    2009-03-14 23:45 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

    2009-03-14 23:44 <DIR> --d----- c:\windows\system32\LogFiles

    2009-03-14 23:44 26,488 a------- c:\windows\system32\spupdsvc.exe

    2009-03-14 21:58 421 a------- c:\windows\ODBC.INI

    2009-03-14 21:57 <DIR> --d----- c:\windows\ShellNew

    2009-03-14 21:44 <DIR> --d-hr-- c:\documents and settings\hernani\Dados de aplicativos

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Modelos

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Configurações locais

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de rede

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de impressão

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Meus documentos

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Menu Iniciar

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Favoritos

    2009-03-14 21:44 <DIR> --d----- c:\documents and settings\Hernani

    2009-03-14 21:43 <DIR> --d----- c:\windows\system32\Microsoft

    2009-03-14 21:41 28,288 ac------ c:\windows\system32\dllcache\xjis.nls

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winzm.ime

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winsp.ime

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winpy.ime

    2009-03-14 21:41 79,360 ac------ c:\windows\system32\dllcache\winar30.ime

    2009-03-14 21:41 72,704 ac------ c:\windows\system32\dllcache\wingb.ime

    2009-03-14 21:41 65,536 ac------ c:\windows\system32\dllcache\winime.ime

    2009-03-14 21:41 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll

    2009-03-14 21:41 31,488 ac------ c:\windows\system32\dllcache\weitekp9.sys

    2009-03-14 21:41 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll

    2009-03-14 21:41 5,632 ac------ c:\windows\system32\dllcache\w3svapi.dll

    2009-03-14 21:39 108,827 ac------ c:\windows\system32\dllcache\hanja.lex

    2009-03-14 21:38 <DIR> --dsh--- c:\documents and settings\all users\DRM

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\Serviços on-line

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Messenger

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Windows NT

    2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

    2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

    2009-03-14 18:06 <DIR> --d-h--- c:\documents and settings\all users\Modelos

    2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

    2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Documentos

    2009-03-14 18:06 <DIR> --d----- c:\documents and settings\all users\Favoritos

    2009-03-14 18:04 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

    2009-03-14 13:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

    2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\Nero

    2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

    2009-03-14 13:07 <DIR> --d----- c:\arquivos de programas\Realtek

    2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\VIA

    2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

    2009-03-14 12:50 <DIR> --d----- c:\arquivos de programas\MSN Messenger

    ==================== Find3M ====================

    2009-03-27 21:34 33,808 a------- c:\windows\system32\drivers\klbg.sys

    2009-03-23 23:44 471,376 a------- c:\windows\system32\perfh016.dat

    2009-03-23 23:44 80,198 a------- c:\windows\system32\perfc016.dat

    2009-03-21 20:20 107 ---sh--- c:\arquivos de programas\Desktop.ini

    2009-03-17 12:05 348,160 a------- c:\windows\system32\msvcr71.dll

    2009-03-17 12:05 499,712 a------- c:\windows\system32\msvcp71.dll

    2009-03-14 22:14 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

    2009-03-14 21:36 21,844 a------- c:\windows\system32\emptyregdb.dat

    2009-02-09 15:56 67,584 a------- c:\windows\system32\ff_vfw.dll

    2009-02-09 11:06 1,846,912 a------- c:\windows\system32\win32k.sys

    2009-01-07 15:14 60,273 a------- c:\windows\system32\pthreadGC2.dll

    ============= FINISH: 11:54:43,68 ===============

    DDS (Ver_09-03-16.01) - NTFSx86

    Run by Hernani at 11:53:53,50 on s*b 28/03/2009

    Internet Explorer: 7.0.5730.13

    Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.507.197 [GMT -3:00]

    AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)

    FW: Kaspersky Internet Security *disabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch

    svchost.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\spoolsv.exe

    C:\Arquivos de programas\LSI SoftModem\agrsmsvc.exe

    C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

    C:\Arquivos de programas\Java\jre6\bin\jqs.exe

    C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

    C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

    D:\ARQUIVOS DE PROGRAMAS\SEGURANÇA\SpyEmergency\Spy Emergency 2008\SpyEmergencySrv.exe

    C:\WINDOWS\system32\wbem\wmiapsrv.exe

    C:\WINDOWS\Explorer.EXE

    svchost.exe

    C:\WINDOWS\system32\ctfmon.exe

    D:\ARQUIVOS DE PROGRAMAS\NetVirtua.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    C:\WINDOWS\system32\wscntfy.exe

    C:\Arquivos de programas\Internet Explorer\iexplore.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    C:\WINDOWS\system32\NOTEPAD.EXE

    D:\DOWNLOADS\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com.br/

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ievkbd.dll

    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [spyEmergency] "d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergency.exe"

    mRun: [AVP] "d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe"

    mPolicies-system: HideFastUserSwitching = 0 (0x0)

    IE: "Adicionar ao Bloqueador de banner de anúncio" - d:\arquivos de programas\segurança\kis 8.0.0.506pb\ie_banner_deny.htm

    IE: E&xport to Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000

    IE: E&xportar para o Microsoft Excel

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

    IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\arquivos de programas\segurança\kis 8.0.0.506pb\SCIEPlgn.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~2\office12\ONBttnIE.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office12\REFIEBAR.DLL

    DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

    DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237237095484

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~2\office12\GR99D3~1.DLL

    Notify: igfxcui - igfxdev.dll

    Notify: klogon - c:\windows\system32\klogon.dll

    AppInit_DLLs: d:\arquiv~1\segura~1\kis800~1.506\mzvkbd.dll,d:\arquiv~1\segura~1\kis800~1.506\mzvkbd3.dll,d:\arquiv~1\segura~1\kis800~1.506\adialhk.dll,d:\arquiv~1\segura~1\kis800~1.506\kloehk.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\arquiv~1\micros~2\office12\GRA8E1~1.DLL

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\hernani\dadosd~1\mozilla\firefox\profiles\twmmii6j.default\

    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/ig?hl=pt-BR&source=iglk

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nppl3260.dll

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprjplug.dll

    FF - plugin: c:\documents and settings\hernani\meus documentos\netscape6\nprpjplug.dll

    ---- FIREFOX POLICIES ----

    d:\arquivos de programas\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

    ============= SERVICES / DRIVERS ===============

    R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-16 28544]

    R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-27 226832]

    R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [2009-3-27 12344]

    R2 AVP;Kaspersky Internet Security;d:\arquivos de programas\segurança\kis 8.0.0.506pb\avp.exe [2008-11-11 206088]

    R2 LF30FS;LF30FS;d:\arquivos de programas\segurança\lockfolder\LF30XP.sys [2004-11-19 101488]

    R2 SpyEmrgSrv;Spy Emergency Engine Service;d:\arquivos de programas\segurança\spyemergency\spy emergency 2008\SpyEmergencySrv.exe [2009-3-27 694840]

    R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]

    R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [2009-3-27 14392]

    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-14 222976]

    S3 pctplsg;pctplsg; [x]

    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]

    S3 TfNetMon;TfNetMon; [x]

    S4 a2free;a-squared Free Service;d:\arquivos de programas\segurança\a-squared free\a2service.exe [2009-3-7 425080]

    =============== Created Last 30 ================

    2009-03-28 11:09 <DIR> --d----- c:\arquivos de programas\EsetOnlineScanner

    2009-03-28 09:49 218 a------- c:\windows\sremcon_winlogon.dat

    2009-03-28 09:49 181 a------- c:\windows\sremcon_startup.dat

    2009-03-27 22:12 3,840 a------- c:\windows\sremcon_drivers.dat

    2009-03-27 22:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Se Analyzer Tool SA

    2009-03-27 21:59 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Spy Emergency

    2009-03-27 21:59 23,096 a------- c:\windows\system32\sremcon.exe

    2009-03-27 21:59 14,392 a------- c:\windows\system32\drivers\spyemrg_guard.sys

    2009-03-27 21:59 12,344 a------- c:\windows\system32\drivers\spyemrg.sys

    2009-03-27 21:59 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\NETGATE

    2009-03-27 21:21 101,287 a------- c:\windows\system32\drivers\klin.dat

    2009-03-27 21:21 89,601 a------- c:\windows\system32\drivers\klick.dat

    2009-03-27 21:20 1,964,064 a--sh--- c:\windows\system32\drivers\fidbox.dat

    2009-03-27 21:20 311,328 a--sh--- c:\windows\system32\drivers\fidbox2.dat

    2009-03-27 21:20 17,472 a--sh--- c:\windows\system32\drivers\fidbox.idx

    2009-03-27 21:20 3,192 a--sh--- c:\windows\system32\drivers\fidbox2.idx

    2009-03-27 21:20 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab

    2009-03-27 18:48 691,712 a------- c:\windows\is-CP01N.exe

    2009-03-27 18:48 11,868 a------- c:\windows\is-CP01N.msg

    2009-03-27 18:48 267 a------- c:\windows\is-CP01N.lst

    2009-03-27 17:50 <DIR> --d----- c:\windows\PIF

    2009-03-27 16:14 268 a------- c:\windows\is-UL41U.lst

    2009-03-27 16:14 691,712 a------- c:\windows\is-UL41U.exe

    2009-03-27 16:14 11,868 a------- c:\windows\is-UL41U.msg

    2009-03-26 22:14 691,712 a------- c:\windows\is-HUAAE.exe

    2009-03-26 22:14 11,868 a------- c:\windows\is-HUAAE.msg

    2009-03-26 22:14 268 a------- c:\windows\is-HUAAE.lst

    2009-03-26 22:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PC Tools

    2009-03-26 21:26 189,102 a------- C:\1current.trs

    2009-03-26 21:22 24,364,032 a------- C:\current.trs

    2009-03-26 20:22 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Kaspersky Lab Setup Files

    2009-03-26 18:32 <DIR> --d----- c:\windows\LastGood.Tmp

    2009-03-25 16:45 5,632 ac------ c:\windows\system32\dllcache\kbdheb.dll

    2009-03-25 16:41 18,688 ac------ c:\windows\system32\dllcache\irsir.sys

    2009-03-25 16:40 28,672 ac------ c:\windows\system32\dllcache\irmon.dll

    2009-03-25 16:25 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll

    2009-03-25 16:19 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll

    2009-03-25 16:12 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll

    2009-03-25 16:08 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys

    2009-03-25 13:22 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll

    2009-03-25 13:22 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll

    2009-03-25 13:22 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll

    2009-03-25 13:22 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe

    2009-03-25 13:22 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe

    2009-03-25 13:22 99,865 ac------ c:\windows\system32\dllcache\xlog.exe

    2009-03-25 13:22 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys

    2009-03-25 13:22 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys

    2009-03-25 13:22 19,200 ac------ c:\windows\system32\dllcache\wstcodec.sys

    2009-03-25 13:22 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys

    2009-03-25 13:22 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll

    2009-03-25 13:20 26,112 ac------ c:\windows\system32\dllcache\usbser.sys

    2009-03-25 13:19 17,024 ac------ c:\windows\system32\dllcache\stcusb.sys

    2009-03-25 13:18 161,632 ac------ c:\windows\system32\dllcache\sgsmusb.sys

    2009-03-25 13:17 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys

    2009-03-25 13:16 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe

    2009-03-25 13:15 5,504 ac------ c:\windows\system32\dllcache\mstee.sys

    2009-03-25 13:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys

    2009-03-25 13:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys

    2009-03-25 13:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys

    2009-03-25 13:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys

    2009-03-25 13:14 35,200 ac------ c:\windows\system32\dllcache\msgame.sys

    2009-03-25 13:14 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys

    2009-03-25 13:14 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax

    2009-03-25 13:14 51,200 ac------ c:\windows\system32\dllcache\msdv.sys

    2009-03-25 13:14 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys

    2009-03-25 13:14 15,232 ac------ c:\windows\system32\dllcache\mpe.sys

    2009-03-25 13:14 12,288 ac------ c:\windows\system32\dllcache\mouhid.sys

    2009-03-25 13:14 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys

    2009-03-25 13:12 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys

    2009-03-25 13:11 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll

    2009-03-25 13:10 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll

    2009-03-25 13:09 907,904 ac------ c:\windows\system32\dllcache\hcf_msft.sys

    2009-03-25 13:08 347,966 ac------ c:\windows\system32\dllcache\es56tpi.sys

    2009-03-25 13:07 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys

    2009-03-25 13:06 28,672 ac------ c:\windows\system32\dllcache\cyycoins.dll

    2009-03-25 13:05 13,952 ac------ c:\windows\system32\dllcache\cmbatt.sys

    2009-03-25 13:04 14,080 ac------ c:\windows\system32\dllcache\bulltlp3.sys

    2009-03-25 13:03 96,128 ac------ c:\windows\system32\dllcache\ati.dll

    2009-03-25 13:02 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll

    2009-03-25 11:31 8 a------- c:\windows\scanreg.ini

    2009-03-25 11:04 <DIR> --d----- c:\windows\MindSoft Utilities 2009 for Windows XP

    2009-03-24 11:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SWF Studio

    2009-03-24 11:02 <DIR> --d----- c:\docume~1\hernani\dadosd~1\KeePass

    2009-03-24 11:01 <DIR> --d-h--- C:\89a93d7abf118d1e5a5d

    2009-03-24 11:01 <DIR> --d-h--- C:\4fce31b89cfde0a00e4386baa9baec6d

    2009-03-24 11:01 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\IconTweaker

    2009-03-23 21:31 147,456 a------- c:\windows\system32\igfxCoIn_v5009.dll

    2009-03-23 21:16 53,248 a------- c:\windows\system32\CSVer.dll

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH3

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH2

    2009-03-23 17:36 262,144 a------- c:\windows\system32\FLUSH1

    2009-03-22 23:53 <DIR> --d----- c:\documents and settings\hernani\Contacts

    2009-03-22 18:30 720,896 a------- c:\windows\iun6002.exe

    2009-03-22 16:11 <DIR> --d----- c:\windows\pss

    2009-03-22 00:36 <DIR> --d----- c:\windows\system32\GroupPolicy

    2009-03-22 00:25 39 a------- C:\ntosboot.bat

    2009-03-21 13:58 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Everstrike Software

    2009-03-21 10:52 37,376 a------- c:\windows\system32\VbVfw.dll

    2009-03-21 10:40 721,168 a------- c:\windows\system32\VB40032.DLL

    2009-03-21 10:40 60,416 a------- c:\windows\ST4UNST.EXE

    2009-03-20 22:54 <DIR> --d----- c:\arquivos de programas\ASUS

    2009-03-20 22:53 <DIR> --d----- c:\windows\AsDmiHtm

    2009-03-19 19:09 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Malwarebytes

    2009-03-19 19:08 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Malwarebytes

    2009-03-19 13:22 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys

    2009-03-19 13:18 18,704 a----r-- c:\windows\system32\drivers\se59nd5.sys

    2009-03-19 13:18 4,128 a----r-- c:\windows\system32\drivers\se59cr.sys

    2009-03-19 13:18 90,800 a----r-- c:\windows\system32\drivers\se59unic.sys

    2009-03-19 13:18 88,624 a----r-- c:\windows\system32\drivers\se59mgmt.sys

    2009-03-19 13:18 86,432 a----r-- c:\windows\system32\drivers\se59obex.sys

    2009-03-19 13:18 97,088 a----r-- c:\windows\system32\drivers\se59mdm.sys

    2009-03-19 13:18 9,360 a----r-- c:\windows\system32\drivers\se59mdfl.sys

    2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cmnt.sys

    2009-03-19 13:18 6,240 a----r-- c:\windows\system32\drivers\se59cm.sys

    2009-03-19 13:18 61,536 a----r-- c:\windows\system32\drivers\se59bus.sys

    2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59whnt.sys

    2009-03-19 13:18 5,872 a----r-- c:\windows\system32\drivers\se59wh.sys

    2009-03-19 12:55 54,156 a---h--- c:\windows\QTFont.qfn

    2009-03-19 12:55 1,409 a------- c:\windows\QTFont.for

    2009-03-19 11:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Teleca

    2009-03-19 11:12 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Sony Ericsson

    2009-03-19 11:07 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Sony Ericsson

    2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Sony Ericsson Shared

    2009-03-19 11:06 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Teleca Shared

    2009-03-19 11:06 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Teleca

    2009-03-19 11:06 <DIR> --d----- c:\windows\Downloaded Installations

    2009-03-18 09:13 <DIR> --d----- c:\docume~1\hernani\dadosd~1\IObit

    2009-03-17 12:45 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\vsosdk

    2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\xing shared

    2009-03-17 12:05 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

    2009-03-17 10:51 87,608 a------- c:\docume~1\hernani\dadosd~1\inst.exe

    2009-03-17 10:51 47,360 a------- c:\windows\system32\drivers\pcouffin.sys

    2009-03-17 10:51 47,360 a------- c:\docume~1\hernani\dadosd~1\pcouffin.sys

    2009-03-17 10:51 217,127 a------- c:\windows\system32\drv43260.dll

    2009-03-17 10:51 208,935 a------- c:\windows\system32\drv33260.dll

    2009-03-17 10:51 102,439 a------- c:\windows\system32\sipr3260.dll

    2009-03-17 10:51 626,688 a------- c:\windows\system32\vp7vfw.dll

    2009-03-17 10:51 176,165 a------- c:\windows\system32\drv23260.dll

    2009-03-17 10:51 65,602 a------- c:\windows\system32\cook3260.dll

    2009-03-17 10:51 1,184,984 a------- c:\windows\system32\wvc1dmod.dll

    2009-03-17 10:51 <DIR> --d----- c:\arquivos de programas\VSO

    2009-03-16 23:25 410,984 a------- c:\windows\system32\deploytk.dll

    2009-03-16 23:25 73,728 a------- c:\windows\system32\javacpl.cpl

    2009-03-16 22:16 28,544 a------- c:\windows\system32\drivers\pavboot.sys

    2009-03-16 22:15 <DIR> --d----- c:\arquivos de programas\Panda Security

    2009-03-16 21:26 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

    2009-03-16 20:34 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll

    2009-03-16 20:34 467,984 a------- c:\windows\system32\d3dx10_39.dll

    2009-03-16 20:33 3,851,784 a------- c:\windows\system32\D3DX9_39.dll

    2009-03-16 20:33 2,414,360 a------- c:\windows\system32\d3dx9_31.dll

    2009-03-16 20:33 <DIR> --d----- c:\windows\Logs

    2009-03-16 20:33 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PassMark

    2009-03-16 20:05 <DIR> --d----- c:\arquivos de programas\LSI SoftModem

    2009-03-16 19:55 14,048 -------- c:\windows\system32\spmsg2.dll

    2009-03-16 19:47 <DIR> --d----- c:\windows\system32\XPSViewer

    2009-03-16 19:46 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll

    2009-03-16 19:46 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe

    2009-03-16 19:46 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll

    2009-03-16 19:46 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll

    2009-03-16 19:46 1,676,288 -------- c:\windows\system32\xpssvcs.dll

    2009-03-16 19:46 575,488 -------- c:\windows\system32\xpsshhdr.dll

    2009-03-16 19:46 117,760 -------- c:\windows\system32\prntvpt.dll

    2009-03-16 19:33 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll

    2009-03-16 19:33 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll

    2009-03-16 19:33 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe

    2009-03-16 19:33 1,024,000 -c------ c:\windows\system32\dllcache\ieframe.dll.mui

    2009-03-16 19:33 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll

    2009-03-16 19:33 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat

    2009-03-16 19:33 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll

    2009-03-16 19:33 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

    2009-03-16 19:33 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll

    2009-03-16 19:17 2,070,272 ac------ c:\windows\system32\dllcache\ntkrnlpa.exe

    2009-03-16 19:17 2,193,408 ac------ c:\windows\system32\dllcache\ntoskrnl.exe

    2009-03-16 19:16 172,032 ac------ c:\windows\system32\dllcache\scrrun.dll

    2009-03-16 19:16 172,032 a------- c:\windows\system32\scrrun.dll

    2009-03-16 18:51 <DIR> --d----- c:\windows\l2schemas

    2009-03-16 18:51 <DIR> --d----- c:\windows\system32\bits

    2009-03-16 18:48 <DIR> --d----- c:\windows\ServicePackFiles

    2009-03-16 18:46 <DIR> --d----- c:\windows\network diagnostic

    2009-03-16 18:31 1,309,184 ac------ c:\windows\system32\dllcache\mtlstrm.sys

    2009-03-16 18:30 104,960 ac------ c:\windows\system32\dllcache\atinrvxx.sys

    2009-03-16 18:14 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint

    2009-03-16 18:12 <DIR> --d----- c:\arquivos de programas\MSXML 6.0

    2009-03-16 18:01 <DIR> --d----- c:\windows\system32\PreInstall

    2009-03-16 17:58 31,768 a------- c:\windows\system32\wucltui.dll.mui

    2009-03-16 17:58 18,968 a------- c:\windows\system32\wuaueng.dll.mui

    2009-03-16 17:58 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui

    2009-03-16 17:58 27,672 a------- c:\windows\system32\wuapi.dll.mui

    2009-03-16 17:58 <DIR> --d----- c:\windows\system32\SoftwareDistribution

    2009-03-16 17:08 32,592 a------- c:\windows\system32\msonpmon.dll

    2009-03-16 17:00 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

    2009-03-16 16:32 <DIR> --d----- c:\docume~1\hernani\dadosd~1\Desktopicon

    2009-03-16 15:53 <DIR> --d----- c:\arquivos de programas\Microsoft IntelliPoint 5.2

    2009-03-16 14:52 <DIR> --d----- c:\windows\LastGood(2)

    2009-03-16 12:14 81,408 a------- c:\windows\system32\devcon_x64.exe

    2009-03-16 12:14 55,808 a------- c:\windows\system32\devcon.exe

    2009-03-15 23:20 <DIR> --d----- c:\arquivos de programas\uTorrent

    2009-03-15 23:20 <DIR> --d----- c:\docume~1\hernani\dadosd~1\uTorrent

    2009-03-15 18:11 211 a--sh--- C:\BOOT.BKK

    2009-03-15 15:07 <DIR> --d----- c:\windows\system32\NtmsData

    2009-03-15 15:06 <DIR> --d----- c:\windows\system32\pt-br

    2009-03-15 14:43 <DIR> --d----- c:\windows\$hf_mig$

    2009-03-15 14:32 268 a---h--- C:\sqmdata05.sqm

    2009-03-15 14:32 244 a---h--- C:\sqmnoopt05.sqm

    2009-03-15 14:26 <DIR> --d----- c:\docume~1\hernani\dadosd~1\GlarySoft

    2009-03-15 14:20 268 a---h--- C:\sqmdata04.sqm

    2009-03-15 14:20 244 a---h--- C:\sqmnoopt04.sqm

    2009-03-15 13:53 268 a---h--- C:\sqmdata03.sqm

    2009-03-15 13:53 244 a---h--- C:\sqmnoopt03.sqm

    2009-03-15 13:52 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Tools

    2009-03-15 13:49 <DIR> --d----- c:\arquivos de programas\arquivos comuns\PC Tools

    2009-03-15 13:42 <DIR> --d----- c:\docume~1\hernani\dadosd~1\SUPERAntiSpyware.com

    2009-03-15 13:42 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SUPERAntiSpyware.com

    2009-03-15 13:40 <DIR> --d----- c:\docume~1\hernani\dadosd~1\PCToolsFirewallPlus

    2009-03-15 11:05 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\PC Drivers HeadQuarters

    2009-03-15 06:57 421,888 a------- c:\windows\system32\ac3filter.acm

    2009-03-15 06:55 69 a------- c:\windows\NeroDigital.ini

    2009-03-14 23:45 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

    2009-03-14 23:44 <DIR> --d----- c:\windows\system32\LogFiles

    2009-03-14 23:44 26,488 a------- c:\windows\system32\spupdsvc.exe

    2009-03-14 21:58 421 a------- c:\windows\ODBC.INI

    2009-03-14 21:57 <DIR> --d----- c:\windows\ShellNew

    2009-03-14 21:44 <DIR> --d-hr-- c:\documents and settings\hernani\Dados de aplicativos

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Modelos

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Configurações locais

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de rede

    2009-03-14 21:44 <DIR> --d-h--- c:\documents and settings\hernani\Ambiente de impressão

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Meus documentos

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Menu Iniciar

    2009-03-14 21:44 <DIR> --d--r-- c:\documents and settings\hernani\Favoritos

    2009-03-14 21:44 <DIR> --d----- c:\documents and settings\Hernani

    2009-03-14 21:43 <DIR> --d----- c:\windows\system32\Microsoft

    2009-03-14 21:41 28,288 ac------ c:\windows\system32\dllcache\xjis.nls

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winzm.ime

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winsp.ime

    2009-03-14 21:41 156,672 ac------ c:\windows\system32\dllcache\winpy.ime

    2009-03-14 21:41 79,360 ac------ c:\windows\system32\dllcache\winar30.ime

    2009-03-14 21:41 72,704 ac------ c:\windows\system32\dllcache\wingb.ime

    2009-03-14 21:41 65,536 ac------ c:\windows\system32\dllcache\winime.ime

    2009-03-14 21:41 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll

    2009-03-14 21:41 31,488 ac------ c:\windows\system32\dllcache\weitekp9.sys

    2009-03-14 21:41 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll

    2009-03-14 21:41 5,632 ac------ c:\windows\system32\dllcache\w3svapi.dll

    2009-03-14 21:39 108,827 ac------ c:\windows\system32\dllcache\hanja.lex

    2009-03-14 21:38 <DIR> --dsh--- c:\documents and settings\all users\DRM

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\Serviços on-line

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

    2009-03-14 21:37 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Messenger

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

    2009-03-14 21:35 <DIR> --d----- c:\arquivos de programas\Windows NT

    2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

    2009-03-14 18:07 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

    2009-03-14 18:06 <DIR> --d-h--- c:\documents and settings\all users\Modelos

    2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

    2009-03-14 18:06 <DIR> --d--r-- c:\documents and settings\all users\Documentos

    2009-03-14 18:06 <DIR> --d----- c:\documents and settings\all users\Favoritos

    2009-03-14 18:04 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

    2009-03-14 13:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

    2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\Nero

    2009-03-14 13:19 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Ahead

    2009-03-14 13:07 <DIR> --d----- c:\arquivos de programas\Realtek

    2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\VIA

    2009-03-14 13:04 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

    2009-03-14 12:50 <DIR> --d----- c:\arquivos de programas\MSN Messenger

    ==================== Find3M ====================

    2009-03-27 21:34 33,808 a------- c:\windows\system32\drivers\klbg.sys

    2009-03-23 23:44 471,376 a------- c:\windows\system32\perfh016.dat

    2009-03-23 23:44 80,198 a------- c:\windows\system32\perfc016.dat

    2009-03-21 20:20 107 ---sh--- c:\arquivos de programas\Desktop.ini

    2009-03-17 12:05 348,160 a------- c:\windows\system32\msvcr71.dll

    2009-03-17 12:05 499,712 a------- c:\windows\system32\msvcp71.dll

    2009-03-14 22:14 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

    2009-03-14 21:36 21,844 a------- c:\windows\system32\emptyregdb.dat

    2009-02-09 15:56 67,584 a------- c:\windows\system32\ff_vfw.dll

    2009-02-09 11:06 1,846,912 a------- c:\windows\system32\win32k.sys

    2009-01-07 15:14 60,273 a------- c:\windows\system32\pthreadGC2.dll

    ============= FINISH: 11:54:43,68 ===============

    # version=4

    # OnlineScanner.ocx=1.0.0.635

    # OnlineScannerDLLA.dll=1, 0, 0, 79

    # OnlineScannerDLLW.dll=1, 0, 0, 78

    # OnlineScannerUninstaller.exe=1, 0, 0, 49

    # vers_standard_module=3972 (20090328)

    # vers_arch_module=1.064 (20080214)

    # vers_adv_heur_module=1.066 (20070917)

    # EOSSerial=6e744ca3e6f2d643805d394eb0e20873

    # end=finished

    # remove_checked=false

    # unwanted_checked=true

    # utc_time=2009-03-28 02:50:38

    # local_time=2009-03-28 11:50:38 (-0300, Hora oficial do Brasil)

    # country="Brazil"

    # osver=5.1.2600 NT Service Pack 3

    # scanned=265099

    # found=0

    # scan_time=2294

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Os logs estão limpos e o online scan também nada detetou. Seu problema não está relacionado a virus.

    Procure ajuda nas restantes áreas do forum para os colegas o continuarem ajudando.

    Abraço

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Obrigado pela atenção Lusitano...

    Abraço...

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×