Logo Hardware.com.br
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas

Avira não atualiza

#1 Por TmfeijoMMonr... 13/09/2010 - 14:00
Boa tarde !

De uns dias para hoje, perçebi que o pc está lento d+ e o avira não atualiza .

Segue os logs :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:50:39, on 13/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
D:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
D:\Arquivos de programas\CursorXP\CursorXP.exe
D:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
D:\Arquivos de programas\Java\jre6\bin\jqs.exe
D:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe
D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Arquivos de programas\Gadwin Systems\PrintScreen\PrintScreen.exe
D:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe
D:\Arquivos de programas\Mozilla Firefox\firefox.exe
D:\Arquivos de programas\Mozilla Firefox\plugin-container.exe
D:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSANHost.exe
D:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
D:\Documents and Settings\edsom luis\Meus documentos\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DWQueuedReporting] "D:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [PSUNMain] "D:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKCU\..\Run: [CursorXP] D:\Arquivos de programas\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - D:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSANHost.exe

--
End of file - 4506 bytes



DDS (Ver_10-03-17.01) - FAT32x86
Run by edsom luis at 13:52:40,67 on seg 13/09/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.198 [GMT -3:00]

AV: Panda Cloud Antivirus *On-access scanning enabled* (Updated) {5AD27692-540A-464E-B625-78275FA38393}
AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

D:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
D:\WINDOWS\System32\svchost.exe -k netsvcs
SVCHOST.EXE
SVCHOST.EXE
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
D:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
D:\Arquivos de programas\CursorXP\CursorXP.exe
D:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
D:\Arquivos de programas\Java\jre6\bin\jqs.exe
D:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe
D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Arquivos de programas\Gadwin Systems\PrintScreen\PrintScreen.exe
D:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe
D:\Arquivos de programas\Mozilla Firefox\firefox.exe
D:\Arquivos de programas\Mozilla Firefox\plugin-container.exe
D:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSANHost.exe
D:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
D:\Documents and Settings\edsom luis\Meus documentos\Downloads\dds.scr
D:\WINDOWS\system32\msfeedssync.exe

============== Pseudo HJT Report ===============

mWindow Title =
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - d:\arquivos de programas\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CursorXP] d:\arquivos de programas\cursorxp\CursorXP.exe
uRun: [msnmsgr] "d:\arquivos de programas\windows live\messenger\msnmsgr.exe" /background
mRun: [SunJavaUpdateSched] "d:\arquivos de programas\arquivos comuns\java\java update\jusched.exe"
mRun: [DWQueuedReporting] "d:\arquiv~1\arquiv~1\micros~1\dw\dwtrig20.exe" -t
mRun: [PSUNMain] "d:\arquivos de programas\panda security\panda cloud antivirus\PSUNMain.exe" /Traybar
IE: E&xportar para o Microsoft Excel
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - d:\docume~1\edsoml~1\dadosd~1\mozilla\firefox\profiles\izozpjim.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/webhp?hl=pt-BR
FF - component: d:\documents and settings\edsom luis\dados de aplicativos\mozilla\firefox\profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: d:\arquivos de programas\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\documents and settings\edsom luis\dados de aplicativos\mozilla\firefox\profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - d:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
d:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
d:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
d:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R2 713xTVCard;SAA7131 TV Card;d:\windows\system32\drivers\SAA713x.sys [2005-3-15 277504]

=============== Created Last 30 ================

2010-09-13 16:36:16 280 ----a-w- d:\windows\system32\PSUNCpl.dat
2010-09-13 16:33:50 0 d-----w- d:\docume~1\alluse~1\dadosd~1\Panda Security
2010-09-13 16:33:50 0 d-----w- d:\arquivos de programas\Panda Security
2010-09-13 14:24:23 297808 ----a-w- d:\windows\system32\TBD1BB.tmp
2010-09-10 00:15:37 0 d-----w- d:\docume~1\alluse~1\dadosd~1\BigFishGamesCache
2010-09-07 12:52:44 3 ----a-w- d:\windows\rrxx.dll
2010-09-02 15:43:03 0 d-----w- d:\windows\system32\wbem\Repository
2010-09-02 15:31:18 0 d-----w- d:\windows\Cache
2010-09-01 16:33:52 0 d-sh--w- D:\Recycled
2010-09-01 01:27:46 0 d-----w- d:\windows\system32\LogFiles
2010-08-31 18:22:53 0 d-----w- d:\windows\system32\wbem\Logs
2010-08-30 15:21:43 0 d-----w- D:\Recycled(2)
2010-08-28 20:03:40 73728 ----a-w- d:\windows\system32\javacpl.cpl
2010-08-25 15:38:43 0 d-----w- d:\arquivos de programas\Windows Live SkyDrive
2010-08-20 21:51:40 77312 ----a-w- d:\windows\MBR.exe
2010-08-19 21:16:56 537842 ----a-w- D:\HaxFix.exe
2010-08-19 21:16:51 0 d-----w- d:\windows\HaxFix
2010-08-19 20:23:12 0 d-----w- d:\docume~1\edsoml~1\dadosd~1\Runscanner.net
2010-08-19 20:04:15 0 d-----w- D:\Lop SD
2010-08-17 22:40:15 0 d---a-r- D:\Autorun.inf

==================== Find3M ====================

2010-08-28 20:03:30 423656 ----a-w- d:\windows\system32\deployJava1.dll
2010-08-03 19:57:26 219648 ----a-w- d:\windows\system32\uxtheme.dll
2010-07-19 22:46:40 56324 ---ha-w- d:\windows\system32\mlfcache.dat
2010-06-30 12:32:26 149504 ----a-w- d:\windows\system32\schannel.dll
2010-06-24 12:24:54 916480 ----a-w- d:\windows\system32\wininet.dll
2010-06-24 09:02:34 1852032 ----a-w- d:\windows\system32\win32k.sys
2010-06-17 14:03:10 80384 ----a-w- d:\windows\system32\iccvid.dll
2009-12-01 18:16:32 38338 ------w- d:\arquivos de programas\Uninst.isu
2009-11-27 21:47:52 218 ------w- d:\arquivos de programas\arquivos comuns\operaprefs_default.ini
2009-11-20 22:11:28 15828 ------w- d:\arquivos de programas\arquivos comuns\license.rtf
2009-11-20 22:01:18 832296 ------w- d:\arquivos de programas\arquivos comuns\opera.exe
2009-11-20 22:01:16 4450088 ------w- d:\arquivos de programas\arquivos comuns\opera.dll
2009-11-20 22:00:42 20480 ------w- d:\arquivos de programas\arquivos comuns\OUniAnsi.dll
2009-11-20 22:00:24 653419 ------w- d:\arquivos de programas\arquivos comuns\encoding.bin
2009-11-13 21:19:06 2320 ------w- d:\arquivos de programas\arquivos comuns\operadef6.ini
2009-08-19 08:39:36 330 ------w- d:\arquivos de programas\setup.ini
2009-07-10 06:20:00 621546 ----a-w- d:\arquivos de programas\arquivos comuns\ACIHELP.HLP.vir
2009-07-10 06:20:00 3219 ----a-w- d:\arquivos de programas\arquivos comuns\Acihelp.cnt.vir
2009-06-17 17:41:58 3870 ----a-w- d:\arquivos de programas\arquivos comuns\lngcode.txt.vir
2008-06-09 13:17:20 301 ----a-w- d:\arquivos de programas\arquivos comuns\c3nform.vxml.vir
2004-02-26 16:35:04 7904 ------w- d:\arquivos de programas\arquivos comuns\html40_entities.dtd
2009-01-21 15:39:44 32768 --sha-w- d:\windows\system32\config\systemprofile\configurações locais\histórico\history.ie5\mshist012009012120090122\index.dat
2009-11-24 09:18:56 32 --sha-w- d:\windows\system32\drivers\fidbox.dat

============= FINISH: 13:58:10,45 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 19/9/2007 10:51:37
System Uptime: 13/9/2010 11:10:33 (2 hours ago)

Motherboard: ECS | | M825G

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2 - Português
Apple Application Support
Apple Software Update
Assistente de Conexão do Windows Live
Atualização de Segurança para o Windows Media Player (KB978695)
Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2)
Atualização de Segurança para Windows Internet Explorer 7 (KB938127)
Atualização de Segurança para Windows Internet Explorer 7 (KB958215)
Atualização de Segurança para Windows Internet Explorer 7 (KB960714)
Atualização de Segurança para Windows Internet Explorer 7 (KB961260)
Atualização de Segurança para Windows Internet Explorer 8 (KB2183461)
Atualização de Segurança para Windows Internet Explorer 8 (KB969897)
Atualização de Segurança para Windows Internet Explorer 8 (KB971961)
Atualização de Segurança para Windows Internet Explorer 8 (KB972260)
Atualização de Segurança para Windows Internet Explorer 8 (KB974455)
Atualização de Segurança para Windows Internet Explorer 8 (KB976325)
Atualização de Segurança para Windows Internet Explorer 8 (KB978207)
Atualização de Segurança para Windows Internet Explorer 8 (KB981332)
Atualização de Segurança para Windows Internet Explorer 8 (KB982381)
Atualização de Segurança para Windows XP (KB2079403)
Atualização de Segurança para Windows XP (KB2115168)
Atualização de Segurança para Windows XP (KB2160329)
Atualização de Segurança para Windows XP (KB2229593)
Atualização de Segurança para Windows XP (KB2286198)
Atualização de Segurança para Windows XP (KB956802)
Atualização de Segurança para Windows XP (KB958687)
Atualização de Segurança para Windows XP (KB975562)
Atualização de Segurança para Windows XP (KB978542)
Atualização de Segurança para Windows XP (KB979482)
Atualização de Segurança para Windows XP (KB979559)
Atualização de Segurança para Windows XP (KB980195)
Atualização de Segurança para Windows XP (KB980218)
Atualização de Segurança para Windows XP (KB980436)
Atualização de Segurança para Windows XP (KB981852)
Atualização de Segurança para Windows XP (KB981997)
Atualização de Segurança para Windows XP (KB982214)
Atualização de Segurança para Windows XP (KB982665)
Atualização para Windows Internet Explorer 8 (KB973874)
Atualização para Windows Internet Explorer 8 (KB976662)
Atualização para Windows Internet Explorer 8 (KB976749)
Atualização para Windows Internet Explorer 8 (KB980182)
Avira AntiVir Personal - Free Antivirus
BrOffice.org 3.1
C-Media WDM Audio Driver
CCleaner
CursorXP
EVEREST Home Edition v2.20
Ferramenta de Carregamento do Windows Live
Gadwin PrintScreen
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix para Windows XP (KB981793)
Java Auto Updater
Java(TM) 6 Update 21
K-Meleon 1.5.4 en-US (remove only)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Speech Recognition Engine 4.0 (English)
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.9)
MSVCRT
MSXML 4.0 SP2 (KB973688)
Opera 10.61
Panda Cloud Antivirus
Revo Uninstaller 1.89
Safari
Segoe UI
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VC 9.0 Runtime
VIA Rhine-Family Fast-Ethernet Adapter
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
XML Paper Specification Shared Components Pack 1.0

==== End Of File ===========================


Abraços
Diogo R.
Diogo R. Ubbergeek Registrado
6.6K Mensagens 191 Curtidas
#2 Por Diogo R.
13/09/2010 - 14:02
Olá

veja.png Desative temporiariamente seu AntiVirus
veja.png Utilize o Navegador Internet Explorer para fazer o scaniamento!
veja.png Acesse o site AQUI
veja.png Faça o scan com o Nod32 de acordo com o flash abaixo:

Imagem


veja.png
Ao final da verificação marque a caixa "Delete Quarantined files" e clique em [FINISH]
veja.png Será gerado um relatório, que estará em:

C:\Arquivos de programas\EsetOnlineScanner\log.txt

Copie e Cole o log aqui...



T+
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#3 Por TmfeijoMMonr...
13/09/2010 - 15:27
Boa tarde !


Segue o log :


ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=fb0b73e41b1f8a469255680fee022a59
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-09-13 15:13:01
# local_time=2010-09-13 14:14:01 (-0300, Hora oficial do Brasil)
# country="Brazil"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1797 88 800 800 258741325984
# compatibility_mode=7425 88 24 0 0
# compatibility_mode=8195 88 431 4 259741203519888556
# compatibility_mode=8196 88 431 4 259741203519888556
# compatibility_mode=8197 88 431 4 259741203519888556
# compatibility_mode=8198 88 431 4 259741203519888556
# compatibility_mode=8199 88 431 4 259741203519888556
# compatibility_mode=8200 88 431 4 259741203519888556
# compatibility_mode=8201 88 431 4 259741203519888556
# compatibility_mode=8202 88 431 4 259741203519888556
# scanned=66184
# found=0
# cleaned=0
# scan_time=15230




Este já o tinha feito antes :


ComboFix 10-09-12.04 - edsom luis 13/09/2010 11:50:00.54.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.327 [GMT -3:00]
Executando de: d:\documents and settings\edsom luis\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\windows\rrxx.dll

d:\windows\explorer.exe . . . está infectado!!

d:\windows\system32\comctl32.dll . . . está infectado!!

d:\windows\system32\ctfmon.exe . . . está infectado!!

d:\windows\system32\setupapi.dll . . . está infectado!!

d:\windows\system32\syssetup.dll . . . está infectado!!

d:\windows\system32\user32.dll . . . está infectado!!

d:\windows\system32\winlogon.exe . . . está infectado!!

.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-08-13 to 2010-09-13 ))))))))))))))))))))))))))))
.

2010-09-13 16:33 . 2010-09-13 16:33 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\Panda Security
2010-09-13 16:33 . 2010-09-13 16:33 -------- d-----w- d:\arquivos de programas\Panda Security
2010-09-10 00:15 . 2010-09-10 00:15 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\BigFishGamesCache
2010-09-02 15:43 . 2010-09-02 15:43 -------- d-----w- d:\windows\system32\wbem\Repository
2010-09-02 15:31 . 2010-09-02 15:31 -------- d-----w- d:\windows\Cache
2010-09-01 01:27 . 2010-09-01 01:27 -------- d-----w- d:\windows\system32\LogFiles
2010-08-31 18:22 . 2010-08-31 18:22 -------- d-----w- d:\windows\system32\wbem\Logs
2010-08-30 15:21 . 2010-08-30 15:21 -------- d-----w- D:\Recycled(2)
2010-08-25 15:38 . 2010-08-25 15:38 -------- d-----w- d:\arquivos de programas\Windows Live SkyDrive
2010-08-25 15:38 . 2010-08-25 15:38 -------- d-----w- d:\arquivos de programas\Windows Live
2010-08-19 21:16 . 2010-04-04 16:04 537842 ----a-w- D:\HaxFix.exe
2010-08-19 21:16 . 2010-08-19 21:16 -------- d-----w- d:\windows\HaxFix
2010-08-19 20:23 . 2010-08-19 20:23 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\Runscanner.net
2010-08-19 20:04 . 2010-08-19 20:04 -------- d-----w- D:\Lop SD

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-13 15:31 . 2010-08-19 20:23 157184 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Runscanner.net\VirusTotalUpload.exe
2010-09-13 14:16 . 2009-08-27 01:37 664 ----a-w- d:\windows\system32\d3d9caps.dat
2010-09-10 01:15 . 2009-09-22 20:52 1 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\BrOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-28 20:03 . 2010-04-18 00:33 423656 ----a-w- d:\windows\system32\deployJava1.dll
2010-08-25 19:25 . 2010-08-31 14:05 614544 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-08-25 19:25 . 2010-08-31 14:05 314816 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-08-23 20:53 . 2010-08-23 20:53 143392 ----a-w- d:\documents and settings\All Users\Dados de aplicativos\BigFishGamesCache\Upgrade\stub\mahjongescapeancie_s1_l1_gF986T1L1_d1020783961.exe
2010-08-12 18:18 . 2010-08-12 18:18 -------- d-----w- d:\arquivos de programas\Arquivos comuns\Windows Live
2010-08-09 14:07 . 2010-08-09 14:07 503808 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-7bdeb69a-n\msvcp71.dll
2010-08-09 14:07 . 2010-08-09 14:07 499712 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-7bdeb69a-n\jmc.dll
2010-08-09 14:07 . 2010-08-09 14:07 348160 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-7bdeb69a-n\msvcr71.dll
2010-08-09 14:07 . 2010-08-09 14:07 61440 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-63c474f1-n\decora-sse.dll
2010-08-09 14:07 . 2010-08-09 14:07 12800 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-63c474f1-n\decora-d3d.dll
2010-08-03 19:57 . 2004-08-04 10:45 219648 ----a-w- d:\windows\system32\uxtheme.dll
2010-07-19 22:46 . 2010-07-19 22:46 56324 ---ha-w- d:\windows\system32\mlfcache.dat
2010-07-19 18:19 . 2010-07-19 18:19 -------- d-----w- d:\arquivos de programas\Safari
2010-07-19 18:19 . 2010-07-19 18:19 -------- d-----w- d:\arquivos de programas\Apple Software Update
2010-07-19 17:57 . 2010-07-19 17:57 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\K-Meleon
2010-07-19 17:55 . 2010-07-19 17:55 -------- d-----w- d:\arquivos de programas\K-Meleon
2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\PC Tools
2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\PC Tools
2010-07-18 00:06 . 2010-07-18 00:06 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\IObit
2010-07-16 15:10 . 2010-07-16 15:10 -------- d-----w- d:\arquivos de programas\Opera
2010-07-16 14:40 . 2010-07-16 14:40 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\Avira
2010-07-16 14:40 . 2010-07-16 14:40 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\Avira
2010-07-16 14:05 . 2010-07-16 14:05 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\Avira(2)
2010-07-15 20:48 . 2010-07-15 20:48 -------- d-----w- d:\arquivos de programas\CursorXP
2010-06-30 12:32 . 2004-08-04 10:45 149504 ----a-w- d:\windows\system32\schannel.dll
2010-06-24 12:24 . 2004-08-04 10:45 916480 ----a-w- d:\windows\system32\wininet.dll
2010-06-24 09:02 . 2004-08-04 10:38 1852032 ----a-w- d:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-04 09:14 354304 ----a-w- d:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-04 10:45 80384 ----a-w- d:\windows\system32\iccvid.dll
2009-12-01 18:16 . 2009-12-01 18:16 38338 ------w- d:\arquivos de programas\Uninst.isu
2009-11-27 21:47 . 2009-11-13 21:19 218 ------w- d:\arquivos de programas\Arquivos comuns\operaprefs_default.ini
2009-11-20 22:11 . 2009-11-20 22:11 15828 ------w- d:\arquivos de programas\Arquivos comuns\license.rtf
2009-11-20 22:01 . 2009-11-20 22:01 832296 ------w- d:\arquivos de programas\Arquivos comuns\opera.exe
2009-11-20 22:01 . 2009-11-20 22:01 4450088 ------w- d:\arquivos de programas\Arquivos comuns\opera.dll
2009-11-20 22:00 . 2009-11-20 22:00 20480 ------w- d:\arquivos de programas\Arquivos comuns\OUniAnsi.dll
2009-11-20 22:00 . 2009-11-20 22:00 653419 ------w- d:\arquivos de programas\Arquivos comuns\encoding.bin
2009-11-13 21:19 . 2009-03-27 23:27 2320 ------w- d:\arquivos de programas\Arquivos comuns\operadef6.ini
2009-08-19 08:39 . 2009-08-19 08:39 330 ------w- d:\arquivos de programas\setup.ini
2009-07-10 06:20 . 2009-12-01 18:16 621546 ----a-w- d:\arquivos de programas\Arquivos comuns\ACIHELP.HLP.vir
2009-07-10 06:20 . 2009-12-01 18:16 3219 ----a-w- d:\arquivos de programas\Arquivos comuns\Acihelp.cnt.vir
2009-06-17 17:41 . 2009-06-17 17:41 3870 ----a-w- d:\arquivos de programas\Arquivos comuns\lngcode.txt.vir
2008-06-09 13:17 . 2008-06-09 13:17 301 ----a-w- d:\arquivos de programas\Arquivos comuns\c3nform.vxml.vir
2004-02-26 16:35 . 2004-02-26 16:35 7904 ------w- d:\arquivos de programas\Arquivos comuns\html40_entities.dtd
2009-11-24 09:18 . 2009-04-29 23:59 32 --sha-w- d:\windows\system32\drivers\fidbox.dat
.

------- Sigcheck -------

[-] 2008-04-13 . 88578EEECDAC059F9B12B8D3DA41FFAB . 1312256 . . [5.1.2600.5512] . . d:\windows\system32\ole32.dll
[-] 2008-04-13 . 88578EEECDAC059F9B12B8D3DA41FFAB . 1312256 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\ole32.dll
[-] 2005-07-26 . B300CB983AB3D3CDE4332E47852706FB . 1285632 . . [5.1.2600.2726] . . d:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 86A64F2146E3DE3E2D0251F7DEC38C3A . 1286144 . . [5.1.2600.2665] . . d:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll

[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\ServicePackFiles\i386\iexplore.exe
[7] 2008-12-19 . 15E8A89499741D5CF59A9CF6463A4339 . 634024 . . [7.00.6000.20978] . . d:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[7] 2008-12-19 . 030D78FE84A086ED376EFCBD2D72C522 . 634024 . . [7.00.6000.16791] . . d:\windows\ie8\iexplore.exe
[7] 2008-10-15 . 9D3DB9ADFABD2F0BC778EC03250A3ABB . 633632 . . [7.00.6000.16762] . . d:\windows\ie7updates\KB961260-IE7\iexplore.exe
[7] 2008-10-15 . 056C927CF7207857E8B34F7A8FFD9B9E . 633632 . . [7.00.6000.20935] . . d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . d:\windows\ie7updates\KB958215-IE7\iexplore.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-09-01_16.29.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-13 14:11 . 2010-09-13 14:11 16384 d:\windows\temp\Perflib_Perfdata_6f4.dat
+ 2010-09-13 17:57 . 2010-09-13 17:57 16384 d:\windows\temp\Perflib_Perfdata_148.dat
- 2007-09-19 13:45 . 2007-09-20 15:40 86327 d:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2007-09-13 19:01 . 2007-09-14 19:51 86327 d:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2010-09-13 15:07 . 2010-09-13 15:07 37888 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll
- 2010-08-27 14:21 . 2010-08-27 14:21 37888 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 82944 d:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
- 2010-08-27 03:20 . 2010-08-27 03:20 82944 d:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
- 2010-09-01 16:06 . 2010-09-01 16:06 32768 d:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 32768 d:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 36864 d:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-09-01 16:06 . 2010-09-01 16:06 36864 d:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-09-19 13:45 . 2007-09-20 15:40 2426 d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2007-09-13 19:01 . 2007-09-14 19:51 2426 d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2007-09-13 19:01 . 2007-09-14 19:50 8972 d:\windows\pchealth\helpctr\Config\Cntstore.bin
- 2007-09-19 13:45 . 2007-09-20 15:39 8972 d:\windows\pchealth\helpctr\Config\Cntstore.bin
+ 2010-09-13 14:25 . 2010-09-13 14:25 5632 d:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-09-01 16:05 . 2010-09-01 16:05 5632 d:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-09-19 13:51 . 2007-09-19 13:46 229376 d:\windows\repair\ntuser.dat
+ 2007-09-13 19:08 . 2007-09-13 19:02 229376 d:\windows\repair\ntuser.dat
- 2010-08-29 14:20 . 2010-08-29 14:20 141312 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 141312 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
- 2010-08-29 14:20 . 2010-08-29 14:20 633856 d:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 633856 d:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 345088 d:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\08cd178472b176617a61c0e00a84b312\SMSvcHost.ni.exe
+ 2010-09-13 15:07 . 2010-09-13 15:07 386560 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f66db4c34c67e97471d904466012625e\Microsoft.Transactions.Bridge.Dtc.ni.dll
- 2010-08-31 00:01 . 2010-08-31 00:01 386560 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f66db4c34c67e97471d904466012625e\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 405504 d:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\30d2c5f89fad1f947d6e9666e57919ea\ComSvcConfig.ni.exe
- 2010-08-31 00:01 . 2010-08-31 00:01 405504 d:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\30d2c5f89fad1f947d6e9666e57919ea\ComSvcConfig.ni.exe
- 2010-09-01 16:06 . 2010-09-01 16:06 131072 d:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 131072 d:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-09-01 16:05 . 2010-09-01 16:06 372736 d:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 372736 d:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-09-01 16:06 . 2010-09-01 16:06 188416 d:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-09-13 14:26 . 2010-09-13 14:26 188416 d:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-09-01 16:05 . 2010-09-01 16:05 970752 d:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 970752 d:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-09-01 16:05 . 2010-09-01 16:05 745472 d:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 745472 d:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-09-01 16:05 . 2010-09-01 16:05 425984 d:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 425984 d:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 655360 d:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-09-01 16:05 . 2010-09-01 16:06 655360 d:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 348160 d:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-09-01 16:06 . 2010-09-01 16:06 348160 d:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-09-01 16:06 . 2010-09-01 16:06 261632 d:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 261632 d:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 113664 d:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-09-01 16:06 . 2010-09-01 16:06 113664 d:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 258048 d:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-09-01 16:06 . 2010-09-01 16:06 258048 d:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 486400 d:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-09-01 16:05 . 2010-09-01 16:05 486400 d:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-08-29 17:16 . 2010-09-02 15:43 5045704 d:\windows\system32\Restore\rstrlog.dat
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\387d6df.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\35738.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\3173c64.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\2f2559d.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\2ea75.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\2dde2.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\2d537.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\2cff7.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\2910a.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\28012.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\25d5823.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\1f79dd7.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\1c3f932.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\1ae5e11.msp
+ 2009-11-09 03:25 . 2009-11-09 03:25 1935360 d:\windows\Installer\18f435c.msp
- 2010-08-29 13:40 . 2010-08-29 13:40 7949824 d:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 7949824 d:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
+ 2010-09-13 15:08 . 2010-09-13 15:08 1356288 d:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\5254fba10ac1499ed48806ad736272ce\System.WorkflowServices.ni.dll
- 2010-08-31 00:01 . 2010-08-31 00:01 1356288 d:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\5254fba10ac1499ed48806ad736272ce\System.WorkflowServices.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 2403328 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f9265c92f94e8b52bbabb1383a7885ce\System.Web.Extensions.ni.dll
- 2010-08-31 00:01 . 2010-08-31 00:01 2403328 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f9265c92f94e8b52bbabb1383a7885ce\System.Web.Extensions.ni.dll
- 2010-08-31 00:01 . 2010-08-31 00:01 1328128 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\65edb47c04cf393973d39a87f7a0725a\System.Data.Services.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 1328128 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\65edb47c04cf393973d39a87f7a0725a\System.Data.Services.ni.dll
- 2010-08-29 13:40 . 2010-08-29 13:40 2295296 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\b07f7f5dd13eb6b401700dab7c3a172f\System.Core.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 2295296 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\b07f7f5dd13eb6b401700dab7c3a172f\System.Core.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 1093120 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\a87fcbf75690d729fd2f2b16651d605d\Microsoft.Transactions.Bridge.ni.dll
- 2010-08-31 00:01 . 2010-08-31 00:01 1093120 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\a87fcbf75690d729fd2f2b16651d605d\Microsoft.Transactions.Bridge.ni.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 3182592 d:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-09-01 16:05 . 2010-09-01 16:05 3182592 d:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-09-01 16:05 . 2010-09-01 16:05 2048000 d:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 2048000 d:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-09-01 16:05 . 2010-09-01 16:05 2933248 d:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-09-13 14:25 . 2010-09-13 14:25 2933248 d:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-09-01 16:02 . 2010-09-01 16:02 4546560 d:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-09-13 14:20 . 2010-09-13 14:20 4546560 d:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\387d6d6.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\3572f.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\3173c5b.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\2f25594.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\2ea6c.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\2ddd9.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\2d52e.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\2cfee.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\29101.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\28009.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\25d581a.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\1f79dce.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\1c3f929.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\1ae5e08.msp
+ 2010-05-19 16:08 . 2010-05-19 16:08 11408896 d:\windows\Installer\18f4353.msp
- 2010-08-29 14:20 . 2010-08-29 14:20 11797504 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
+ 2010-09-13 15:07 . 2010-09-13 15:07 11797504 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
+ 2010-09-13 15:06 . 2010-09-13 15:06 11486720 d:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
- 2010-09-01 16:29 . 2010-09-01 16:29 11486720 d:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snapshot resetado para data atual --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CursorXP"="d:\arquivos de programas\CursorXP\CursorXP.exe" [2005-01-19 128000]
"msnmsgr"="d:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="d:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DWQueuedReporting"="d:\arquiv~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^BrOffice.org 3.1.lnk]

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^setup_9.0.0.722_15.01.2010_15-37.lnk]

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^setup_9.0.0.722_18.02.2010_16-03.lnk]

[HKLM\~\startupfolder\^.mjsync_pt_BR]
path=\.mjsync_pt_BR

[HKLM\~\startupfolder\^catchme.exe]
path=\catchme.exe

[HKLM\~\startupfolder\^Desktop.rar]
path=\Desktop.rar

[HKLM\~\startupfolder\^dumphive.exe]
path=\dumphive.exe

[HKLM\~\startupfolder\^Favoritos.rar]
path=\Favoritos.rar

[HKLM\~\startupfolder\^haxoth2.txt]
path=\haxoth2.txt

[HKLM\~\startupfolder\^ipconfig]
path=\ipconfig

[HKLM\~\startupfolder\^Items.xml]
path=\Items.xml

[HKLM\~\startupfolder\^md5file.exe]
path=\md5file.exe

[HKLM\~\startupfolder\^moveex.exe]
path=\moveex.exe

[HKLM\~\startupfolder\^NTUSER.DAT]
path=\ntuser.dat

[HKLM\~\startupfolder\^NTUSER.DAT.bak_jv16pt]
path=\NTUSER.DAT.bak_jv16pt

[HKLM\~\startupfolder\^ntuser.dat.LOG]
path=\ntuser.dat.LOG

[HKLM\~\startupfolder\^NTUSER.DAT.tmp.LOG]
path=\NTUSER.DAT.tmp.LOG

[HKLM\~\startupfolder\^ntuser.ini]
path=\ntuser.ini

[HKLM\~\startupfolder\^ntuser.pol]
path=\ntuser.pol

[HKLM\~\startupfolder\^PrivacIE.rar]
path=\PrivacIE.rar

[HKLM\~\startupfolder\^process.exe]
path=\process.exe

[HKLM\~\startupfolder\^rebuilt.Menu Iniciar.rar]
path=\rebuilt.Menu Iniciar.rar

[HKLM\~\startupfolder\^rebuilt.UserData.rar]
path=\rebuilt.UserData.rar

[HKLM\~\startupfolder\^run2.hax]
path=\run2.hax

[HKLM\~\startupfolder\^settings.dat]
path=\settings.dat

[HKLM\~\startupfolder\^swsc.exe]
path=\swsc.exe

[HKLM\~\startupfolder\^tool_en.log]
path=\tool_en.log

[HKLM\~\startupfolder\^UserData.rar]
path=\UserData.rar

[HKLM\~\startupfolder\^vfind.exe]
path=\vfind.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- d:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- d:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 03:20 15360 ----a-w- d:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorXP]
2005-01-19 19:34 128000 ----a-w- d:\arquivos de programas\CursorXP\CursorXP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2008-11-04 04:44 435096 ------w- d:\arquiv~1\ARQUIV~1\MICROS~1\DW\DWTRIG20.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 01:12 3872080 ----a-w- d:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 14:44 248552 ----a-w- d:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"GoogleDesktopManager-060409-093314"=3 (0x3)
"ZeppelinService"=2 (0x2)
"idsvc"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Arquivos de programas\\Arquivos comuns\\opera.exe"=
"d:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Arquivos de programas\\Opera\\opera.exe"=
"d:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"d:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 VBoxDrv;VirtualBox Service;d:\windows\system32\drivers\VBoxDrv.sys [18/9/2009 13:11 142864]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;d:\windows\system32\drivers\VBoxUSBMon.sys [18/9/2009 13:10 41744]
R2 713xTVCard;SAA7131 TV Card;d:\windows\system32\drivers\SAA713x.sys [15/3/2005 12:00 277504]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [3/5/2010 15:00 135336]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;d:\windows\system32\drivers\VBoxNetAdp.sys [18/9/2009 13:11 100368]
R3 VBoxNetFlt;VBoxNetFlt Service;d:\windows\system32\drivers\VBoxNetFlt.sys [18/5/2010 20:28 111248]
R3 xpvcom;XPVCOM Port;d:\windows\system32\drivers\XPVCOM.sys [23/3/2007 02:00 30032]
.
Conteúdo da pasta 'Tarefas Agendadas'

2010-09-13 d:\windows\Tasks\User_Feed_Synchronization-{85870EB0-73F3-41E1-92DD-7C153C1F486E}.job
- d:\windows\system32\msfeedssync.exe [2007-08-13 07:31]
.
.
------- Scan Suplementar -------
.
mWindow Title =
IE: E&xportar para o Microsoft Excel
FF - ProfilePath - d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/webhp?hl=pt-BR
FF - component: d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: d:\arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
d:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
d:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-13 11:59
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\.Default\Software\Stardock\WindowBlinds\WB5.ini\Installed]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\Microsoft.MSN.MCC.USNJSVC.1\CLSID]
@DACL=(02 0000)
@="{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}"

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler\CLSID]
@DACL=(02 0000)
@="{D74C0C0E-14F3-402C-9379-3E2BD0BF5D06}"

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler\CurVer]
@DACL=(02 0000)
@="MSN.V2SDeviceHandler.1"

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler.1\CLSID]
@DACL=(02 0000)
@="{D74C0C0E-14F3-402C-9379-3E2BD0BF5D06}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer\CLSID]
@DACL=(02 0000)
@="{6E2200B4-7C9E-44C6-96A3-F904A7AB8880}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer\CurVer]
@DACL=(02 0000)
@="pcsexe.Dialer.1"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer.1\CLSID]
@DACL=(02 0000)
@="{6E2200B4-7C9E-44C6-96A3-F904A7AB8880}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer\CLSID]
@DACL=(02 0000)
@="{81C63250-607F-4e79-9FCB-F756C16C5AB9}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer\CurVer]
@DACL=(02 0000)
@="pcsexe.Dialer.1"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer.1\CLSID]
@DACL=(02 0000)
@="{81C63250-607F-4e79-9FCB-F756C16C5AB9}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut\CLSID]
@DACL=(02 0000)
@="{630ED07B-04A5-4AB9-A73B-FD94F34D5F09}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut\CurVer]
@DACL=(02 0000)
@="pcsexe.PstnOut.1"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut.1\CLSID]
@DACL=(02 0000)
@="{630ED07B-04A5-4AB9-A73B-FD94F34D5F09}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer\CLSID]
@DACL=(02 0000)
@="{72770783-9801-43c4-9E1F-9084BAE210CF}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer\CurVer]
@DACL=(02 0000)
@="Softphone.Dialer.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer.1\CLSID]
@DACL=(02 0000)
@="{72770783-9801-43c4-9E1F-9084BAE210CF}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow\CLSID]
@DACL=(02 0000)
@="{37E192CB-B5C5-4487-9D66-2550B6F57B7A}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow\CurVer]
@DACL=(02 0000)
@="Softphone.DialerWindow.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow.1\CLSID]
@DACL=(02 0000)
@="{37E192CB-B5C5-4487-9D66-2550B6F57B7A}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error\CLSID]
@DACL=(02 0000)
@="{C2F86E32-3AD2-42f1-94F2-D7E0414F2C10}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error\CurVer]
@DACL=(02 0000)
@="Softphone.Error.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error.1\CLSID]
@DACL=(02 0000)
@="{C2F86E32-3AD2-42f1-94F2-D7E0414F2C10}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact\CLSID]
@DACL=(02 0000)
@="{52C92B9C-B117-4AC5-AD94-A6D8604608BB}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact\CurVer]
@DACL=(02 0000)
@="Softphone.PhoneContact.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact.1\CLSID]
@DACL=(02 0000)
@="{52C92B9C-B117-4AC5-AD94-A6D8604608BB}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber\CLSID]
@DACL=(02 0000)
@="{B0C5F2DF-5D4B-4DBC-888E-D96E971B57F4}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber\CurVer]
@DACL=(02 0000)
@="Softphone.PhoneNumber.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber.1\CLSID]
@DACL=(02 0000)
@="{B0C5F2DF-5D4B-4DBC-888E-D96E971B57F4}"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob\CLSID]
@DACL=(02 0000)
@="{9B38B1AC-C774-46AB-AD99-0C19871F0714}"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob\CurVer]
@DACL=(02 0000)
@="WindowsLive.SetupJob.1"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob.1\CLSID]
@DACL=(02 0000)
@="{9B38B1AC-C774-46AB-AD99-0C19871F0714}"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService\CLSID]
@DACL=(02 0000)
@="{585D47D2-CF74-4869-BF4E-DF5662504F11}"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService\CurVer]
@DACL=(02 0000)
@="WindowsLive.SetupService.1"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService.1\CLSID]
@DACL=(02 0000)
@="{585D47D2-CF74-4869-BF4E-DF5662504F11}"

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedCompression.1\CLSID]
@DACL=(02 0000)
@="{4C836512-BB70-11D2-A5A7-00105A9C91C6}"

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedCompression.1\Insertable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedZip.4\CLSID]
@DACL=(02 0000)
@="{DB797690-40E0-11D2-9BD5-0060082AE372}"

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedZip.4\Insertable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="D?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(1044)
d:\windows\system32\sfc_os.dll
d:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1100)
d:\windows\system32\psbase.dll

- - - - - - - > 'explorer.exe'(3100)
d:\windows\system32\WININET.dll
d:\windows\system32\COMRes.dll
d:\windows\System32\cscui.dll
d:\arquivos de programas\CursorXP\CurXP0.dll
d:\windows\system32\msi.dll
d:\windows\system32\ntshrui.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
d:\windows\system32\NETSHELL.dll
d:\windows\system32\credui.dll
.
------------------------ Outros Processos em Execução ------------------------
.
d:\arquivos de programas\Avira\AntiVir Desktop\avguard.exe
d:\arquivos de programas\Java\jre6\bin\jqs.exe
d:\arquivos de programas\Avira\AntiVir Desktop\avshadow.exe
d:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
d:\windows\system32\wscntfy.exe
d:\windows\system32\wbem\wmiapsrv.exe
d:\arquiv~1\ARQUIV~1\MICROS~1\DW\DW20.EXE
.
**************************************************************************
.
Tempo para conclusão: 2010-09-13 12:03:02 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-09-13 18:03
ComboFix2.txt 2010-09-01 16:32
ComboFix3.txt 2010-08-30 12:30

Pré-execução: 16 pasta(s) 34.203.959.296 bytes disponíveis
Pós execução: 17 pasta(s) 34.862.923.776 bytes disponíveis

- - End Of File - - 7F8D9079B6D1ACD0E49A45EFAED47B6B



Este tópico foi respondido em duplicidade ( post acima semelhante à este ) por erro do próprio fórum ; pois constou a mensagem que tinha que aguardar 10 minutos para responder e estava off ; sendo que já tinha respondido/postado .




Obrigado e abraços
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
Diogo R.
Diogo R. Ubbergeek Registrado
6.6K Mensagens 191 Curtidas
#4 Por Diogo R.
13/09/2010 - 20:32
Olá.

Está bem danificado.u.u

Faça o download do Kaspersky Removal Tool

veja.png Uma Janela irá aparecer...na aba "Automatic Scan", selecione tudo..

Kaspersky-Virus-Removal-Tool_1.png

veja.png Clique então em "Start scan"...aguarde. Pode demorar, seja paciente!
veja.png Ao encontrar algum malware, confirme a remoção ou a desinfectação clicando em "Skip"
veja.png Ao finalizar, clique [Report]
veja.png Uma janela chamada "Detailed report" será aberta
veja.png Clique no sinal [+] ao lado de Autoscan para expandir os eventos encontrados
veja.png Clique com o botão direito do mouse em Autoscan e selecione "Select all"
veja.png Clique novamente com o botão direito do mouse e selecione "Copy"
veja.png Abra o bloco de notas, cole (Ctrl+v) e salve o arquivo no desktop como log.txt
veja.png Feche a janela "Detailed report" do Kasperky
veja.png Na tela principal do Kaspersky clique em [Exit] > [No]
veja.png Cole o relatório (log.txt) salvo no desktop na sua próxima resposta

Obs: Caso o log ficar muito grande, hospede o documento...


T+
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#5 Por TmfeijoMMonr...
13/09/2010 - 21:26
Boa noite !


Segue :

Autoscan: completed 5 minutes ago (events: 2, objects: 35448, time: 00:40:01)
13/9/2010 20:35:10 Task started
13/9/2010 21:15:11 Task completed


Abraços
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
Diogo R.
Diogo R. Ubbergeek Registrado
6.6K Mensagens 191 Curtidas
#7 Por Diogo R.
14/09/2010 - 13:06
Olá Tmfeijo

1.

veja.png Abra a pasta Virus Removal Tool, localizada no desktop, execute o atalho Start
veja.png Clique em [Exit] > [Yes] > [Sim] > [Sim]
veja.png O PC será reiniciado
veja.png Delete os arquivos setup do Kaspersky e log.txt salvos no desktop

2.

veja.png Faça o download do Dr.WebCureit e salve-o no desktop
veja.png Duplo clique em launch.exe
veja.png Clique em [Opções] e altere o idioma para "Português"
veja.png Selecione a opção [Verificação completa] e clique na seta para iniciar o scan
veja.png Ao término, clique em [Ficheiro] e selecione a opção [Guardar lista de relatórios] e salve-o no desktop
veja.png Cole o relatório criado


T+
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#8 Por TmfeijoMMonr...
14/09/2010 - 17:04
Boa tarde ! Diogo R.


Meu caro amigo Diogo R.; este software o Dr.WebCureit ao terminar de baixa - lo ; pede se para rodar em modo seguro, sendo que não roda no mesmo, nem no modo normal e nem no modo seguro com rede .foi_ruim.gifde_olho.gif



Abraços
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
Diogo R.
Diogo R. Ubbergeek Registrado
6.6K Mensagens 191 Curtidas
#9 Por Diogo R.
14/09/2010 - 20:55
Olá.

1

veja.png Selecione e copie esse caminho abaixo:


d:\windows\explorer.exe


veja.pngEntre no site seguinte: http://www.virustotal.com.br

veja.png Clique no botão "Enviar Arquivo" do lado de uma barra.
veja.png Abrirá uma pequena janela como na imagem abaixo:

Imagem

veja.png Depois cola o caminho na janela e clique em "Abrir" e depois clique no botão em [ENVIAR ARQUIVO].

veja.png Após enviar, irá aparecer um botão [Mostrar Último Relatório], clique nele, irá levar a página dos resultados, você irá copiar e colar o link que estará na barra de navegação do seu Navegador:

Imagem

Obs: Caso não apareça o botão [Mostrar Último Relatório] e já leve para a página nos resultados, pode copiar e colar o Link como explicado anteriormente.


T+
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#10 Por TmfeijoMMonr...
14/09/2010 - 21:49
Boa noite !

Segue o resultado :


explorer.exe
Submission date:
2010-09-15 00:34:43 (UTC)
Current status:
queued (#1) queued (#1) analysing finished
Imagem
Result:
0/ 43 (0.0%)

VT Community
Imagem
not reviewed
Safety score: -
Compact
Print results


Antivirus Version Last Update Result AhnLab-V32010.09.15.002010.09.14-AntiVir8.2.4.522010.09.14-Antiy-AVL2.0.3.72010.09.14-Authentium5.2.0.52010.09.14-Avast4.8.1351.02010.09.14-Avast55.0.594.02010.09.14-AVG9.0.0.8512010.09.14-BitDefender7.22010.09.15-CAT-QuickHeal11.002010.09.14-ClamAV0.96.2.0-git2010.09.15-Comodo60782010.09.15-DrWeb5.0.2.033002010.09.15-Emsisoft5.0.0.372010.09.15-eSafe7.0.17.02010.09.14-eTrust-Vet36.1.78552010.09.14-F-Prot4.6.1.1072010.09.14-F-Secure9.0.15370.02010.09.14-Fortinet4.1.143.02010.09.13-GData212010.09.15-IkarusT3.1.1.88.02010.09.15-Jiangmin13.0.9002010.09.14-K7AntiVirus9.63.25122010.09.14-Kaspersky7.0.0.1252010.09.15-McAfee5.400.0.11582010.09.15-McAfee-GW-Edition2010.1B2010.09.14-Microsoft1.61032010.09.14-NOD3254512010.09.14-Norman6.06.062010.09.14-nProtect2010-09-14.012010.09.14-Panda10.0.2.72010.09.14-PCTools7.0.3.52010.09.15-Prevx3.02010.09.15-Rising22.65.01.042010.09.14-Sophos4.57.02010.09.14-Sunbelt68762010.09.14-SUPERAntiSpyware4.40.0.10062010.09.15-Symantec20101.1.1.72010.09.14-TheHacker6.7.0.0.0172010.09.14-TrendMicro9.120.0.10042010.09.14-TrendMicro-HouseCall9.120.0.10042010.09.15-VBA323.12.14.02010.09.14-ViRobot2010.8.25.40062010.09.14-VirusBuster12.65.6.02010.09.14- Additional information
Show all
MD5 : 064ec7ff5f58b928c3e119402977fa6d



Abraços
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#12 Por TmfeijoMMonr...
15/09/2010 - 18:33
Boa tarde !


Não tenho o cd do windows XP . Removi o programa seven remix XP, reinstalei o service pack 3 e o avira está atualizando; porém :

ComboFix 10-09-14.05 - edsom luis 15/09/2010 14:25:53.55.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.291 [GMT -3:00]
Executando de: d:\documents and settings\edsom luis\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.

A cópia de d:\windows\system32\midimap.dll foi encontrada e desinfectada
Cópia restaurada de - d:\windows\NiwradSoft Shell Pack\Backup\midimap.dll

.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-08-15 to 2010-09-15 ))))))))))))))))))))))))))))
.

2010-09-15 17:05 . 2010-09-15 17:05 -------- d-----w- d:\windows\LastGood.Tmp
2010-09-15 17:03 . 2008-04-13 22:20 33792 ------w- d:\windows\system32\dllcache\custsat.dll
2010-09-15 16:59 . 2010-09-15 16:59 -------- d-----w- d:\windows\EHome
2010-09-13 16:33 . 2010-09-13 16:33 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\Panda Security
2010-09-10 00:15 . 2010-09-10 00:15 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\BigFishGamesCache
2010-09-02 15:43 . 2010-09-02 15:43 -------- d-----w- d:\windows\system32\wbem\Repository
2010-09-02 15:31 . 2010-09-02 15:31 -------- d-----w- d:\windows\Cache
2010-09-01 01:27 . 2010-09-01 01:27 -------- d-----w- d:\windows\system32\LogFiles
2010-08-31 18:22 . 2010-08-31 18:22 -------- d-----w- d:\windows\system32\wbem\Logs
2010-08-31 14:05 . 2010-08-25 19:25 614544 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-08-31 14:05 . 2010-08-25 19:25 314816 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-08-30 15:21 . 2010-08-30 15:21 -------- d-----w- D:\Recycled(2)
2010-08-25 15:38 . 2010-08-25 15:38 -------- d-----w- d:\arquivos de programas\Windows Live SkyDrive
2010-08-25 15:38 . 2010-08-25 15:38 -------- d-----w- d:\arquivos de programas\Windows Live
2010-08-23 20:53 . 2010-08-23 20:53 143392 ----a-w- d:\documents and settings\All Users\Dados de aplicativos\BigFishGamesCache\Upgrade\stub\mahjongescapeancie_s1_l1_gF986T1L1_d1020783961.exe
2010-08-19 21:16 . 2010-04-04 16:04 537842 ----a-w- D:\HaxFix.exe
2010-08-19 21:16 . 2010-08-19 21:16 -------- d-----w- d:\windows\HaxFix
2010-08-19 20:23 . 2010-09-13 15:31 157184 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Runscanner.net\VirusTotalUpload.exe
2010-08-19 20:23 . 2010-08-19 20:23 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\Runscanner.net
2010-08-19 20:04 . 2010-08-19 20:04 -------- d-----w- D:\Lop SD

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-13 14:16 . 2009-08-27 01:37 664 ----a-w- d:\windows\system32\d3d9caps.dat
2010-09-10 01:15 . 2009-09-22 20:52 1 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\BrOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-28 20:03 . 2010-04-18 00:33 423656 ----a-w- d:\windows\system32\deployJava1.dll
2010-08-12 18:18 . 2010-08-12 18:18 -------- d-----w- d:\arquivos de programas\Arquivos comuns\Windows Live
2010-08-09 14:07 . 2010-08-09 14:07 503808 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-7bdeb69a-n\msvcp71.dll
2010-08-09 14:07 . 2010-08-09 14:07 499712 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-7bdeb69a-n\jmc.dll
2010-08-09 14:07 . 2010-08-09 14:07 348160 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-7bdeb69a-n\msvcr71.dll
2010-08-09 14:07 . 2010-08-09 14:07 61440 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-63c474f1-n\decora-sse.dll
2010-08-09 14:07 . 2010-08-09 14:07 12800 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-63c474f1-n\decora-d3d.dll
2010-07-19 22:46 . 2010-07-19 22:46 56324 ---ha-w- d:\windows\system32\mlfcache.dat
2010-07-19 18:19 . 2010-07-19 18:19 -------- d-----w- d:\arquivos de programas\Safari
2010-07-19 18:19 . 2010-07-19 18:19 -------- d-----w- d:\arquivos de programas\Apple Software Update
2010-07-19 17:57 . 2010-07-19 17:57 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\K-Meleon
2010-07-19 17:55 . 2010-07-19 17:55 -------- d-----w- d:\arquivos de programas\K-Meleon
2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\PC Tools
2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\PC Tools
2010-07-18 00:06 . 2010-07-18 00:06 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\IObit
2010-06-30 12:32 . 2004-08-04 10:45 149504 ----a-w- d:\windows\system32\schannel.dll
2010-06-24 12:24 . 2004-08-04 10:45 983040 ----a-w- d:\windows\system32\wininet.dll
2010-06-24 09:02 . 2004-08-04 10:38 1852032 ----a-w- d:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-04 09:14 354304 ----a-w- d:\windows\system32\drivers\srv.sys
2009-12-01 18:16 . 2009-12-01 18:16 38338 ------w- d:\arquivos de programas\Uninst.isu
2009-11-27 21:47 . 2009-11-13 21:19 218 ------w- d:\arquivos de programas\Arquivos comuns\operaprefs_default.ini
2009-11-20 22:11 . 2009-11-20 22:11 15828 ------w- d:\arquivos de programas\Arquivos comuns\license.rtf
2009-11-20 22:01 . 2009-11-20 22:01 832296 ------w- d:\arquivos de programas\Arquivos comuns\opera.exe
2009-11-20 22:01 . 2009-11-20 22:01 4450088 ------w- d:\arquivos de programas\Arquivos comuns\opera.dll
2009-11-20 22:00 . 2009-11-20 22:00 20480 ------w- d:\arquivos de programas\Arquivos comuns\OUniAnsi.dll
2009-11-20 22:00 . 2009-11-20 22:00 653419 ------w- d:\arquivos de programas\Arquivos comuns\encoding.bin
2009-11-13 21:19 . 2009-03-27 23:27 2320 ------w- d:\arquivos de programas\Arquivos comuns\operadef6.ini
2009-08-19 08:39 . 2009-08-19 08:39 330 ------w- d:\arquivos de programas\setup.ini
2009-07-10 06:20 . 2009-12-01 18:16 621546 ----a-w- d:\arquivos de programas\Arquivos comuns\ACIHELP.HLP.vir
2009-07-10 06:20 . 2009-12-01 18:16 3219 ----a-w- d:\arquivos de programas\Arquivos comuns\Acihelp.cnt.vir
2009-06-17 17:41 . 2009-06-17 17:41 3870 ----a-w- d:\arquivos de programas\Arquivos comuns\lngcode.txt.vir
2008-06-09 13:17 . 2008-06-09 13:17 301 ----a-w- d:\arquivos de programas\Arquivos comuns\c3nform.vxml.vir
2004-02-26 16:35 . 2004-02-26 16:35 7904 ------w- d:\arquivos de programas\Arquivos comuns\html40_entities.dtd
2009-11-24 09:18 . 2009-04-29 23:59 32 --sha-w- d:\windows\system32\drivers\fidbox.dat
.

------- Sigcheck -------

[-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . d:\windows\system32\winlogon.exe
[7] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . d:\windows\ERDNT\cache\WINLOGON.EXE
[7] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[7] 2008-04-13 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\winlogon.exe

[-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . d:\windows\system32\comctl32.dll
[7] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . d:\windows\ERDNT\cache\COMCTL32.DLL
[7] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . d:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[7] 2008-04-13 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . d:\windows\ServicePackFiles\i386\comctl32.dll

[7] 2010-06-24 . BFD26DB90A37C2B79EBA3F0FCB36B5CF . 5954560 . . [8.00.6001.23037] . . d:\windows\ie8\mshtml.dll
[7] 2010-06-24 . BFD26DB90A37C2B79EBA3F0FCB36B5CF . 5954560 . . [8.00.6001.23037] . . d:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 04819CB0FD378DF668E0126E795B39D1 . 6112768 . . [8.00.6001.18939] . . d:\windows\system32\mshtml.dll
[7] 2010-06-24 . 3E34A8371BF952433A4D645CAA15B1F8 . 5951488 . . [8.00.6001.18939] . . d:\windows\ERDNT\cache\mshtml.dll
[7] 2010-06-24 . 3E34A8371BF952433A4D645CAA15B1F8 . 5951488 . . [8.00.6001.18939] . . d:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2010-05-06 . 7DD1799F5CA037BE23A9C1ECE2222151 . 6112256 . . [8.00.6001.18928] . . d:\windows\ie8updates\KB2183461-IE8\mshtml.dll
[7] 2010-05-06 . AA1410ABF16D5F3655569927075CEF05 . 5953024 . . [8.00.6001.23019] . . d:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . A709662B2C291B04B765FAC8583AC8E0 . 6106112 . . [8.00.6001.18904] . . d:\windows\ie8updates\KB982381-IE8\mshtml.dll
[7] 2008-04-13 . 64C5EB55D74A90AB4DC89F9A6C2E797F . 3066880 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\mshtml.dll

[-] 2010-04-28 . 17266497E25E5864AAE5A6779F67046B . 2354304 . . [5.1.2600.5973] . . d:\windows\system32\ntoskrnl.exe
[7] 2010-04-28 . DE753D0C2FB81D7E6107B12CF036DCD1 . 2194176 . . [5.1.2600.5973] . . d:\windows\ERDNT\cache\ntoskrnl.exe
[7] 2010-04-28 . DE753D0C2FB81D7E6107B12CF036DCD1 . 2194176 . . [5.1.2600.5973] . . d:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[7] 2010-04-28 . 2B14801C5D196E8BEC3EA573B3B2DA44 . 2194304 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-17 . 16F9B5E8C253A9211ED01885077C7526 . 2354304 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[7] 2008-04-13 . 185F6C64734019E7E9F626E53CC37FB4 . 2193280 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\ntoskrnl.exe

[7] 2010-06-24 . 119AC859ABDA997E87CD30E10145B1AD . 919040 . . [8.00.6001.23037] . . d:\windows\ie8\wininet.dll
[7] 2010-06-24 . 119AC859ABDA997E87CD30E10145B1AD . 919040 . . [8.00.6001.23037] . . d:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . BA2D3FF9F2F464CF86449AB436029A94 . 983040 . . [8.00.6001.18939] . . d:\windows\system32\wininet.dll
[7] 2010-06-24 . 1F337249AE3EF62110CEED8A0425E7C7 . 916480 . . [8.00.6001.18939] . . d:\windows\ERDNT\cache\WININET.DLL
[7] 2010-06-24 . 1F337249AE3EF62110CEED8A0425E7C7 . 916480 . . [8.00.6001.18939] . . d:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2010-05-06 . 5CD052E4E5E4463BC6A5543D8351BFAA . 983040 . . [8.00.6001.18923] . . d:\windows\ie8updates\KB2183461-IE8\wininet.dll
[7] 2010-05-06 . 326CDF2109D669998922946D6B490836 . 919040 . . [8.00.6001.23014] . . d:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 9B25F4F2E1C0622CB951FCAED549F0A9 . 983040 . . [8.00.6001.18904] . . d:\windows\ie8updates\KB982381-IE8\wininet.dll
[7] 2008-04-13 . DF6D0F37A71883BE3505DD517EB8AD83 . 668160 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\wininet.dll

[-] 2008-04-14 . 77F71BF6970EA10B4CC9AA1D45654AA0 . 1542656 . . [6.00.2900.5512] . . d:\windows\explorer.exe
[7] 2008-04-14 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . d:\windows\ERDNT\cache\explorer.exe
[7] 2008-04-14 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[7] 2008-04-13 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\explorer.exe

[-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . d:\windows\system32\ctfmon.exe
[7] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . d:\windows\ERDNT\cache\ctfmon.exe
[7] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[7] 2008-04-13 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\ctfmon.exe

[-] 2010-04-29 . AA06D29D46C992CF620C6FE8037123E9 . 2231296 . . [5.1.2600.5973] . . d:\windows\system32\ntkrnlpa.exe
[7] 2010-04-29 . 7FDAC9D0C4F6EBC61160EC9F00F03C20 . 2071168 . . [5.1.2600.5973] . . d:\windows\ERDNT\cache\ntkrnlpa.exe
[7] 2010-04-29 . 7FDAC9D0C4F6EBC61160EC9F00F03C20 . 2071168 . . [5.1.2600.5973] . . d:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[7] 2010-04-29 . 7FDAC9D0C4F6EBC61160EC9F00F03C20 . 2071168 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-02-16 . 297C1AE40DE572E38618042B781EEE15 . 2231168 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2008-04-13 . F84054BFD1D688B901AD907499879BBD . 2070144 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\ntkrnlpa.exe

[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\ServicePackFiles\i386\iexplore.exe
[7] 2008-12-19 . 15E8A89499741D5CF59A9CF6463A4339 . 634024 . . [7.00.6000.20978] . . d:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[7] 2008-12-19 . 030D78FE84A086ED376EFCBD2D72C522 . 634024 . . [7.00.6000.16791] . . d:\windows\ie8\iexplore.exe
[7] 2008-10-15 . 9D3DB9ADFABD2F0BC778EC03250A3ABB . 633632 . . [7.00.6000.16762] . . d:\windows\ie7updates\KB961260-IE7\iexplore.exe
[7] 2008-10-15 . 056C927CF7207857E8B34F7A8FFD9B9E . 633632 . . [7.00.6000.20935] . . d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . d:\windows\ie7updates\KB958215-IE7\iexplore.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-09-13_17.57.56 )))))))))))))))))))))))))))))))))))))))))


(continua)
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#13 Por TmfeijoMMonr...
15/09/2010 - 18:37
(continuação)de_olho.gif

((((((((((((((((((((((((((((( SnapShot_2010-09-13_17.57.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-15 17:33 . 2010-09-15 17:33 16384 d:\windows\temp\Perflib_Perfdata_178.dat
+ 2004-08-04 10:45 . 2008-04-13 22:21 32256 d:\windows\system32\wpabaln.exe
+ 2004-08-04 10:45 . 2008-04-13 22:21 66048 d:\windows\system32\wextract.exe
+ 2004-08-04 10:45 . 2008-04-13 22:21 50176 d:\windows\system32\utilman.exe
+ 2007-09-19 13:35 . 2008-04-13 22:20 76288 d:\windows\system32\usbui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 46592 d:\windows\system32\tcpmonui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 14848 d:\windows\system32\stimon.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 68608 d:\windows\system32\sti.dll
+ 2007-09-19 13:43 . 2008-04-13 22:20 67584 d:\windows\system32\srclient.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 71168 d:\windows\system32\sigverif.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 27648 d:\windows\system32\shscrap.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 78336 d:\windows\system32\shrpubw.exe
+ 2004-08-04 10:45 . 2008-04-13 22:21 23040 d:\windows\system32\Setup.exe
+ 2007-09-19 13:40 . 2008-04-13 22:20 56320 d:\windows\system32\servdeps.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 55296 d:\windows\system32\sendmail.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 33280 d:\windows\system32\rundll32.exe
+ 2007-09-19 13:40 . 2008-04-13 22:20 61440 d:\windows\system32\remotepg.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 35840 d:\windows\system32\rcimlby.exe
+ 2004-08-04 10:45 . 2008-04-13 22:21 57344 d:\windows\system32\rasphone.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 97280 d:\windows\system32\psbase.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 50688 d:\windows\system32\proquota.exe
+ 2004-08-04 10:45 . 2008-04-13 22:21 15872 d:\windows\system32\perfmon.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 68608 d:\windows\system32\pautoenr.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 58880 d:\windows\system32\packager.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 67584 d:\windows\system32\osuninst.dll
+ 2004-08-04 10:44 . 2007-03-28 08:54 98304 d:\windows\system32\odbcint.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 32768 d:\windows\system32\odbcad32.exe
+ 2004-08-04 10:45 . 2008-04-13 22:21 79360 d:\windows\system32\nslookup.exe
- 2007-09-19 13:33 . 2008-04-14 03:21 70144 d:\windows\system32\notepad.exe
+ 2007-09-19 13:33 . 2008-04-13 22:21 70144 d:\windows\system32\notepad.exe
+ 2008-04-14 02:57 . 2008-04-13 21:57 80896 d:\windows\system32\msshavmsg.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 78848 d:\windows\system32\msiexec.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 51712 d:\windows\system32\msident.dll
+ 2007-09-19 13:42 . 2008-04-13 22:20 69632 d:\windows\system32\msconf.dll
+ 2007-09-19 13:42 . 2008-04-13 22:21 32768 d:\windows\system32\mnmsrvc.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 61440 d:\windows\system32\mmcshext.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 72192 d:\windows\system32\magnify.exe
+ 2007-09-19 13:42 . 2008-04-13 22:20 86016 d:\windows\system32\isign32.dll
+ 2007-09-19 13:42 . 2008-04-13 21:56 49664 d:\windows\system32\inetres.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 15872 d:\windows\system32\inetppui.dll
+ 2007-09-19 13:42 . 2008-04-13 22:20 73728 d:\windows\system32\icwdial.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 39424 d:\windows\system32\grpconv.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 88576 d:\windows\system32\fldrclnr.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 24064 d:\windows\system32\dpmodemx.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 20480 d:\windows\system32\dllcache\wmpui.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 73728 d:\windows\system32\dllcache\wmplayer.exe
+ 2010-09-15 17:03 . 2008-04-13 22:20 20480 d:\windows\system32\dllcache\wmpcore.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 20480 d:\windows\system32\dllcache\wmpcd.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 98304 d:\windows\system32\dllcache\wmpband.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 23552 d:\windows\system32\dllcache\wmdmps.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 27136 d:\windows\system32\dllcache\wmdmlog.dll
+ 2008-04-13 22:18 . 2008-04-13 22:18 24064 d:\windows\system32\dllcache\pidgen.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 10240 d:\windows\system32\dllcache\npwmsdrm.dll
+ 2010-09-15 17:04 . 2008-04-13 21:58 86016 d:\windows\system32\dllcache\msxml6r.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 52736 d:\windows\system32\dllcache\mspmsnsv.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 87040 d:\windows\system32\dllcache\drmstor.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 68608 d:\windows\system32\digest.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 32256 d:\windows\system32\ddeshare.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 27648 d:\windows\system32\conime.exe
+ 2010-09-15 17:10 . 2010-09-15 17:11 16384 d:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-09-15 17:11 . 2010-09-15 17:10 32768 d:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\MSHist012010091520100916\index.dat
+ 2007-09-19 13:52 . 2010-09-15 17:11 32768 d:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat
- 2007-09-19 13:52 . 2010-07-18 02:40 32768 d:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat
+ 2004-08-04 10:45 . 2008-04-13 22:20 65024 d:\windows\system32\cmstp.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 39936 d:\windows\system32\cmmon32.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 25600 d:\windows\system32\cmdl32.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 33280 d:\windows\system32\clipsrv.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 20480 d:\windows\system32\cliconfg.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 64512 d:\windows\system32\cleanmgr.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 20992 d:\windows\system32\bthci.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 29184 d:\windows\system32\batmeter.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 98304 d:\windows\system32\ahui.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 32256 d:\windows\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 66048 d:\windows\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 85504 d:\windows\ServicePackFiles\i386\wabimp.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 32768 d:\windows\ServicePackFiles\i386\wabfind.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 46080 d:\windows\ServicePackFiles\i386\wab.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 50176 d:\windows\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 76288 d:\windows\ServicePackFiles\i386\usbui.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 46592 d:\windows\ServicePackFiles\i386\tcpmonui.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 14848 d:\windows\ServicePackFiles\i386\stimon.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 68608 d:\windows\ServicePackFiles\i386\sti.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 67584 d:\windows\ServicePackFiles\i386\srclient.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 71168 d:\windows\ServicePackFiles\i386\sigverif.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 27648 d:\windows\ServicePackFiles\i386\shscrap.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 78336 d:\windows\ServicePackFiles\i386\shrpubw.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 23040 d:\windows\ServicePackFiles\i386\setup.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 56320 d:\windows\ServicePackFiles\i386\servdeps.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 55296 d:\windows\ServicePackFiles\i386\sendmail.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 33280 d:\windows\ServicePackFiles\i386\rundll32.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 61440 d:\windows\ServicePackFiles\i386\remotepg.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 35840 d:\windows\ServicePackFiles\i386\rcimlby.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 57344 d:\windows\ServicePackFiles\i386\rasphone.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 97280 d:\windows\ServicePackFiles\i386\psbase.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 50688 d:\windows\ServicePackFiles\i386\proquota.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 15872 d:\windows\ServicePackFiles\i386\perfmon.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 68608 d:\windows\ServicePackFiles\i386\pautoenr.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 58880 d:\windows\ServicePackFiles\i386\packager.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 67584 d:\windows\ServicePackFiles\i386\osuninst.dll
+ 2007-03-28 13:54 . 2007-03-28 08:54 98304 d:\windows\ServicePackFiles\i386\odbcint.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 32768 d:\windows\ServicePackFiles\i386\odbcad32.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 79360 d:\windows\ServicePackFiles\i386\nslookup.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 70144 d:\windows\ServicePackFiles\i386\notepad.exe
- 2008-04-14 03:21 . 2008-04-14 03:21 70144 d:\windows\ServicePackFiles\i386\notepad.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 60416 d:\windows\ServicePackFiles\i386\msimn.exe
+ 2008-04-14 03:21 . 2008-04-13 22:21 78848 d:\windows\ServicePackFiles\i386\msiexec.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 51712 d:\windows\ServicePackFiles\i386\msident.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 69632 d:\windows\ServicePackFiles\i386\msconf.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 32768 d:\windows\ServicePackFiles\i386\mnmsrvc.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 61440 d:\windows\ServicePackFiles\i386\mmcshext.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 18944 d:\windows\ServicePackFiles\i386\midimap.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 72192 d:\windows\ServicePackFiles\i386\magnify.exe
+ 2010-09-15 17:03 . 2008-04-13 22:19 86073 d:\windows\ServicePackFiles\i386\lang\voicesub.dll
+ 2010-09-15 17:03 . 2008-04-13 22:19 76288 d:\windows\ServicePackFiles\i386\lang\uniime.dll
+ 2010-09-15 17:03 . 2008-04-13 22:19 10240 d:\windows\ServicePackFiles\i386\lang\tmigrate.dll
+ 2010-09-15 17:03 . 2008-04-13 12:43 44032 d:\windows\ServicePackFiles\i386\lang\tintlphr.exe
+ 2010-09-15 17:03 . 2008-04-13 22:19 67584 d:\windows\ServicePackFiles\i386\lang\pmigrate.dll
+ 2010-09-15 17:03 . 2008-04-13 12:43 70144 d:\windows\ServicePackFiles\i386\lang\pintlphr.exe
+ 2010-09-15 17:03 . 2008-04-13 22:19 53760 d:\windows\ServicePackFiles\i386\lang\pintlcsd.dll
+ 2010-09-15 17:03 . 2008-04-13 22:19 15360 d:\windows\ServicePackFiles\i386\lang\padrs804.dll
+ 2010-09-15 17:03 . 2008-04-13 22:19 15872 d:\windows\ServicePackFiles\i386\lang\padrs404.dll
+ 2010-09-15 17:03 . 2008-04-13 12:43 59392 d:\windows\ServicePackFiles\i386\lang\imscinst.exe
+ 2010-09-15 17:03 . 2008-04-13 22:18 81976 d:\windows\ServicePackFiles\i386\lang\imjpdct.dll
+ 2010-09-15 17:03 . 2008-04-13 22:18 86016 d:\windows\ServicePackFiles\i386\lang\imekrmbx.dll
+ 2010-09-15 17:03 . 2008-04-13 12:43 57399 d:\windows\ServicePackFiles\i386\lang\cplexe.exe
+ 2010-09-15 17:03 . 2008-04-13 22:18 56320 d:\windows\ServicePackFiles\i386\lang\chtskdic.dll
+ 2010-09-15 17:03 . 2008-04-13 22:18 97792 d:\windows\ServicePackFiles\i386\lang\chtmbx.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 86016 d:\windows\ServicePackFiles\i386\isign32.dll
+ 2008-04-14 02:56 . 2008-04-13 21:56 49664 d:\windows\ServicePackFiles\i386\inetres.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 15872 d:\windows\ServicePackFiles\i386\inetppui.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 73728 d:\windows\ServicePackFiles\i386\icwdial.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 39424 d:\windows\ServicePackFiles\i386\grpconv.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 88576 d:\windows\ServicePackFiles\i386\fldrclnr.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 24064 d:\windows\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 68608 d:\windows\ServicePackFiles\i386\digest.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 32256 d:\windows\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 27648 d:\windows\ServicePackFiles\i386\conime.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 65024 d:\windows\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 39936 d:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 25600 d:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 33280 d:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 20480 d:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 64512 d:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 03:20 . 2008-04-13 22:20 20992 d:\windows\ServicePackFiles\i386\bthci.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 29184 d:\windows\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 98304 d:\windows\ServicePackFiles\i386\ahui.exe
+ 2010-09-15 16:02 . 2008-04-14 03:20 18944 d:\windows\NiwradSoft Shell Pack\Backup\midimap.dll
+ 2010-09-15 17:04 . 2008-04-13 22:21 58368 d:\windows\EHome\medctrro.exe
- 2010-09-13 15:07 . 2010-09-13 15:07 37888 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll
+ 2010-09-15 15:01 . 2010-09-15 15:01 37888 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll
+ 2010-09-15 15:00 . 2010-09-15 15:00 82944 d:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
- 2010-09-13 15:07 . 2010-09-13 15:07 82944 d:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
- 2010-09-13 14:25 . 2010-09-13 14:25 32768 d:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-09-15 14:44 . 2010-09-15 14:44 32768 d:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-09-13 14:25 . 2010-09-13 14:25 36864 d:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-09-15 14:43 . 2010-09-15 14:44 36864 d:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-09-15 17:03 . 2008-04-13 22:18 4126 d:\windows\system32\dllcache\msdxmlc.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 4639 d:\windows\system32\dllcache\mplayer2.exe
+ 2010-09-15 17:03 . 2008-04-13 22:20 6656 d:\windows\system32\dllcache\laprxy.dll
+ 2010-09-15 17:03 . 2008-04-13 21:51 8192 d:\windows\system32\dllcache\asferror.dll
+ 2007-09-19 13:33 . 2008-04-13 22:20 8704 d:\windows\system32\batt.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 8704 d:\windows\ServicePackFiles\i386\batt.dll
+ 2010-09-15 14:43 . 2010-09-15 14:43 5632 d:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-09-13 14:25 . 2010-09-13 14:25 5632 d:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 339456 d:\windows\system32\zipfldr.dll
+ 2004-08-04 10:44 . 2008-04-13 14:35 192512 d:\windows\system32\xpsp1res.dll
+ 2007-09-19 13:43 . 2008-04-13 22:20 183808 d:\windows\system32\wuaueng1.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 614912 d:\windows\system32\wsecedit.dll
+ 2004-08-04 10:45 . 2008-04-13 22:19 763392 d:\windows\system32\winntbbu.dll
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#14 Por TmfeijoMMonr...
15/09/2010 - 18:39
+ 2004-08-04 10:45 . 2008-04-13 22:20 591872 d:\windows\system32\wiashext.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 464384 d:\windows\system32\wiadefui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 434688 d:\windows\system32\wiaacmgr.exe
- 2004-08-04 10:45 . 2010-08-03 19:57 219648 d:\windows\system32\uxtheme.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 219648 d:\windows\system32\uxtheme.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 250368 d:\windows\system32\usmt\migwiz.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 732160 d:\windows\system32\userenv.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 239616 d:\windows\system32\upnpui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 347136 d:\windows\system32\tourstart.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 388608 d:\windows\system32\themeui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 141312 d:\windows\system32\taskmgr.exe
+ 2004-08-04 10:45 . 2008-04-13 22:21 107008 d:\windows\system32\sysocmgr.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 194560 d:\windows\system32\syncui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 714752 d:\windows\system32\sxs.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 122368 d:\windows\system32\stobject.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 137216 d:\windows\system32\sti_ci.dll
+ 2007-09-19 13:43 . 2008-04-13 22:20 240640 d:\windows\system32\srrstr.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 439296 d:\windows\system32\shimgvw.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 141312 d:\windows\system32\sfc_os.dll
+ 2007-09-19 13:43 . 2008-04-13 22:21 382976 d:\windows\system32\Restore\rstrui.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 399360 d:\windows\system32\regwizc.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 673280 d:\windows\system32\rasdlg.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 109568 d:\windows\system32\progman.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 572928 d:\windows\system32\printui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 172032 d:\windows\system32\photowiz.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 216064 d:\windows\system32\osk.exe
+ 2004-08-04 10:45 . 2010-06-24 12:24 206336 d:\windows\system32\occache.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 287232 d:\windows\system32\objsel.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 145408 d:\windows\system32\ntshrui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 249344 d:\windows\system32\newdev.dll
+ 2004-08-04 10:48 . 2008-04-13 22:24 332800 d:\windows\system32\netsetup.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 879616 d:\windows\system32\netplwiz.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 701440 d:\windows\system32\msxml2.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 506368 d:\windows\system32\msxml.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 122368 d:\windows\system32\msvfw32.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 199168 d:\windows\system32\msutb.dll
+ 2007-09-19 13:40 . 2008-04-13 22:21 677888 d:\windows\system32\mstsc.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 271360 d:\windows\system32\msihnd.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 250368 d:\windows\system32\msieftp.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 523776 d:\windows\system32\mqutil.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 517632 d:\windows\system32\mqsnap.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 124416 d:\windows\system32\mplay32.exe
+ 2004-08-04 10:44 . 2008-04-13 12:45 216064 d:\windows\system32\moricons.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 155136 d:\windows\system32\modemui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 143872 d:\windows\system32\mobsync.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 208896 d:\windows\system32\mobsync.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 166912 d:\windows\system32\mmcbase.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 118784 d:\windows\system32\mdminst.dll
+ 2004-08-04 10:45 . 2008-04-13 22:21 515072 d:\windows\system32\logonui.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 221696 d:\windows\system32\localsec.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 152576 d:\windows\system32\keymgr.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 138240 d:\windows\system32\itss.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 386560 d:\windows\system32\ipsmsnap.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 357376 d:\windows\system32\ipsecsnp.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 125440 d:\windows\system32\input.dll
+ 2004-08-04 10:45 . 2010-06-24 12:24 242688 d:\windows\system32\iepeers.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 146432 d:\windows\system32\hotplug.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 334848 d:\windows\system32\hnetwiz.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 346624 d:\windows\system32\hnetcfg.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 201216 d:\windows\system32\gptext.dll
+ 2004-08-04 10:44 . 2008-04-13 22:18 572928 d:\windows\system32\gpedit.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 384512 d:\windows\system32\fontext.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 342528 d:\windows\system32\filemgmt.dll
+ 2001-10-28 21:06 . 2008-04-13 22:20 125952 d:\windows\system32\fde.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 185344 d:\windows\system32\els.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 113664 d:\windows\system32\dsuiext.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 240128 d:\windows\system32\dsquery.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 144384 d:\windows\system32\dsprop.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 212992 d:\windows\system32\dpvoice.dll
+ 2001-10-28 21:06 . 2008-04-13 22:20 285184 d:\windows\system32\dmdlgs.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 809984 d:\windows\system32\dllcache\wmvdmod.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 303616 d:\windows\system32\dllcache\wmstream.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 897024 d:\windows\system32\dllcache\wmspdmoe.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 485376 d:\windows\system32\dllcache\wmspdmod.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 115200 d:\windows\system32\dllcache\wmsdmoe.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 759296 d:\windows\system32\dllcache\wmsdmod.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 102400 d:\windows\system32\dllcache\wmpshell.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 221184 d:\windows\system32\dllcache\wmpns.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 233472 d:\windows\system32\dllcache\wmpdxm.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 114688 d:\windows\system32\dllcache\wmpasf.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 151552 d:\windows\system32\dllcache\wmidx.dll
+ 2010-09-15 17:04 . 2008-04-13 21:55 186880 d:\windows\system32\dllcache\wmerror.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 230912 d:\windows\system32\dllcache\wmasf.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 670720 d:\windows\system32\dllcache\wmadmoe.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 408064 d:\windows\system32\dllcache\wmadmod.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 212992 d:\windows\system32\dllcache\unregmp2.exe
+ 2008-06-20 12:08 . 2008-06-20 12:08 225856 d:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 12:51 . 2008-06-20 12:51 361600 d:\windows\system32\dllcache\tcpip.sys
+ 2010-09-15 17:03 . 2008-04-13 22:20 246814 d:\windows\system32\dllcache\strmdll.dll
+ 2009-01-18 01:49 . 2008-12-11 11:57 333952 d:\windows\system32\dllcache\srv.sys
+ 2010-09-15 17:03 . 2008-04-13 22:20 153088 d:\windows\system32\dllcache\shmedia.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 774144 d:\windows\system32\dllcache\setup_wm.exe
+ 2010-09-15 17:03 . 2008-04-13 22:20 364544 d:\windows\system32\dllcache\npdsplay.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 226816 d:\windows\system32\dllcache\npdrmv2.dll
+ 2008-06-20 18:48 . 2008-06-20 18:48 247808 d:\windows\system32\dllcache\mswsock.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 246272 d:\windows\system32\dllcache\mswmdm.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 356352 d:\windows\system32\dllcache\msscp.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 201728 d:\windows\system32\dllcache\mspmsp.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 259072 d:\windows\system32\dllcache\msnetobj.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 368640 d:\windows\system32\dllcache\mpvis.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 124416 d:\windows\system32\dllcache\mplay32.exe
+ 2010-09-15 17:03 . 2008-04-13 22:20 240640 d:\windows\system32\dllcache\mpg4dmod.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 384512 d:\windows\system32\dllcache\mp4sdmod.dll
+ 2010-09-15 17:04 . 2008-04-13 22:20 310272 d:\windows\system32\dllcache\mp43dmod.dll
+ 2010-09-15 17:04 . 2008-04-13 22:21 786432 d:\windows\system32\dllcache\migrate.exe
+ 2010-09-15 17:03 . 2008-04-13 22:21 103936 d:\windows\system32\dllcache\logagent.exe
+ 2008-10-23 13:37 . 2008-10-23 13:37 286720 d:\windows\system32\dllcache\gdi32.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 499766 d:\windows\system32\dllcache\dxmasf.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 695808 d:\windows\system32\dllcache\drmv2clt.dll
+ 2010-09-15 17:03 . 2008-04-13 22:21 299520 d:\windows\system32\dllcache\drmclien.dll
+ 2010-09-15 17:04 . 2008-04-13 22:19 102912 d:\windows\system32\dllcache\dpcdll.dll
+ 2008-06-20 18:48 . 2008-06-20 18:48 147968 d:\windows\system32\dllcache\dnsapi.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 294912 d:\windows\system32\dllcache\dlimport.exe
+ 2010-09-15 17:03 . 2008-04-13 22:20 159232 d:\windows\system32\dllcache\cewmdm.dll
+ 2010-09-15 17:03 . 2008-04-13 22:20 286720 d:\windows\system32\dllcache\blackbox.dll
+ 2008-06-20 12:40 . 2008-06-20 12:40 138496 d:\windows\system32\dllcache\afd.sys
+ 2004-08-04 10:45 . 2008-04-13 22:20 124416 d:\windows\system32\dfrgui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 288768 d:\windows\system32\devmgr.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 331776 d:\windows\system32\cscui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 102400 d:\windows\system32\cscdll.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 528384 d:\windows\system32\cryptui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 164352 d:\windows\system32\credui.dll
- 2009-04-22 23:57 . 2010-07-18 02:39 245760 d:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-04-22 23:57 . 2010-09-15 17:10 245760 d:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2004-08-04 10:45 . 2008-04-13 22:20 821760 d:\windows\system32\comres.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 230400 d:\windows\system32\compstui.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 253440 d:\windows\system32\compatUI.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 275968 d:\windows\system32\comdlg32.dll
+ 2007-09-19 13:40 . 2008-04-13 22:20 188928 d:\windows\system32\cmprops.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 348672 d:\windows\system32\cmdial32.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 400896 d:\windows\system32\cmd.exe
+ 2004-08-04 10:45 . 2008-04-13 22:20 464384 d:\windows\system32\certmgr.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 151552 d:\windows\system32\cdfview.dll
+ 2001-10-28 21:06 . 2008-04-13 22:20 152576 d:\windows\system32\capesnpn.dll
+ 2004-08-04 10:45 . 2008-04-13 22:20 297984 d:\windows\system32\appmgr.dll
+ 2007-09-19 13:43 . 2008-04-13 22:20 727102 d:\windows\srchasst\srchui.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 339456 d:\windows\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 183808 d:\windows\ServicePackFiles\i386\wuaueng1.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 614912 d:\windows\ServicePackFiles\i386\wsecedit.dll
+ 2008-04-14 03:19 . 2008-04-13 22:19 763392 d:\windows\ServicePackFiles\i386\winntbbu.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 591872 d:\windows\ServicePackFiles\i386\wiashext.dll
+ 2008-04-14 03:20 . 2008-04-13 22:20 464384 d:\windows\ServicePackFiles\i386\wiadefui.dll
+ 2008-04-14 03:21 . 2008-04-13 22:21 434688 d:\windows\ServicePackFiles\i386\wiaacmgr.exe
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
TmfeijoMMonroe
TmfeijoMMonr... Cyber Highlander Registrado
13.7K Mensagens 4.2K Curtidas
#15 Por TmfeijoMMonr...
15/09/2010 - 18:42
.
-- Snapshot resetado para data atual --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CursorXP"="d:\arquivos de programas\CursorXP\CursorXP.exe" [2005-01-19 128000]
"msnmsgr"="d:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="d:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^BrOffice.org 3.1.lnk]

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^setup_9.0.0.722_15.01.2010_15-37.lnk]

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^setup_9.0.0.722_18.02.2010_16-03.lnk]

[HKLM\~\startupfolder\^.mjsync_pt_BR]
path=\.mjsync_pt_BR

[HKLM\~\startupfolder\^catchme.exe]
path=\catchme.exe

[HKLM\~\startupfolder\^Desktop.rar]
path=\Desktop.rar

[HKLM\~\startupfolder\^dumphive.exe]
path=\dumphive.exe

[HKLM\~\startupfolder\^Favoritos.rar]
path=\Favoritos.rar

[HKLM\~\startupfolder\^haxoth2.txt]
path=\haxoth2.txt

[HKLM\~\startupfolder\^ipconfig]
path=\ipconfig

[HKLM\~\startupfolder\^Items.xml]
path=\Items.xml

[HKLM\~\startupfolder\^md5file.exe]
path=\md5file.exe

[HKLM\~\startupfolder\^moveex.exe]
path=\moveex.exe

[HKLM\~\startupfolder\^NTUSER.DAT]
path=\ntuser.dat

[HKLM\~\startupfolder\^NTUSER.DAT.bak_jv16pt]
path=\NTUSER.DAT.bak_jv16pt

[HKLM\~\startupfolder\^ntuser.dat.LOG]
path=\ntuser.dat.LOG

[HKLM\~\startupfolder\^NTUSER.DAT.tmp.LOG]
path=\NTUSER.DAT.tmp.LOG

[HKLM\~\startupfolder\^ntuser.ini]
path=\ntuser.ini

[HKLM\~\startupfolder\^ntuser.pol]
path=\ntuser.pol

[HKLM\~\startupfolder\^PrivacIE.rar]
path=\PrivacIE.rar

[HKLM\~\startupfolder\^process.exe]
path=\process.exe

[HKLM\~\startupfolder\^rebuilt.Menu Iniciar.rar]
path=\rebuilt.Menu Iniciar.rar

[HKLM\~\startupfolder\^rebuilt.UserData.rar]
path=\rebuilt.UserData.rar

[HKLM\~\startupfolder\^run2.hax]
path=\run2.hax

[HKLM\~\startupfolder\^settings.dat]
path=\settings.dat

[HKLM\~\startupfolder\^swsc.exe]
path=\swsc.exe

[HKLM\~\startupfolder\^tool_en.log]
path=\tool_en.log

[HKLM\~\startupfolder\^UserData.rar]
path=\UserData.rar

[HKLM\~\startupfolder\^vfind.exe]
path=\vfind.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- d:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- d:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 03:20 40448 ----a-w- d:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorXP]
2005-01-19 19:34 128000 ----a-w- d:\arquivos de programas\CursorXP\CursorXP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2008-11-04 04:44 435096 ------w- d:\arquiv~1\ARQUIV~1\MICROS~1\DW\DWTRIG20.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 01:12 3872080 ----a-w- d:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 14:44 248552 ----a-w- d:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"GoogleDesktopManager-060409-093314"=3 (0x3)
"ZeppelinService"=2 (0x2)
"idsvc"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Arquivos de programas\\Arquivos comuns\\opera.exe"=
"d:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Arquivos de programas\\Opera\\opera.exe"=
"d:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"d:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 VBoxDrv;VirtualBox Service;d:\windows\system32\drivers\VBoxDrv.sys [18/9/2009 13:11 142864]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;d:\windows\system32\drivers\VBoxUSBMon.sys [18/9/2009 13:10 41744]
R2 713xTVCard;SAA7131 TV Card;d:\windows\system32\drivers\SAA713x.sys [15/3/2005 12:00 277504]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [3/5/2010 15:00 135336]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;d:\windows\system32\drivers\VBoxNetAdp.sys [18/9/2009 13:11 100368]
R3 VBoxNetFlt;VBoxNetFlt Service;d:\windows\system32\drivers\VBoxNetFlt.sys [18/5/2010 20:28 111248]
R3 xpvcom;XPVCOM Port;d:\windows\system32\drivers\XPVCOM.sys [23/3/2007 02:00 30032]
.
Conteúdo da pasta 'Tarefas Agendadas'

2010-09-15 d:\windows\Tasks\User_Feed_Synchronization-{85870EB0-73F3-41E1-92DD-7C153C1F486E}.job
- d:\windows\system32\msfeedssync.exe [2007-08-13 07:31]
.
.
------- Scan Suplementar -------
.
mWindow Title =
IE: E&xportar para o Microsoft Excel
FF - ProfilePath - d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/webhp?hl=pt-BR
FF - component: d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: d:\arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
d:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
d:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-15 14:35
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\.Default\Software\Stardock\WindowBlinds\WB5.ini\Installed]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\Microsoft.MSN.MCC.USNJSVC.1\CLSID]
@DACL=(02 0000)
@="{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}"

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler\CLSID]
@DACL=(02 0000)
@="{D74C0C0E-14F3-402C-9379-3E2BD0BF5D06}"

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler\CurVer]
@DACL=(02 0000)
@="MSN.V2SDeviceHandler.1"

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler.1\CLSID]
@DACL=(02 0000)
@="{D74C0C0E-14F3-402C-9379-3E2BD0BF5D06}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer\CLSID]
@DACL=(02 0000)
@="{6E2200B4-7C9E-44C6-96A3-F904A7AB8880}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer\CurVer]
@DACL=(02 0000)
@="pcsexe.Dialer.1"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer.1\CLSID]
@DACL=(02 0000)
@="{6E2200B4-7C9E-44C6-96A3-F904A7AB8880}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer\CLSID]
@DACL=(02 0000)
@="{81C63250-607F-4e79-9FCB-F756C16C5AB9}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer\CurVer]
@DACL=(02 0000)
@="pcsexe.Dialer.1"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer.1\CLSID]
@DACL=(02 0000)
@="{81C63250-607F-4e79-9FCB-F756C16C5AB9}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut\CLSID]
@DACL=(02 0000)
@="{630ED07B-04A5-4AB9-A73B-FD94F34D5F09}"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut\CurVer]
@DACL=(02 0000)
@="pcsexe.PstnOut.1"

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut.1\CLSID]
@DACL=(02 0000)
@="{630ED07B-04A5-4AB9-A73B-FD94F34D5F09}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer\CLSID]
@DACL=(02 0000)
@="{72770783-9801-43c4-9E1F-9084BAE210CF}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer\CurVer]
@DACL=(02 0000)
@="Softphone.Dialer.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer.1\CLSID]
@DACL=(02 0000)
@="{72770783-9801-43c4-9E1F-9084BAE210CF}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow\CLSID]
@DACL=(02 0000)
@="{37E192CB-B5C5-4487-9D66-2550B6F57B7A}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow\CurVer]
@DACL=(02 0000)
@="Softphone.DialerWindow.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow.1\CLSID]
@DACL=(02 0000)
@="{37E192CB-B5C5-4487-9D66-2550B6F57B7A}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error\CLSID]
@DACL=(02 0000)
@="{C2F86E32-3AD2-42f1-94F2-D7E0414F2C10}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error\CurVer]
@DACL=(02 0000)
@="Softphone.Error.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error.1\CLSID]
@DACL=(02 0000)
@="{C2F86E32-3AD2-42f1-94F2-D7E0414F2C10}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact\CLSID]
@DACL=(02 0000)
@="{52C92B9C-B117-4AC5-AD94-A6D8604608BB}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact\CurVer]
@DACL=(02 0000)
@="Softphone.PhoneContact.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact.1\CLSID]
@DACL=(02 0000)
@="{52C92B9C-B117-4AC5-AD94-A6D8604608BB}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber\CLSID]
@DACL=(02 0000)
@="{B0C5F2DF-5D4B-4DBC-888E-D96E971B57F4}"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber\CurVer]
@DACL=(02 0000)
@="Softphone.PhoneNumber.1"

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber.1\CLSID]
@DACL=(02 0000)
@="{B0C5F2DF-5D4B-4DBC-888E-D96E971B57F4}"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob\CLSID]
@DACL=(02 0000)
@="{9B38B1AC-C774-46AB-AD99-0C19871F0714}"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob\CurVer]
@DACL=(02 0000)
@="WindowsLive.SetupJob.1"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob.1\CLSID]
@DACL=(02 0000)
@="{9B38B1AC-C774-46AB-AD99-0C19871F0714}"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService\CLSID]
@DACL=(02 0000)
@="{585D47D2-CF74-4869-BF4E-DF5662504F11}"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService\CurVer]
@DACL=(02 0000)
@="WindowsLive.SetupService.1"

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService.1\CLSID]
@DACL=(02 0000)
@="{585D47D2-CF74-4869-BF4E-DF5662504F11}"

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedCompression.1\CLSID]
@DACL=(02 0000)
@="{4C836512-BB70-11D2-A5A7-00105A9C91C6}"

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedCompression.1\Insertable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedZip.4\CLSID]
@DACL=(02 0000)
@="{DB797690-40E0-11D2-9BD5-0060082AE372}"

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedZip.4\Insertable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="D?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(1044)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\sfc_os.dll

- - - - - - - > 'lsass.exe'(1100)
d:\windows\system32\SETUPAPI.dll

- - - - - - - > 'explorer.exe'(2996)
d:\windows\system32\WININET.dll
d:\windows\system32\msi.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
d:\arquivos de programas\CursorXP\CurXP0.dll
.
------------------------ Outros Processos em Execução ------------------------
.
d:\arquivos de programas\Avira\AntiVir Desktop\avguard.exe
d:\arquivos de programas\Java\jre6\bin\jqs.exe
d:\arquivos de programas\Avira\AntiVir Desktop\avshadow.exe
d:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
d:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-09-15 14:39:03 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-09-15 17:39
ComboFix2.txt 2010-09-13 18:03
ComboFix3.txt 2010-09-01 16:32
ComboFix4.txt 2010-08-30 12:30

Pré-execução: 15 pasta(s) 32.871.710.720 bytes disponíveis
Pós execução: 17 pasta(s) 33.002.094.592 bytes disponíveis

- - End Of File - - 3F87E1A238017F4D368AC4D15944DE5D
A ignorância é a pior inimiga do homem . Não tenho medo de nada; apenas da inveja . E o mundo cada vez melhor !!
Palavras sábias de um hiper profissional do judiciário; perito digital e em psicologia jurídica .
A sua inveja é a velocidade de meu sucesso .
Um coração medroso congela o trabalho . Um coração temerário incendeia qualquer serviço ; arrasando - o .
© 1999-2025 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal