[Arquivado] PC travando
Ajudem ai please. Já fiz o log do Hjack e Combofix.
ComboFix 09-08-10.06 - lan-04 14/09/2009 15:38.12.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.510.136 [GMT -3:00]
Executando de: c:\documents and settings\lan-04\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Firewall pessoal do ESET enabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
- MODO DE FUNCIONALIDADE REDUZIDA -
.
(((((((((((((((( Arquivos/Ficheiros criados de 2009-08-14 to 2009-09-14 ))))))))))))))))))))))))))))
.
2009-09-13 01:12 . 2009-09-13 01:12 -------- d-----w- C:\1169e70e494ec216297c
2009-09-10 09:52 . 2009-09-03 14:53 30912 ----a-w- c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-09-10 09:52 . 2009-09-03 14:53 22848 ----a-w- c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-09-10 09:52 . 2009-09-03 14:53 19792 ----a-w- c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-09-09 23:34 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-03 03:12 . 2009-09-03 03:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DAEMON Tools Lite
2009-09-03 03:10 . 2009-09-03 03:12 -------- d-----w- c:\arquivos de programas\DAEMON Tools Toolbar
2009-09-03 03:09 . 2009-09-03 03:12 -------- d-----w- c:\arquivos de programas\DAEMON Tools Lite
2009-09-02 21:09 . 2009-09-02 21:09 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-02 21:08 . 2009-09-03 03:14 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\DAEMON Tools Lite
2009-08-27 03:12 . 2009-08-27 03:12 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\ESET
2009-08-26 21:39 . 2009-08-26 21:39 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-25 21:48 . 2009-08-25 21:49 -------- d-----w- c:\arquivos de programas\MIDI-TO-MP3 1.2
2009-08-25 21:34 . 2009-08-25 21:35 163657 ----a-w- c:\windows\Wave@MP3 Uninstaller.exe
2009-08-25 21:34 . 2009-08-25 21:34 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\River Past G5
2009-08-25 21:34 . 2009-08-25 21:34 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\River Past G5
2009-08-25 21:34 . 2009-08-25 21:34 -------- d-----w- c:\arquivos de programas\Arquivos comuns\River Past
2009-08-25 21:34 . 2009-08-25 21:34 -------- d-----w- c:\arquivos de programas\River Past
2009-08-24 23:27 . 2009-08-24 23:27 -------- d-----w- c:\arquivos de programas\Lavalys
2009-08-18 21:32 . 2007-04-03 01:13 21632 ----a-w- c:\windows\system32\drivers\motmodem.sys
2009-08-18 21:32 . 2006-11-13 18:45 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2009-08-18 21:19 . 2009-09-13 01:19 1024 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\BVRP Software\mobile PhoneTools\faxres.cmd
2009-08-18 21:15 . 2009-08-18 21:15 -------- d-----w- c:\arquivos de programas\Software WIDCOMM
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-14 18:36 . 2009-04-11 19:12 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\BitTorrent
2009-09-14 18:25 . 2009-03-14 04:09 1580939296 -csha-w- c:\windows\system32\drivers\fidbox.dat
2009-09-14 18:11 . 2009-04-11 19:12 -------- d-----w- c:\arquivos de programas\BitTorrent
2009-09-14 11:32 . 2009-03-14 04:09 18370280 -csha-w- c:\windows\system32\drivers\fidbox.idx
2009-09-14 09:44 . 2009-03-03 23:12 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\SolidDocuments
2009-09-13 23:52 . 2009-04-01 15:31 -------- d-----w- c:\windows\system32\config\systemprofile\Dados de aplicativos\SolidDocuments
2009-09-13 20:07 . 2008-07-27 13:19 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\Orbit
2009-09-13 01:55 . 2009-04-30 19:11 -------- d-----w- c:\arquivos de programas\PhotoScape
2009-09-10 09:53 . 2009-01-11 14:45 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NOS
2009-09-10 08:50 . 2009-01-07 14:15 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight
2009-09-08 22:51 . 2009-03-21 00:59 -------- d-----w- c:\arquivos de programas\Foxit Software
2009-09-06 17:25 . 2008-07-10 20:54 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\Image Zone Express
2009-08-27 03:05 . 2009-08-03 23:25 -------- d-----w- c:\arquivos de programas\ESET
2009-08-18 00:23 . 2008-06-21 13:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\WLInstaller
2009-08-17 23:56 . 2009-08-02 14:22 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2009-08-17 23:53 . 2009-08-02 14:23 3942048 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-08-17 00:46 . 2008-08-13 20:26 -------- d-----w- c:\arquivos de programas\GbPlugin
2009-08-16 03:53 . 2009-04-30 21:53 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Babylon
2009-08-13 21:49 . 2008-08-17 02:36 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DVD Shrink
2009-08-08 14:50 . 2009-03-14 20:23 -------- d-----w- c:\arquivos de programas\a-squared Free
2009-08-08 03:23 . 2009-04-30 21:53 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\Babylon
2009-08-05 12:20 . 2009-08-05 13:28 41063272 ----a-w- c:\arquivos de programas\Caspo.exe
2009-08-05 09:00 . 2004-08-04 03:45 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 00:09 . 2009-08-04 23:58 -------- d-----w- c:\arquivos de programas\Virus Removal Tool
2009-08-04 23:56 . 2009-08-04 23:43 40958056 ----a-w- c:\arquivos de programas\setup_7.0.0.290_05.08.2009_03-20.exe
2009-08-03 18:07 . 2009-08-03 18:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 18:07 . 2009-08-03 18:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-08-03 16:36 . 2009-08-02 14:22 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 16:36 . 2009-08-02 14:22 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-02 14:06 . 2009-04-11 19:12 -------- d-----w- c:\arquivos de programas\DNA
2009-07-31 22:50 . 2009-04-17 02:09 -------- d-----w- c:\arquivos de programas\UsbFix
2009-07-17 19:03 . 2004-08-04 03:45 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 03:18 . 2009-01-14 23:23 -------- d-----w- c:\arquivos de programas\Megacubo
2009-07-17 02:57 . 2008-06-20 18:33 -------- d-----w- c:\arquivos de programas\Free Audio Pack
2009-07-17 02:55 . 2008-06-20 19:47 -------- d-----w- c:\arquivos de programas\eMule
2009-07-17 02:53 . 2008-07-21 22:30 -------- d-----w- c:\arquivos de programas\Any Video Converter
2009-07-17 02:53 . 2008-07-21 22:30 -------- d-----w- c:\documents and settings\lan-04\Dados de aplicativos\Any Video Converter
2009-07-17 02:52 . 2009-02-21 21:56 -------- d-----w- c:\arquivos de programas\Puxa Rápido
2009-07-14 02:43 . 2004-08-04 03:45 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:59 . 2004-08-04 03:45 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 08:27 . 2004-08-04 03:45 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:27 . 2004-08-04 03:45 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:27 . 2004-08-04 03:45 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:27 . 2004-08-04 03:45 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:27 . 2004-08-04 03:45 732672 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:27 . 2004-08-04 03:45 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2004-08-04 01:59 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2008-06-19 20:56 . 2008-06-19 20:56 4450382 ----a-w- c:\arquivos de programas\nero_photoshow_express_4_us_row.exe
2008-06-19 20:42 . 2008-06-19 20:42 6104632 ----a-w- c:\arquivos de programas\picasaweb-current-setup.exe
2004-07-22 13:51 . 2004-07-22 13:51 3432656 ----a-w- c:\arquivos de programas\ManagedDX.CAB
2004-07-20 01:58 . 2004-07-20 01:58 1156363 ----a-w- c:\arquivos de programas\BDANT.cab
2004-07-20 01:53 . 2004-07-20 01:53 976020 ----a-w- c:\arquivos de programas\BDAXP.cab
2004-07-09 17:17 . 2004-07-09 17:17 13265040 ----a-w- c:\arquivos de programas\dxnt.cab
2004-07-09 12:13 . 2004-07-09 12:13 15493481 -c--a-w- c:\arquivos de programas\DirectX.cab
2004-07-09 12:13 . 2004-07-09 12:13 703080 -c--a-w- c:\arquivos de programas\BDA.cab
2004-07-09 07:08 . 2004-07-09 07:08 472576 ----a-w- c:\arquivos de programas\dxsetup.exe
2004-07-09 07:08 . 2004-07-09 07:08 2242560 ----a-w- c:\arquivos de programas\dsetup32.dll
2004-07-09 06:03 . 2004-07-09 06:03 62976 ----a-w- c:\arquivos de programas\DSETUP.dll
2009-03-14 04:18 . 2009-03-14 04:09 352288 -csha-w- c:\windows\system32\drivers\fidbox2.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-08-17_23.19.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-14 18:27 . 2009-09-14 18:27 16384 c:\windows\temp\Perflib_Perfdata_1f8.dat
+ 2008-06-22 14:02 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
- 2008-09-23 17:07 . 2007-04-03 01:13 21632 c:\windows\system32\DRVSTORE\motport_C2507623DD349B7DF9F3CD18A7DCF51CAD96A420\motport.sys
+ 2009-08-18 21:32 . 2007-04-03 01:13 21632 c:\windows\system32\DRVSTORE\motport_C2507623DD349B7DF9F3CD18A7DCF51CAD96A420\motport.sys
- 2008-09-23 17:07 . 2007-01-24 01:36 22016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\Motousbnet.sys
+ 2009-08-18 21:32 . 2007-01-24 01:36 22016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\Motousbnet.sys
+ 2009-08-18 21:32 . 2006-12-14 14:27 40832 c:\windows\system32\DRVSTORE\motodrv_A52528875D728E964C8846E6EE59057B28F55E3E\motodrv.sys
- 2008-09-23 17:07 . 2006-12-14 14:27 40832 c:\windows\system32\DRVSTORE\motodrv_A52528875D728E964C8846E6EE59057B28F55E3E\motodrv.sys
- 2008-09-23 17:07 . 2007-04-03 01:13 21632 c:\windows\system32\DRVSTORE\motmodem_032E8111520766BD9EDB0974011BC85D4BFEF872\motmodem.sys
+ 2009-08-18 21:32 . 2007-04-03 01:13 21632 c:\windows\system32\DRVSTORE\motmodem_032E8111520766BD9EDB0974011BC85D4BFEF872\motmodem.sys
- 2008-09-23 17:07 . 2007-04-03 01:13 17920 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motccgp.sys
+ 2009-08-18 21:32 . 2007-04-03 01:13 17920 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motccgp.sys
+ 2009-05-14 18:49 . 2009-05-14 18:49 55768 c:\windows\system32\drivers\epfwtdi.sys
+ 2009-05-14 18:49 . 2009-05-14 18:49 33096 c:\windows\system32\drivers\epfwndis.sys
+ 2003-09-19 18:14 . 2003-09-19 18:14 22183 c:\windows\system32\drivers\btserial.sys
+ 2003-09-19 18:03 . 2003-09-19 18:03 30235 c:\windows\system32\drivers\btport.sys
+ 2003-09-19 18:01 . 2003-09-19 18:01 21861 c:\windows\system32\drivers\btaudio.sys
+ 2009-06-25 08:27 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll
- 2009-02-03 19:58 . 2009-02-03 19:58 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-02-03 19:58 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-04 01:59 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2002-07-15 18:58 . 2002-07-15 18:58 50176 c:\windows\system32\CSH.DLL
+ 2003-09-19 18:17 . 2003-09-19 18:17 24576 c:\windows\system32\BtXpShell.dll
+ 2003-09-19 18:24 . 2003-09-19 18:24 40960 c:\windows\system32\btwpimif.dll
+ 2003-09-19 18:34 . 2003-09-19 18:34 65536 c:\windows\system32\btsendto_wab.dll
+ 2003-09-19 18:31 . 2003-09-19 18:31 49152 c:\windows\system32\btsendto_notes.dll
+ 2003-09-19 18:35 . 2003-09-19 18:35 73728 c:\windows\system32\btsendto_ie.dll
+ 2003-09-19 18:04 . 2003-09-19 18:04 53248 c:\windows\system32\btrezxp.dll
+ 2003-09-19 18:27 . 2003-09-19 18:27 73728 c:\windows\system32\btprn2k.dll
+ 2003-09-19 18:04 . 2003-09-19 18:04 65536 c:\windows\system32\BTNCopy.dll
+ 2003-09-19 18:26 . 2003-09-19 18:26 98304 c:\windows\system32\bthcrpui.dll
+ 2003-09-19 18:26 . 2003-09-19 18:26 98304 c:\windows\system32\bthcrp.dll
+ 2003-09-19 18:06 . 2003-09-19 18:06 32768 c:\windows\system32\btdev.dll
+ 2003-09-19 18:17 . 2003-09-19 18:17 61440 c:\windows\system32\BtAudioHelper.dll
+ 2003-09-19 18:05 . 2003-09-19 18:05 94208 c:\windows\system32\bt2k_ins.dll
+ 2009-08-18 21:16 . 2009-08-18 21:16 33982 c:\windows\Installer\{FE90E9E7-A158-4687-8853-DF677A939A61}\ARPPRODUCTICON.exe
- 2009-06-11 14:31 . 2009-06-11 14:31 38240 c:\windows\Installer\{90120000-0020-0416-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2009-08-29 13:21 . 2009-08-29 13:21 38240 c:\windows\Installer\{90120000-0020-0416-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2009-08-27 03:08 . 2009-08-27 03:08 97360 c:\windows\Installer\{378914D6-FBC8-42D1-B5FD-648CF8E6C039}\egui.exe
+ 2009-08-27 03:08 . 2009-08-27 03:08 10134 c:\windows\Installer\{378914D6-FBC8-42D1-B5FD-648CF8E6C039}\callmsi.exe
+ 2009-04-03 21:01 . 2009-04-03 21:01 71504 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\XL12CNVP.DLL
+ 2009-04-03 20:57 . 2009-04-03 20:57 21320 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\WRD12EXE.EXE
+ 2009-04-02 17:35 . 2009-04-02 17:35 16712 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\PXBPROXY.DLL
+ 2009-04-02 17:35 . 2009-04-02 17:35 68496 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\PXBCOM.EXE
+ 2006-10-27 00:13 . 2006-10-27 00:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\XL12CNVP.DLL
+ 2007-03-21 21:58 . 2007-03-21 21:58 24416 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2006-10-27 00:07 . 2006-10-27 00:07 17680 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\PXBPROXY.DLL
+ 2007-03-21 22:00 . 2007-03-21 22:00 72096 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2009-08-29 15:40 . 2009-08-29 15:40 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-08-29 14:51 . 2009-08-29 14:51 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-08-29 14:51 . 2009-08-29 14:51 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-08-29 14:50 . 2009-08-29 14:50 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-08-18 21:32 . 2006-12-06 21:33 6400 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motswch.sys
- 2008-09-23 17:07 . 2006-12-06 21:33 6400 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motswch.sys
- 2008-09-23 17:07 . 2007-01-24 01:36 6016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motfilt.sys
+ 2009-08-18 21:32 . 2007-01-24 01:36 6016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motfilt.sys
- 2008-09-23 17:07 . 2006-07-28 11:10 6144 c:\windows\system32\DRVSTORE\motodrv_A52528875D728E964C8846E6EE59057B28F55E3E\mot_ci.dll
+ 2009-08-18 21:32 . 2006-07-28 11:10 6144 c:\windows\system32\DRVSTORE\motodrv_A52528875D728E964C8846E6EE59057B28F55E3E\mot_ci.dll
- 2008-09-23 17:07 . 2006-12-06 21:33 6400 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motswch.sys
+ 2009-08-18 21:32 . 2006-12-06 21:33 6400 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motswch.sys
+ 2009-08-18 21:32 . 2007-01-23 23:03 7680 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motccgpfl.sys
- 2008-09-23 17:07 . 2007-01-23 23:03 7680 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\motccgpfl.sys
+ 2003-09-19 18:22 . 2003-09-19 18:22 503808 c:\windows\system32\WidcommSdk.dll
+ 2003-09-19 18:20 . 2003-09-19 18:20 536637 c:\windows\system32\wbtapi.dll
+ 2008-06-29 04:05 . 2009-08-26 21:39 230028 c:\windows\system32\Restore\rstrlog.dat
+ 2009-08-03 18:07 . 2007-06-02 21:48 676224 c:\windows\system32\OGACheckControl.dll
+ 2004-08-04 03:45 . 2009-06-22 06:48 726528 c:\windows\system32\jscript.dll
- 2004-08-04 03:45 . 2009-03-08 07:33 726528 c:\windows\system32\jscript.dll
+ 2009-05-14 18:49 . 2009-05-14 18:49 133000 c:\windows\system32\drivers\epfw.sys
+ 2009-05-14 18:47 . 2009-05-14 18:47 107256 c:\windows\system32\drivers\ehdrv.sys
+ 2009-05-14 18:41 . 2009-05-14 18:41 114472 c:\windows\system32\drivers\eamon.sys
+ 2003-09-19 18:30 . 2003-09-19 18:30 146812 c:\windows\system32\drivers\btwdndis.sys
+ 2003-09-19 18:14 . 2003-09-19 18:14 222876 c:\windows\system32\drivers\btslbcsp.sys
+ 2002-11-15 15:15 . 2002-11-15 15:15 148794 c:\windows\system32\drivers\bcbthub.sys
+ 2008-12-05 06:58 . 2009-06-25 08:27 147456 c:\windows\system32\dllcache\schannel.dll
+ 2009-06-25 08:27 . 2009-06-25 08:27 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2009-04-16 21:34 . 2009-06-25 08:27 732672 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-06-25 08:27 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll
- 2008-10-18 00:58 . 2009-03-08 07:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-10-18 00:58 . 2009-06-22 06:48 726528 c:\windows\system32\dllcache\jscript.dll
+ 2003-09-19 18:17 . 2003-09-19 18:17 102400 c:\windows\system32\BTXPPanel.dll
+ 2003-09-19 18:39 . 2003-09-19 18:39 770048 c:\windows\system32\BtWizard.dll
+ 2003-09-19 18:34 . 2003-09-19 18:34 163840 c:\windows\system32\btsendto_office.dll
+ 2003-09-19 18:25 . 2003-09-19 18:25 118784 c:\windows\system32\btsendto.dll
+ 2003-09-19 18:36 . 2003-09-19 18:36 176128 c:\windows\system32\btsec.dll
+ 2003-09-19 18:28 . 2003-09-19 18:28 135168 c:\windows\system32\btosif_olx.dll
+ 2003-09-19 18:24 . 2003-09-19 18:24 196608 c:\windows\system32\btosif_ol.dll
+ 2003-09-19 18:23 . 2003-09-19 18:23 155648 c:\windows\system32\btosif_notes.dll
+ 2003-09-19 18:23 . 2003-09-19 18:23 118784 c:\windows\system32\btosif.dll
+ 2003-09-19 18:44 . 2003-09-19 18:44 794701 c:\windows\system32\BTNeighborhood.dll
+ 2003-09-19 18:09 . 2003-09-19 18:09 376832 c:\windows\system32\btins.dll
+ 2003-09-19 18:37 . 2003-09-19 18:37 200704 c:\windows\system32\btcss.dll
+ 2003-09-19 18:17 . 2003-09-19 18:17 135168 c:\windows\system32\btbigbmp.dll
+ 2009-08-28 23:50 . 2009-08-28 23:50 119296 c:\windows\Installer\1978657.msi
+ 2009-03-20 14:48 . 2009-03-20 14:48 183808 c:\windows\Installer\1978644.msp
+ 2006-10-26 23:49 . 2006-10-26 23:49 509200 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\WRD12CVR.DLL
+ 2007-05-10 12:04 . 2007-05-10 12:04 846248 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\OICE.EXE
+ 2006-10-26 23:12 . 2006-10-26 23:12 396592 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\MOC.EXE
+ 2009-09-10 02:16 . 2008-07-08 12:58 395128 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-09-10 02:16 . 2008-07-08 12:58 233336 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-09-10 02:16 . 2009-03-08 07:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-08-29 15:41 . 2009-08-29 15:41 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-08-29 01:21 . 2009-08-29 01:21 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-08-29 01:21 . 2009-08-29 01:21 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-08-29 14:51 . 2009-08-29 14:51 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-08-29 14:51 . 2009-08-29 14:51 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-08-29 14:50 . 2009-08-29 14:50 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-08-29 14:50 . 2009-08-29 14:50 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-08-29 14:49 . 2009-08-29 14:49 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-08-29 14:51 . 2009-08-29 14:51 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-08-29 14:51 . 2009-08-29 14:51 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-08-29 03:37 . 2009-08-29 03:37 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-08-29 14:50 . 2009-08-29 14:50 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2004-08-04 03:45 . 2009-05-20 07:56 2458112 c:\windows\system32\WMVCore.dll
- 2004-08-04 03:45 . 2008-06-18 07:03 2458112 c:\windows\system32\WMVCore.dll
+ 2001-11-14 16:56 . 2001-11-14 16:56 1802240 c:\windows\system32\lcppn21.dll
- 2008-09-23 17:07 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motport_C2507623DD349B7DF9F3CD18A7DCF51CAD96A420\wdfcoinstaller01005.dll
+ 2009-08-18 21:32 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motport_C2507623DD349B7DF9F3CD18A7DCF51CAD96A420\wdfcoinstaller01005.dll
+ 2009-08-18 21:32 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\wdfcoinstaller01005.dll
- 2008-09-23 17:07 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\wdfcoinstaller01005.dll
- 2008-09-23 17:07 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motmodem_032E8111520766BD9EDB0974011BC85D4BFEF872\wdfcoinstaller01005.dll
+ 2009-08-18 21:32 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motmodem_032E8111520766BD9EDB0974011BC85D4BFEF872\wdfcoinstaller01005.dll
+ 2009-08-18 21:32 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\wdfcoinstaller01005.dll
- 2008-09-23 17:07 . 2006-11-13 18:45 1419232 c:\windows\system32\DRVSTORE\motccgp_AAA6EBF99A29B32284FBE77DCBA5A978B418DB78\wdfcoinstaller01005.dll
+ 2003-09-19 18:11 . 2003-09-19 18:11 1257418 c:\windows\system32\drivers\btkrnl.sys
- 2004-08-04 03:45 . 2008-06-18 07:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2004-08-04 03:45 . 2009-05-20 07:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2003-03-24 13:37 . 2003-03-24 13:37 2830336 c:\windows\system32\btrez.dll
+ 2009-08-27 03:08 . 2009-08-27 03:08 1139712 c:\windows\Installer\f4d909.msi
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\ca0a0.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\ca09a.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\b963dc.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\b963d6.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\b858f4.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\b858ee.msp
+ 2009-08-25 17:57 . 2009-08-25 17:57 5518336 c:\windows\Installer\a383f.msp
+ 2009-05-04 10:46 . 2009-05-04 10:46 8299008 c:\windows\Installer\99d11d.msp
+ 2009-04-24 15:31 . 2009-04-24 15:31 1425920 c:\windows\Installer\99d118.msp
+ 2009-04-24 15:30 . 2009-04-24 15:30 2583552 c:\windows\Installer\99d113.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\7f8d19.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\7f8d13.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\7d4258.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\69f96b.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\69f965.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\589545.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\58953f.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\3c8cbf.msp
+ 2009-05-04 10:46 . 2009-05-04 10:46 8299008 c:\windows\Installer\3c8cbd.msp
+ 2009-04-24 15:31 . 2009-04-24 15:31 1425920 c:\windows\Installer\3c8cb2.msp
+ 2009-04-24 15:30 . 2009-04-24 15:30 2583552 c:\windows\Installer\3c8ca6.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\1a730a1.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\1a7309b.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\197864b.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\1978646.msp
+ 2009-04-23 20:57 . 2009-04-23 20:57 7672832 c:\windows\Installer\1978635.msp
+ 2009-05-12 16:01 . 2009-05-12 16:01 6818816 c:\windows\Installer\1978611.msp
+ 2009-05-01 18:49 . 2009-05-01 18:49 4328960 c:\windows\Installer\197860c.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\16486d6.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\16486d0.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\1540167.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\1540161.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\14665b3.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\14665ad.msp
+ 2009-08-18 21:16 . 2009-08-18 21:16 2061824 c:\windows\Installer\13751a5.msi
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\12d252.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\12d24c.msp
+ 2009-08-05 05:11 . 2009-08-05 05:11 5518848 c:\windows\Installer\1219c96.msp
+ 2009-07-01 16:21 . 2009-07-01 16:21 8891904 c:\windows\Installer\1219c90.msp
+ 2009-04-03 20:57 . 2009-04-03 20:57 4671320 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\WRD12CNV.DLL
+ 2009-04-02 17:35 . 2009-04-02 17:35 1787216 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\PPCNV.DLL
+ 2007-03-21 21:58 . 2007-03-21 21:58 4145520 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-05-10 13:11 . 2007-05-10 13:11 1767256 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2006-10-27 18:18 . 2006-10-27 18:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-03-21 21:56 . 2007-03-21 21:56 8425856 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2009-08-29 15:41 . 2009-08-29 15:41 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-08-29 15:41 . 2009-08-29 15:41 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-08-29 15:41 . 2009-08-29 15:41 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-08-29 15:41 . 2009-08-29 15:41 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-08-29 15:40 . 2009-08-29 15:40 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-08-29 01:22 . 2009-08-29 01:22 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-08-29 01:20 . 2009-08-29 01:20 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-08-29 15:38 . 2009-08-29 15:38 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-08-29 14:51 . 2009-08-29 14:51 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-08-29 03:37 . 2009-08-29 03:37 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-08-29 15:39 . 2009-08-29 15:39 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-08-29 14:51 . 2009-08-29 14:51 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-08-29 14:50 . 2009-08-29 14:50 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2008-06-25 20:30 . 2009-08-28 21:38 24689600 c:\windows\system32\MRT.exe
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\ca09b.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\b963d7.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\b858ef.msp
+ 2009-09-10 02:17 . 2009-09-10 02:17 15709696 c:\windows\Installer\a383e.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\7f8d14.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\69f966.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\589540.msp
+ 2009-06-22 12:57 . 2009-06-22 12:57 35631104 c:\windows\Installer\1cdd7b.msi
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\1a7309c.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\197864c.msp
+ 2009-04-04 12:07 . 2009-04-04 12:07 38385664 c:\windows\Installer\1978633.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\16486d1.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\1540162.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\14665ae.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\12d24d.msp
+ 2009-07-01 16:19 . 2009-07-01 16:19 10607104 c:\windows\Installer\1219c91.msp
+ 2009-04-03 21:01 . 2009-04-03 21:01 15108448 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6425\XL12CNV.EXE
+ 2007-05-10 13:25 . 2007-05-10 13:25 14677368 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2007-05-08 14:10 . 2007-05-08 14:10 16874376 c:\windows\Installer\$PatchCache$\Managed\00002109020061400000000000F01FEC\12.0.6021\MSO.DLL
+ 2009-08-29 15:40 . 2009-08-29 15:40 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-08-29 03:36 . 2009-08-29 03:36 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
.
-- Snapshot resetado para data atual --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="c:\arquivos de programas\BitTorrent\bittorrent.exe" [2009-08-13 653104]
"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-27 39408]
"MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-10-05 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-10-05 114688]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-10-05 94208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-01 7110656]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-01 86016]
"egui"="c:\arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-04-10 16126464]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Discador Oi Internet.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Discador Oi Internet.lnk
backup=c:\windows\pss\Discador Oi Internet.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk]
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Orbit.lnk
backup=c:\windows\pss\Orbit.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Arquivos de programas\\Orbitdownloader\\orbitdm.exe"=
"c:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe"=
"c:\\Arquivos de programas\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=
"c:\\Arquivos de programas\\SopCast\\adv\\SopAdver.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
"c:\\Arquivos de programas\\BitTorrent\\bittorrent.exe"=
"c:\\Arquivos de programas\\River Past\\Wave@MP3\\WaveAtMp3.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/5/2009 15:47 107256]
R1 is-A7UA6drv;is-A7UA6drv;c:\windows\system32\drivers\47000877.sys [4/8/2009 20:58 148496]
R1 is-D8KDBdrv;is-D8KDBdrv;c:\windows\system32\drivers\98782068.sys [4/8/2009 21:04 148496]
R1 is-QR2A2drv;is-QR2A2drv;c:\windows\system32\drivers\17601523.sys [5/8/2009 10:41 148496]
R1 is-UEHSSdrv;is-UEHSSdrv;c:\windows\system32\drivers\99758160.sys [4/8/2009 22:13 148496]
R2 ekrn;ESET Service;c:\arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe [14/5/2009 15:47 731840]
R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\admig\Firebird\bin\fbserver.exe -s DefaultInstance --> c:\admig\Firebird\bin\fbserver.exe -s DefaultInstance [?]
S1 is-VD0FUdrv;is-VD0FUdrv;c:\windows\system32\drivers\27206467.sys [4/8/2009 21:08 148496]
S2 gupdate1c9d8de2812eabc;Google Update Service (gupdate1c9d8de2812eabc);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [19/5/2009 21:01 133104]
S3 getPlusHelper;getPlus® Helper;c:\windows\System32\svchost.exe -k getPlusHelper [4/8/2004 00:45 14336]
S3 ListOpenedFileDrv;System Explorer Opened File Info;\??\c:\docume~1\lan-04\CONFIG~1\Temp\ListOpenedFileDrvXP.sys --> c:\docume~1\lan-04\CONFIG~1\Temp\ListOpenedFileDrvXP.sys [?]
S3 sembbus;SEMC WMC Composite Device driver (WDM);c:\windows\system32\DRIVERS\sembbus.sys --> c:\windows\system32\DRIVERS\sembbus.sys [?]
S3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM);c:\windows\system32\DRIVERS\sembcard.sys --> c:\windows\system32\DRIVERS\sembcard.sys [?]
S3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter;c:\windows\system32\DRIVERS\sembmdfl2.sys --> c:\windows\system32\DRIVERS\sembmdfl2.sys [?]
S3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver;c:\windows\system32\DRIVERS\sembmdm2.sys --> c:\windows\system32\DRIVERS\sembmdm2.sys [?]
S3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM);c:\windows\system32\DRIVERS\sembmgmt.sys --> c:\windows\system32\DRIVERS\sembmgmt.sys [?]
S3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS);c:\windows\system32\DRIVERS\sembnd5.sys --> c:\windows\system32\DRIVERS\sembnd5.sys [?]
S3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM);c:\windows\system32\DRIVERS\sembunic.sys --> c:\windows\system32\DRIVERS\sembunic.sys [?]
S3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM);c:\windows\system32\DRIVERS\sembwwan.sys --> c:\windows\system32\DRIVERS\sembwwan.sys [?]
S3 SEMCReserved;SEMC Reserved Interface;c:\windows\system32\DRIVERS\semcreserved.sys --> c:\windows\system32\DRIVERS\semcreserved.sys [?]
S3 Sony_EricssonWWSC;Sony Ericsson SIM Card Reader;c:\windows\system32\DRIVERS\sesc.sys --> c:\windows\system32\DRIVERS\sesc.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-05-20 00:01]
2009-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-05-20 00:01]
2009-09-14 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 18:07]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.orkut.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Do&wnload selected by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/202
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Enviar para &Bluetooth - c:\arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm
IE: Translate with &Babylon - c:\arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
Trusted Zone: ufc.br\www.sofia
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab
FF - ProfilePath - c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\
FF - component: c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFAlert.dll
FF - plugin: c:\arquivos de programas\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\documents and settings\lan-04\Dados de aplicativos\Mozilla\Firefox\Profiles\5hnkqff0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "[https://www.google.com/loc/json"](https://www.google.com/loc/json));
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-14 15:40
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'explorer.exe'(2688)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Tempo para conclusão: 2009-09-14 15:50
ComboFix-quarantined-files.txt 2009-09-14 18:50
ComboFix2.txt 2009-08-17 23:24
Pré-execução: 9.114.505.216 bytes disponíveis
Pós execução: 8.828.825.600 bytes disponíveis
Current=11 Default=11 Failed=10 LastKnownGood=12 Sets=1,2,3,4,5,6,7,8,10,11,12
548 --- E O F --- 2009-09-10 02:25
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:18:54, on 14/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\a-squared Free\a2service.exe
C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe
C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\AdmIg\Firebird\bin\fbserver.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe
C:\Arquivos de programas\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Arquivos de programas\BitTorrent\bittorrent.exe
C:\Programas\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orkut.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Arquivos de programas\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Arquivos de programas\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [bitTorrent] "C:\Arquivos de programas\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: is-A7UA6.lnk = ?
O4 - Startup: is-D8KDB.lnk = ?
O4 - Startup: is-QR2A2.lnk = ?
O4 - Startup: is-UEHSS.lnk = ?
O4 - Startup: is-VD0FU.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar para &Bluetooth - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://127.0.0.1:9070/etc/var/TVUAx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214054730812
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Arquivos de programas\a-squared Free\a2service.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\AdmIg\Firebird\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate1c9d8de2812eabc) (gupdate1c9d8de2812eabc) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Arquivos de programas\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
--
End of file - 10342 bytes
Discussão (4)
Carregando comentários...