yes!! she´s here!! C:\Documents and Settings\Proprietário\Ambiente de trabalho\ComboFix.exe
new scan
ComboFix 08-06-05.3 - Proprietário 2008-06-06 0:28:52.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.2070.18.647 [GMT 1:00]
Executando de: C:\Documents and Settings\Proprietário\Ambiente de trabalho\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Proprietário\Menu Iniciar\Programas\Arranque\DW_Start.lnk
C:\WINDOWS\msxfcg32.dll
.
((((((((((((((((((((((( Ficheiros criados de 2008-05-05 to 2008-06-05 ))))))))))))))))))))))))))))))))
.
2008-06-05 23:31 . 2008-06-05 23:31 <DIR> d-------- C:\Nova pasta
2008-06-05 23:10 . 2008-06-05 23:10 <DIR> d-------- C:\Programas\Sun
2008-06-05 23:10 . 2006-10-04 15:06 1,197,294 --a--c--- C:\WINDOWS\system32\dllcache\SETA5.tmp
2008-06-05 23:10 . 2008-06-05 23:10 1,355 --a------ C:\WINDOWS\imsins.BAK
2008-06-05 23:09 . 2008-06-05 23:09 3,458 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-06-05 23:08 . 2008-06-05 23:08 <DIR> d-------- C:\WINDOWS\LastGood
2008-06-05 22:32 . 2008-06-05 22:32 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Definiþ§es locais
2008-06-05 22:32 . 2008-06-05 22:32 <DIR> d-------- C:\Documents and Settings\Proprietßrio
2008-06-05 22:32 . 2008-06-05 22:32 <DIR> d-------- C:\Documents and Settings\NetworkService\Definiþ§es locais
2008-06-05 22:32 . 2008-06-05 22:32 <DIR> d-------- C:\Documents and Settings\LocalService\Definiþ§es locais
2008-06-05 22:32 . 2008-06-05 22:32 <DIR> d-------- C:\Documents and Settings\JoÒo
2008-06-05 22:32 . 2008-06-05 22:32 <DIR> d-------- C:\Documents and Settings\Administrador\Definiþ§es locais
2008-06-02 14:28 . 2008-06-02 14:28 24,576 --a------ C:\WINDOWS\sistem.exe
2008-06-02 14:28 . 2008-06-02 14:28 22,528 --a------ C:\WINDOWS\ctrlpan.dll
2008-06-01 04:23 . 2008-06-01 04:23 30,976 --a------ C:\WINDOWS\svchost32.exe
2008-06-01 04:23 . 2008-06-01 04:23 21,504 --a------ C:\WINDOWS\editpad.exe
2008-06-01 04:23 . 2008-06-02 01:29 21,248 --a------ C:\WINDOWS\rundll16.exe
2008-06-01 04:23 . 2008-06-01 04:23 19,712 --a------ C:\WINDOWS\quicken.exe
2008-06-01 04:23 . 2008-06-01 04:23 13,568 --a------ C:\WINDOWS\internet.exe
2008-06-01 04:23 . 2008-06-01 04:23 11,776 --a------ C:\WINDOWS\msconfd.dll
2008-06-01 04:03 . 2008-06-05 23:04 <DIR> d-------- C:\Programas\Spyware Doctor
2008-05-31 23:40 . 2008-06-05 23:04 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-31 22:56 . 2008-06-02 01:29 15,104 --a------ C:\WINDOWS\qttasks.exe
2008-05-31 22:55 . 2008-05-31 22:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-05-31 21:26 . 2008-05-31 21:27 <DIR> d-------- C:\Programas\Internet Explorer 7
2008-05-31 21:10 . 2006-03-02 13:00 28,288 --a--c--- C:\WINDOWS\system32\dllcache\xjis.nls
2008-05-31 21:08 . 2006-03-02 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-05-31 21:07 . 2006-03-02 13:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-05-31 21:07 . 2003-03-24 15:52 188,480 --a--c--- C:\WINDOWS\system32\dllcache\cfgwiz.exe
2008-05-31 21:07 . 2004-05-13 00:39 184,435 --a--c--- C:\WINDOWS\system32\dllcache\fp4amsft.dll
2008-05-31 21:07 . 2003-03-24 15:52 147,513 --a--c--- C:\WINDOWS\system32\dllcache\fp4apws.dll
2008-05-31 21:07 . 2003-03-24 15:52 82,035 --a--c--- C:\WINDOWS\system32\dllcache\fp4anscp.dll
2008-05-31 21:07 . 2003-03-24 15:52 20,540 --a--c--- C:\WINDOWS\system32\dllcache\author.dll
2008-05-31 21:07 . 2003-03-24 15:52 20,540 --a--c--- C:\WINDOWS\system32\dllcache\admin.dll
2008-05-31 21:07 . 2003-03-24 15:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\author.exe
2008-05-31 21:07 . 2003-03-24 15:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\admin.exe
2008-05-31 21:06 . 2008-05-31 21:06 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-05-31 21:06 . 2008-05-31 21:06 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-05-31 21:06 . 2008-05-31 21:06 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-05-31 21:06 . 2008-05-31 21:06 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-05-31 21:06 . 2008-05-31 21:06 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-05-31 21:01 . 2008-05-02 22:46 181,895 --a------ C:\WINDOWS\system32\nvdsp.chm
2008-05-31 21:01 . 2008-05-02 22:46 121,529 --a------ C:\WINDOWS\system32\nvcpl.chm
2008-05-31 21:01 . 2008-05-02 22:46 116,384 --a------ C:\WINDOWS\system32\nv3d.chm
2008-05-31 21:01 . 2008-05-02 22:46 54,988 --a------ C:\WINDOWS\system32\nvmob.chm
2008-05-31 19:28 . 2008-05-31 19:28 <DIR> d-------- C:\Programas\Yahoo!
2008-05-31 19:19 . 2008-05-31 19:19 26,624 --a------ C:\WINDOWS\helpcvs.exe
2008-05-31 04:04 . 2008-05-31 04:04 16,384 --a------ C:\WINDOWS\ctfmon32.exe
2008-05-30 23:54 . 2008-05-30 23:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-30 02:45 . 2008-05-30 02:45 9,984 --a------ C:\WINDOWS\xplugin.dll
2008-05-30 02:21 . 2008-05-30 02:21 15,616 --a------ C:\WINDOWS\cpan.dll
2008-05-30 02:21 . 2008-05-30 02:21 11,008 --a------ C:\WINDOWS\astctl32.ocx
2008-05-30 00:02 . 2008-05-30 00:11 121 --a------ C:\WINDOWS\bdagent.INI
2008-05-29 23:45 . 2008-05-30 00:12 <DIR> d-------- C:\Programas\BitDefender
2008-05-29 23:42 . 2008-05-29 23:54 <DIR> d-------- C:\WINDOWS\system32\zA
2008-05-29 23:42 . 2008-05-31 00:11 <DIR> d-------- C:\WINDOWS\system32\vntiho06
2008-05-29 23:42 . 2008-05-30 00:01 <DIR> d-------- C:\WINDOWS\system32\bIP
2008-05-29 23:42 . 2008-06-05 22:26 <DIR> d-------- C:\Temp
2008-05-29 23:42 . 2008-05-31 00:43 <DIR> d-------- C:\Programas\uTorrent
2008-05-29 23:42 . 2008-05-31 00:43 <DIR> d-------- C:\Documents and Settings\Proprietário\Application Data\uTorrent
2008-05-29 23:42 . 2008-05-29 23:42 298,311 --a------ C:\WINDOWS\system32\gside.exe
2008-05-29 23:42 . 2008-05-29 23:42 88,961 --a------ C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
2008-05-29 23:42 . 2008-05-30 00:47 861 --a------ C:\WINDOWS\system32\winpfz33.sys
2008-05-29 23:41 . 2008-05-29 23:41 <DIR> dr------- C:\Documents and Settings\LocalService\Favoritos
2008-05-29 23:41 . 2008-05-29 23:41 4 --a------ C:\WINDOWS\system32\hljwugsf.bin
2008-05-29 23:34 . 2008-05-29 23:45 <DIR> d-------- C:\Programas\Ficheiros comuns\BitDefender
2008-05-29 22:55 . 2008-05-30 00:55 774 --ahs---- C:\WINDOWS\system32\dnprjbij.ini
2008-05-29 14:30 . 2008-05-29 14:30 <DIR> dr-h----- C:\MSOCache
2008-05-29 00:59 . 2008-05-30 15:02 613 --a------ C:\WINDOWS\wininit.ini
2008-05-28 23:33 . 2008-05-28 23:39 <DIR> d-------- C:\Documents and Settings\Proprietário\Application Data\AVGTOOLBAR
2008-05-28 23:31 . 2008-05-29 00:12 124,688 --a------ C:\WINDOWS\system32\MSWINSCK.OCX
2008-05-28 23:22 . 2008-06-02 01:27 <DIR> d-------- C:\Programas\Spybot - Search & Destroy
2008-05-28 23:22 . 2008-06-02 02:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-28 18:59 . 2008-05-28 18:59 <DIR> dr-h----- C:\Documents and Settings\Proprietário\Application Data\SecuROM
2008-05-28 14:49 . 2008-05-28 14:49 <DIR> d-------- C:\Programas\Ficheiros comuns\Adobe
2008-05-27 19:12 . 2008-05-27 19:12 <DIR> d-------- C:\Programas\Apple Software Update
2008-05-27 19:12 . 2008-05-27 19:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-05-27 19:08 . 2008-05-27 19:13 <DIR> d-------- C:\Documents and Settings\Proprietário\Application Data\Apple Computer
2008-05-27 18:45 . 2008-05-27 18:45 <DIR> d-------- C:\Documents and Settings\Proprietário\Application Data\skypePM
2008-05-27 18:45 . 2008-05-27 18:45 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-05-27 18:41 . 2008-05-27 18:41 <DIR> d-------- C:\Programas\Ficheiros comuns\Skype
2008-05-27 18:41 . 2008-05-27 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-05-27 18:25 . 2008-05-27 18:25 379 --a------ C:\WINDOWS\ODBC.INI
2008-05-27 18:24 . 2008-05-27 18:24 <DIR> d-------- C:\Programas\Microsoft.NET
2008-05-27 18:24 . 2003-06-18 17:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-05-27 18:23 . 2008-05-27 18:24 <DIR> d--h----- C:\WINDOWS\ShellNew
2008-05-27 18:12 . 2008-05-27 18:12 <DIR> d-------- C:\Documents and Settings\Proprietário\Application Data\Creative
2008-05-27 16:55 . 2003-06-12 23:25 7,062 --a------ C:\WINDOWS\system32\audiopid.vxd
2008-05-27 16:54 . 2000-05-22 09:58 647,872 --a------ C:\WINDOWS\system32\Mscomct2.ocx
2008-05-27 16:54 . 2004-08-04 00:57 91,648 --a------ C:\WINDOWS\system32\kswdmcap.ax
2008-05-27 16:54 . 2004-08-04 00:57 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2008-05-27 16:54 . 2004-08-04 00:56 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2008-05-27 16:54 . 2004-08-04 00:57 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2008-05-27 16:54 . 1999-10-10 18:00 41,984 --a------ C:\WINDOWS\Ctregrun.exe
2008-05-27 16:54 . 2004-08-04 00:57 28,672 --a------ C:\WINDOWS\system32\vidcap.ax
2008-05-27 16:21 . 2008-05-27 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-05-27 16:03 . 2008-05-27 16:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-27 16:00 . 2008-05-27 16:00 <DIR> d-------- C:\WINDOWS\WinRAR
2008-05-27 14:52 . 2008-05-27 19:13 <DIR> d-------- C:\Programas\QuickTime
2008-05-27 14:51 . 2008-05-27 19:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-27 14:51 . 2004-12-18 21:32 38,229 --a------ C:\WINDOWS\system32\drivers\StMp3Rec.sys
2008-05-27 14:46 . 2008-05-27 14:51 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-05-27 01:04 . 2008-05-27 01:04 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-27 01:04 . 2008-05-27 16:41 <DIR> d-------- C:\Programas\MSN Messenger
2008-05-27 01:04 . 2008-05-27 14:42 <DIR> d-------- C:\Documents and Settings\Proprietário\Contacts
2008-05-27 01:04 . 2008-05-27 14:42 <DIR> d-------- C:\Documents and Settings\Proprietário\Contacts
2008-05-27 01:02 . 2008-05-27 01:02 <DIR> d-------- C:\Programas\Ficheiros comuns\Java
2008-05-27 01:02 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-27 00:31 . 2008-05-27 18:13 <DIR> d--hsc--- C:\Programas\Ficheiros comuns\WindowsLiveInstaller
2008-05-27 00:30 . 2008-05-27 18:14 <DIR> d-------- C:\Programas\Windows Live
2008-05-27 00:30 . 2008-05-29 14:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-27 00:10 . 2008-05-27 00:10 <DIR> d-------- C:\Programas\Windows Media Connect 2
2008-05-27 00:09 . 2008-05-27 00:09 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-05-27 00:09 . 2008-05-27 00:10 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-26 23:52 . 2008-05-26 23:52 <DIR> d-------- C:\WINDOWS\system32\pt-pt
2008-05-26 22:29 . 2008-05-02 22:46 182,347 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-05-26 22:26 . 2006-03-02 13:00 1,086,058 -ra------ C:\WINDOWS\SET25.tmp
2008-05-26 22:26 . 2006-03-02 13:00 1,013,613 -ra------ C:\WINDOWS\SET22.tmp
2008-05-26 22:26 . 2006-03-02 13:00 14,913 -ra------ C:\WINDOWS\SET31.tmp
2008-05-26 22:26 . 2006-03-02 13:00 14,573 -ra------ C:\WINDOWS\SET5C.tmp
2008-05-26 20:48 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-26 20:48 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-26 20:32 . 2008-05-26 20:34 <DIR> d-------- C:\Documents and Settings\João\Os meus documentos
2008-05-26 20:32 . 2008-05-26 20:34 <DIR> d-------- C:\Documents and Settings\João
2008-05-26 20:30 . 2008-06-05 23:57 <DIR> d-------- C:\Documents and Settings\Proprietário\Application Data\Azureus
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-30 23:57 13,312 ----a-w C:\WINDOWS\dnsrelay.dll
2008-05-28 17:59 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-05-26 18:55 --------- d-----w C:\Programas\Serviços online
2008-05-26 13:23 9,709,568 ----a-w C:\WINDOWS\RTLCPL.exe
2008-05-26 13:23 86,016 ----a-w C:\WINDOWS\SoundMan.exe
2008-05-26 13:23 69,632 ----a-w C:\WINDOWS\Alcmtr.exe
2008-05-26 13:23 499,712 ----a-w C:\WINDOWS\RtlExUpd.dll
2008-05-26 13:23 49,152 ----a-w C:\WINDOWS\system32\ChCfg.exe
2008-05-26 13:23 4,381,184 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.Sys
2008-05-26 13:23 364,544 ----a-w C:\WINDOWS\RtlUpd.exe
2008-05-26 13:23 2,879,488 ----a-w C:\WINDOWS\SkyTel.exe
2008-05-26 13:23 2,808,832 ----a-w C:\WINDOWS\alcwzrd.exe
2008-05-26 13:23 2,155,008 ----a-w C:\WINDOWS\MicCal.exe
2008-05-26 13:23 16,264,192 ----a-w C:\WINDOWS\RTHDCPL.exe
2008-05-26 13:01 9,728 ----a-w C:\WINDOWS\system32\drivers\videX32.sys
2008-05-26 13:01 11,264 ----a-w C:\WINDOWS\system32\drivers\xfilt.sys
2008-05-26 09:06 --------- d-----w C:\Programas\microsoft frontpage
2008-03-19 20:29 21,760 ----a-w C:\Documents and Settings\João\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((( snapshot@2008-06-05_22.32.28.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-05 21:29:26 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-05 21:59:49 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2006-03-02 12:00:00 212,992 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2007-01-05 19:06:06 317,440 ----a-w C:\WINDOWS\inf\unregmp2.exe
- 2006-03-02 12:00:00 8,704 ----a-w C:\WINDOWS\system32\asferror.dll
+ 2007-01-05 19:01:02 7,680 ----a-w C:\WINDOWS\system32\asferror.dll
- 2006-03-02 12:00:00 286,208 ----a-w C:\WINDOWS\system32\blackbox.dll
+ 2006-10-18 20:47:10 542,720 ----a-w C:\WINDOWS\system32\blackbox.dll
- 2006-03-02 12:00:00 159,232 ----a-w C:\WINDOWS\system32\cewmdm.dll
+ 2006-10-18 20:47:10 229,376 ----a-w C:\WINDOWS\system32\cewmdm.dll
- 2008-05-31 20:12:16 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-06-05 22:08:34 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-05-31 20:12:16 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definições locais\Histórico\History.IE5\index.dat
+ 2008-06-05 22:08:34 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definições locais\Histórico\History.IE5\index.dat
- 2008-05-31 20:12:16 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definições locais\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-05 22:08:34 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definições locais\Temporary Internet Files\Content.IE5\index.dat
- 2006-03-02 12:00:00 8,704 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll
+ 2007-01-05 19:01:02 7,680 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll
- 2006-03-02 12:00:00 286,208 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
+ 2006-10-18 20:47:10 542,720 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
- 2006-03-02 12:00:00 159,232 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
+ 2006-10-18 20:47:10 229,376 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
- 2006-03-02 12:00:00 695,296 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
+ 2006-10-18 20:47:10 991,744 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
- 2006-03-02 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\laprxy.dll
+ 2006-10-18 20:47:14 11,264 -c--a-w C:\WINDOWS\system32\dllcache\LAPRXY.dll
- 2006-03-02 12:00:00 103,936 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe
+ 2006-10-18 19:03:58 100,864 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe
- 2006-03-02 12:00:00 310,272 -c--a-w C:\WINDOWS\system32\dllcache\mp43dmod.dll
+ 2006-10-18 20:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\MP43DMOD.dll
- 2006-03-02 12:00:00 384,512 -c--a-w C:\WINDOWS\system32\dllcache\mp4sdmod.dll
+ 2006-10-18 20:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\MP4SDMOD.dll
- 2006-03-02 12:00:00 240,640 -c--a-w C:\WINDOWS\system32\dllcache\mpg4dmod.dll
+ 2006-10-18 20:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\MPG4DMOD.dll
- 2006-03-02 12:00:00 368,640 -c--a-w C:\WINDOWS\system32\dllcache\mpvis.dll
+ 2007-01-05 19:01:40 244,224 -c--a-w C:\WINDOWS\system32\dllcache\mpvis.dll
- 2006-03-02 12:00:00 259,072 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
+ 2006-10-18 20:47:16 179,712 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
- 2006-03-02 12:00:00 52,736 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
+ 2006-10-18 20:47:16 27,136 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
- 2006-03-02 12:00:00 201,728 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
+ 2006-10-18 20:47:16 175,616 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
- 2006-03-02 12:00:00 356,352 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll
+ 2006-10-18 20:47:16 414,208 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll
- 2006-03-02 12:00:00 246,272 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
+ 2006-10-18 20:47:16 321,536 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
- 2006-03-02 12:00:00 237,568 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
+ 2006-10-18 20:47:18 211,456 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
- 2006-03-02 12:00:00 774,144 -c--a-w C:\WINDOWS\system32\dllcache\setup_wm.exe
+ 2007-01-05 20:20:44 1,677,312 -c--a-w C:\WINDOWS\system32\dllcache\setup_wm.exe
- 2006-03-02 12:00:00 212,992 -c--a-w C:\WINDOWS\system32\dllcache\unregmp2.exe
+ 2007-01-05 19:06:06 317,440 -c--a-w C:\WINDOWS\system32\dllcache\unregmp2.exe
- 2006-03-02 12:00:00 408,064 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll
+ 2006-10-18 20:47:18 757,248 -c--a-w C:\WINDOWS\system32\dllcache\WMADMOD.dll
- 2006-03-02 12:00:00 670,720 -c--a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll
+ 2006-10-18 20:47:18 1,117,696 -c--a-w C:\WINDOWS\system32\dllcache\WMADMOE.dll
- 2006-03-02 12:00:00 230,400 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2006-10-18 20:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\WMASF.dll
- 2006-03-02 12:00:00 27,136 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
+ 2006-10-18 20:47:18 33,792 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
- 2006-03-02 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
+ 2006-10-18 20:47:18 37,376 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
- 2006-03-02 12:00:00 193,536 -c--a-w C:\WINDOWS\system32\dllcache\wmerror.dll
+ 2007-01-05 19:06:28 259,584 -c--a-w C:\WINDOWS\system32\dllcache\wmerror.dll
- 2006-03-02 12:00:00 151,552 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll
+ 2006-10-18 20:47:20 157,184 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll
- 2006-03-02 12:00:00 1,050,624 -c--a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll
+ 2006-10-18 20:47:20 937,984 -c--a-w C:\WINDOWS\system32\dllcache\WMNetMgr.dll
- 2006-03-02 12:00:00 4,874,240 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
+ 2006-10-18 20:47:20 10,834,432 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
- 2006-03-02 12:00:00 114,688 -c--a-w C:\WINDOWS\system32\dllcache\wmpasf.dll
+ 2006-10-18 20:47:20 242,688 -c--a-w C:\WINDOWS\system32\dllcache\wmpasf.dll
- 2006-03-02 12:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\wmpband.dll
+ 2007-01-05 19:06:48 96,256 -c--a-w C:\WINDOWS\system32\dllcache\wmpband.dll
- 2006-03-02 12:00:00 233,472 -c--a-w C:\WINDOWS\system32\dllcache\wmpdxm.dll
+ 2006-10-18 20:47:20 314,880 -c--a-w C:\WINDOWS\system32\dllcache\wmpdxm.dll
- 2006-03-02 12:00:00 73,728 -c--a-w C:\WINDOWS\system32\dllcache\wmplayer.exe
+ 2007-01-05 19:07:24 64,000 -c--a-w C:\WINDOWS\system32\dllcache\wmplayer.exe
- 2006-03-02 12:00:00 2,969,600 -c--a-w C:\WINDOWS\system32\dllcache\wmploc.dll
+ 2007-01-05 20:24:16 8,277,504 -c--a-w C:\WINDOWS\system32\dllcache\wmploc.dll
- 2006-03-02 12:00:00 102,400 -c--a-w C:\WINDOWS\system32\dllcache\wmpshell.dll
+ 2007-01-05 19:07:42 99,840 -c--a-w C:\WINDOWS\system32\dllcache\wmpshell.dll
- 2006-03-02 12:00:00 759,296 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
- 2006-03-02 12:00:00 1,119,744 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
- 2006-03-02 12:00:00 484,864 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll
+ 2006-10-18 20:47:22 603,648 -c--a-w C:\WINDOWS\system32\dllcache\WMSPDMOD.dll
- 2006-03-02 12:00:00 896,512 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll
+ 2006-10-18 20:47:22 1,329,152 -c--a-w C:\WINDOWS\system32\dllcache\WMSPDMOE.dll
- 2006-03-02 12:00:00 2,105,344 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
+ 2006-10-18 20:47:22 2,450,944 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
- 2006-03-02 12:00:00 809,984 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
- 2006-03-02 12:00:00 1,001,472 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
- 2006-03-02 12:00:00 695,296 ----a-w C:\WINDOWS\system32\drmv2clt.dll
+ 2006-10-18 20:47:10 991,744 ----a-w C:\WINDOWS\system32\drmv2clt.dll
- 2006-03-02 12:00:00 6,656 ----a-w C:\WINDOWS\system32\laprxy.dll
+ 2006-10-18 20:47:14 11,264 ----a-w C:\WINDOWS\system32\LAPRXY.dll
- 2006-03-02 12:00:00 103,936 ----a-w C:\WINDOWS\system32\logagent.exe
+ 2006-10-18 19:03:58 100,864 ----a-w C:\WINDOWS\system32\logagent.exe
- 2006-03-02 12:00:00 310,272 ----a-w C:\WINDOWS\system32\mp43dmod.dll
+ 2006-10-18 20:47:14 4,096 ----a-w C:\WINDOWS\system32\MP43DMOD.dll
- 2006-03-02 12:00:00 384,512 ----a-w C:\WINDOWS\system32\mp4sdmod.dll
+ 2006-10-18 20:47:14 4,096 ----a-w C:\WINDOWS\system32\MP4SDMOD.dll
- 2006-03-02 12:00:00 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll
+ 2006-10-18 20:47:14 4,096 ----a-w C:\WINDOWS\system32\MPG4DMOD.dll
- 2006-03-02 12:00:00 259,072 ----a-w C:\WINDOWS\system32\msnetobj.dll
+ 2006-10-18 20:47:16 179,712 ----a-w C:\WINDOWS\system32\msnetobj.dll
- 2006-03-02 12:00:00 52,736 ----a-w C:\WINDOWS\system32\mspmsnsv.dll
+ 2006-10-18 20:47:16 27,136 ----a-w C:\WINDOWS\system32\mspmsnsv.dll
- 2006-03-02 12:00:00 201,728 ----a-w C:\WINDOWS\system32\mspmsp.dll
+ 2006-10-18 20:47:16 175,616 ----a-w C:\WINDOWS\system32\mspmsp.dll
- 2006-03-02 12:00:00 356,352 ----a-w C:\WINDOWS\system32\msscp.dll
+ 2006-10-18 20:47:16 414,208 ----a-w C:\WINDOWS\system32\msscp.dll
- 2006-03-02 12:00:00 246,272 ----a-w C:\WINDOWS\system32\mswmdm.dll
+ 2006-10-18 20:47:16 321,536 ----a-w C:\WINDOWS\system32\mswmdm.dll
- 2006-03-02 12:00:00 237,568 ----a-w C:\WINDOWS\system32\qasf.dll
+ 2006-10-18 20:47:18 211,456 ----a-w C:\WINDOWS\system32\qasf.dll
- 2008-03-20 13:41:20 14,640 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2006-09-25 16:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
- 2006-03-02 12:00:00 408,064 ----a-w C:\WINDOWS\system32\wmadmod.dll
+ 2006-10-18 20:47:18 757,248 ----a-w C:\WINDOWS\system32\wmadmod.dll
- 2006-03-02 12:00:00 670,720 ----a-w C:\WINDOWS\system32\wmadmoe.dll
+ 2006-10-18 20:47:18 1,117,696 ----a-w C:\WINDOWS\system32\WMADMOE.dll
- 2006-03-02 12:00:00 230,400 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2006-10-18 20:47:18 222,208 ----a-w C:\WINDOWS\system32\wmasf.dll
- 2006-03-02 12:00:00 27,136 ----a-w C:\WINDOWS\system32\wmdmlog.dll
+ 2006-10-18 20:47:18 33,792 ----a-w C:\WINDOWS\system32\wmdmlog.dll
- 2006-03-02 12:00:00 23,552 ----a-w C:\WINDOWS\system32\wmdmps.dll
+ 2006-10-18 20:47:18 37,376 ----a-w C:\WINDOWS\system32\wmdmps.dll
- 2006-03-02 12:00:00 193,536 ----a-w C:\WINDOWS\system32\wmerror.dll
+ 2007-01-05 19:06:28 259,584 ----a-w C:\WINDOWS\system32\wmerror.dll
- 2006-03-02 12:00:00 151,552 ----a-w C:\WINDOWS\system32\wmidx.dll
+ 2006-10-18 20:47:20 157,184 ----a-w C:\WINDOWS\system32\wmidx.dll
- 2006-03-02 12:00:00 1,050,624 ----a-w C:\WINDOWS\system32\wmnetmgr.dll
+ 2006-10-18 20:47:20 937,984 ----a-w C:\WINDOWS\system32\WMNetMgr.dll
- 2006-03-02 12:00:00 4,874,240 ----a-w C:\WINDOWS\system32\wmp.dll
+ 2006-10-18 20:47:20 10,834,432 ----a-w C:\WINDOWS\system32\wmp.dll
- 2006-03-02 12:00:00 114,688 ----a-w C:\WINDOWS\system32\wmpasf.dll
+ 2006-10-18 20:47:20 242,688 ----a-w C:\WINDOWS\system32\wmpasf.dll
- 2006-03-02 12:00:00 233,472 ----a-w C:\WINDOWS\system32\wmpdxm.dll
+ 2006-10-18 20:47:20 314,880 ----a-w C:\WINDOWS\system32\wmpdxm.dll
- 2006-03-02 12:00:00 2,969,600 ----a-w C:\WINDOWS\system32\wmploc.dll
+ 2007-01-05 20:24:16 8,277,504 ----a-w C:\WINDOWS\system32\wmploc.dll
- 2006-03-02 12:00:00 102,400 ----a-w C:\WINDOWS\system32\wmpshell.dll
+ 2007-01-05 19:07:42 99,840 ----a-w C:\WINDOWS\system32\wmpshell.dll
- 2006-03-02 12:00:00 759,296 ----a-w C:\WINDOWS\system32\wmsdmod.dll
+ 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmod.dll
- 2006-03-02 12:00:00 1,119,744 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll
+ 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll
- 2006-03-02 12:00:00 484,864 ----a-w C:\WINDOWS\system32\wmspdmod.dll
+ 2006-10-18 20:47:22 603,648 ----a-w C:\WINDOWS\system32\WMSPDMOD.dll
- 2006-03-02 12:00:00 896,512 ----a-w C:\WINDOWS\system32\wmspdmoe.dll
+ 2006-10-18 20:47:22 1,329,152 ----a-w C:\WINDOWS\system32\WMSPDMOE.dll
- 2006-03-02 12:00:00 2,105,344 ----a-w C:\WINDOWS\system32\wmvcore.dll
+ 2006-10-18 20:47:22 2,450,944 ----a-w C:\WINDOWS\system32\wmvcore.dll
- 2006-03-02 12:00:00 809,984 ----a-w C:\WINDOWS\system32\wmvdmod.dll
+ 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmod.dll
- 2006-03-02 12:00:00 1,001,472 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll
+ 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll
+ 2008-06-05 21:58:54 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_420.dat
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vazias & legítimas por defeito não são mostradas.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]
"MsnMsgr"="C:\Programas\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]
"swg"="C:\Programas\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-05-27 16:20 171448]
"SpybotSD TeaTimer"="C:\Programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Creative WebCam Tray"="C:\Programas\Creative\Shared Files\CamTray.exe" [2005-10-27 11:00 299008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 22:46 13529088]
"nwiz"="nwiz.exe" [2008-05-02 22:46 1630208 C:\WINDOWS\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [2008-05-26 14:23 2879488 C:\WINDOWS\SkyTel.exe]
"Google Desktop Search"="C:\Programas\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-27 16:20 1862144]
"QuickTime Task"="C:\Programas\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"Adobe Reader Speed Launcher"="C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-02 22:46 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-26 14:23 16264192 C:\WINDOWS\RTHDCPL.exe]
"AdslTaskBar"="stmctrl.dll" [2004-05-13 15:54 159744 C:\WINDOWS\system32\stmctrl.dll]
"SunJavaUpdateSched"="C:\Programas\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]
C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\
WinZip Quick Pick.lnk - C:\Programas\WinZip\WZQKPICK.EXE [2007-08-03 11:10:00 394856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnoOghG]
nnnoOghG.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnnlljh]
opnnlljh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= C:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"vidc.divx"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll
"vidc.iyuv"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll
"vidc.uyvy"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yuy2"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yvyu"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Programas\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programas\\soulseek\\slsk.exe"=
"C:\\Programas\\azureus\\Azureus.exe"=
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2008-05-26 14:01]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2008-05-26 14:01]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 00:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 00:16]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-08 10:51]
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-09-04 09:15]
*Newly Created Service* - CATCHME
*Newly Created Service* - MSISERVER
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F8B9E5C0-4DCC-CFCF-ABA5-00401D608516}]
C:\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas\Recycle Bin\kdja.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
"2008-05-30 12:28:15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programas\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-06 00:30:18
Windows 5.1.2600 Service Pack 2 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros ocultos ...
Varredura completada com sucesso
Ficheiros ocultos: 0
**************************************************************************
.
Tempo para conclusão: 2008-06-06 0:31:43
ComboFix-quarantined-files.txt 2008-06-05 23:31:42
ComboFix2.txt 2008-06-05 21:32:43
Pre-Run: 91,914,739,712 bytes livres
Post-Run: 91,974,955,008 bytes livres
400 --- E O F --- 2008-06-05 21:49:09