Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Double accentuation : keylogger

Started by W0rm , May 06 2011 06:09 AM

  • Please log in to reply

#1
W0rm
Posted 06 May 2011 - 06:09 AM

W0rm

    Member

  • Member
  • PipPip
  • 34 posts
When I write it gives me double accentuation like this ´´ ´´a ~~, I suspect is a keylogger but malwarebytes,nod32,combofix,spybpot all failed to detect.
I got a virus too because I see malware blocking access to some websites from .ru so russia.

OTL logfile created on: 5/6/2011 5:40:06 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Roger\Os meus documentos\Transferências
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: Estados Unidos | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 127.00 Mb Available Physical Memory | 12.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 45.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programas
Drive C: | 54.81 Gb Total Space | 33.31 Gb Free Space | 60.77% Space Free | Partition Type: FAT32
Drive D: | 36.46 Gb Total Space | 2.41 Gb Free Space | 6.62% Space Free | Partition Type: NTFS
Drive F: | 465.64 Gb Total Space | 25.39 Gb Free Space | 5.45% Space Free | Partition Type: FAT32

Computer Name: NOME-3FABE5602A | User Name: Roger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/05 23:40:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roger\Os meus documentos\Transferências\OTL.exe
PRC - [2011/04/20 09:47:18 | 000,958,464 | ---- | M] (ESET) -- C:\Programas\ESET\ESET Smart Security\ekrn.exe
PRC - [2011/04/20 09:47:12 | 002,474,624 | ---- | M] (ESET) -- C:\Programas\ESET\ESET Smart Security\egui.exe
PRC - [2011/04/14 17:59:32 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programas\Mozilla Firefox\firefox.exe
PRC - [2011/04/03 01:20:46 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Programas\uTorrent\uTorrent.exe
PRC - [2011/01/20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Programas\DAEMON Tools Lite\DTLite.exe
PRC - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programas\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/12/20 18:08:56 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Programas\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/10/29 14:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe
PRC - [2009/11/13 11:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Programas\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/13 11:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Programas\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2008/04/14 16:09:48 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008/02/28 18:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe
PRC - [2006/02/20 17:00:18 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
PRC - [2005/07/08 04:55:04 | 000,491,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2005/07/08 04:55:02 | 000,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
PRC - [2005/06/20 19:16:36 | 000,057,344 | ---- | M] () -- C:\Programas\ASUS\Wireless Console\wcourier.exe
PRC - [2005/05/12 03:15:14 | 000,102,400 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2005/05/09 22:12:22 | 001,953,792 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2004/12/22 13:42:22 | 000,045,056 | ---- | M] () -- C:\Programas\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
PRC - [2004/12/22 01:23:00 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Programas\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/10/15 11:31:32 | 000,356,352 | ---- | M] (Intel Corporation) -- C:\Programas\Intel\Wireless\Bin\EOUWiz.exe
PRC - [2004/10/15 11:30:52 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\Programas\Intel\Wireless\Bin\OProtSvc.exe
PRC - [2004/10/15 11:27:56 | 000,385,024 | ---- | M] (Intel Corporation) -- C:\Programas\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004/10/15 11:27:38 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Programas\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/10/15 11:23:12 | 000,245,760 | ---- | M] (Intel) -- C:\Programas\Intel\Wireless\Bin\1XConfig.exe
PRC - [2004/09/21 16:55:40 | 000,081,920 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programas\ASUS\Power4 Gear\BatteryLife.exe
PRC - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003/12/05 15:41:44 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Programas\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2003/09/19 12:54:44 | 000,172,032 | ---- | M] () -- C:\Programas\ASUS\ASUS Live Update\ALU.exe


========== Modules (SafeList) ==========

MOD - [2011/05/05 23:40:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roger\Os meus documentos\Transferências\OTL.exe
MOD - [2010/08/23 16:12:34 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004/12/22 01:23:00 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/20 09:48:00 | 000,183,904 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Programas\ESET\ESET Smart Security\EShaSrv.exe -- (ESHASRV)
SRV - [2011/04/20 09:47:18 | 000,958,464 | ---- | M] (ESET) [Auto | Running] -- C:\Programas\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programas\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/11/13 11:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Programas\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/02/28 18:07:48 | 000,529,704 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/15 11:30:52 | 000,098,304 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programas\Intel\Wireless\Bin\OProtSvc.exe -- (OwnershipProtocol)
SRV - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/04/20 15:31:40 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/04/20 09:47:30 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2011/04/20 09:47:30 | 000,033,632 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2011/04/20 09:47:28 | 000,143,872 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2011/04/20 09:47:16 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011/04/20 09:46:50 | 000,153,112 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2006/03/16 13:24:06 | 004,249,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/08/30 22:42:36 | 001,333,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/04/18 10:21:00 | 000,027,136 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005/02/17 10:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005/01/17 13:13:28 | 000,098,304 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/01/17 09:44:00 | 001,036,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2005/01/17 09:44:00 | 000,702,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/01/17 09:44:00 | 000,163,328 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/01/09 20:47:00 | 000,046,592 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004/12/22 04:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004/12/06 02:51:00 | 000,051,328 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys -- (rimsptsk)
DRV - [2004/12/05 08:57:00 | 000,307,456 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys -- (rismxdp)
DRV - [2004/11/16 15:51:54 | 000,050,048 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2004/10/29 18:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Driver de conexão de rede Intel®
DRV - [2004/10/15 11:20:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/10/05 03:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/09/02 10:44:00 | 000,142,464 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yukonwxp.sys -- (yukonwxp)
DRV - [2004/08/12 17:45:52 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/12 08:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2000/03/29 14:17:42 | 000,005,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS -- (Asushwio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2786678
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Programas\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programas\Mozilla Firefox\components [2011/05/01 14:02:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programas\Mozilla Firefox\plugins [2011/03/03 21:02:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Programas\ESET\ESET Smart Security\Mozilla Thunderbird [2011/05/05 19:32:42 | 000,000,000 | ---D | M]

[2011/03/03 21:03:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roger\Application Data\mozilla\Extensions
[2011/03/23 18:24:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roger\Application Data\mozilla\Extensions\[email protected]
[2011/03/03 22:03:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ht2wfx7i.Utilizador pré-definido\extensions
[2011/03/31 19:52:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ht2wfx7i.Utilizador pré-definido\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/03 22:03:14 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ht2wfx7i.Utilizador pré-definido\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/05/01 14:02:54 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ht2wfx7i.Utilizador pré-definido\extensions\[email protected]
[2011/03/19 18:32:56 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ht2wfx7i.Utilizador pré-definido\extensions\[email protected]
[2011/05/05 01:59:42 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ht2wfx7i.Utilizador pré-definido\extensions\[email protected]
[2011/03/03 22:03:12 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ht2wfx7i.Utilizador pré-definido\extensions\vshare@toolbar
[2011/03/03 22:03:14 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ht2wfx7i.Utilizador pré-definido\extensions\[email protected]
[2011/03/13 20:52:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ugf5rbfa.Roger\extensions
[2011/03/13 21:23:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Roger\Application Data\mozilla\Firefox\Profiles\ugf5rbfa.Roger\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/03 21:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programas\Mozilla Firefox\extensions
[2011/04/02 19:11:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/03/23 18:23:16 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAMAS\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]
[2011/04/14 17:59:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programas\Mozilla Firefox\components\browsercomps.dll
[2011/04/02 19:09:50 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programas\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 09:00:00 | 000,001,525 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,001,529 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\priberam.xml
[2010/01/01 09:00:00 | 000,002,071 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\sapo.xml
[2010/01/01 09:00:00 | 000,000,942 | ---- | M] () -- C:\Programas\Mozilla Firefox\searchplugins\wikipedia-ptpt.xml

O1 HOSTS File: ([2011/05/05 23:12:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programas\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programa Auxiliar de Início de Sessão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Programas\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programas\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Programas\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Programas\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [ASUS Live Update] C:\Programas\ASUS\ASUS Live Update\ALU.exe ()
O4 - HKLM..\Run: [Atalho para a Página de Propriedades do High Definition Audio] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [egui] C:\Programas\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [EOUApp] C:\Programas\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] C:\Programas\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Programas\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programas\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Power_Gear] C:\Programas\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Wireless Console] C:\Programas\ASUS\Wireless Console\wcourier.exe ()
O4 - HKCU..\Run: [{8945DD15-B7CB-D1E9-C002-6FF160068083}] C:\Documents and Settings\Roger\Imbor\zire.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programas\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Programas\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [uTorrent] C:\Programas\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\Bluetooth Manager.lnk = C:\Programas\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programas\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programas\Ficheiros comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Programas\Intel\Wireless\Bin\LgNotify.dll - C:\Programas\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop Components:0 (A minha home page actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Roger\Definições locais\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Roger\Definições locais\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/10/28 06:24:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2006/02/09 14:59:36 | 000,000,000 | R--D | M] - F:\autorun -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/06 17:50:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roger\Application Data\PriceGong
[2011/05/05 23:01:46 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/05/05 22:57:41 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/05 22:57:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/05 22:57:41 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/05 22:57:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/05 22:57:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/05 22:56:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/05 19:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roger\Definições locais\Application Data\ESET
[2011/05/05 19:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roger\Application Data\ESET
[2011/05/05 19:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Definições locais\Application Data\ESET
[2011/05/05 19:32:36 | 000,000,000 | ---D | C] -- C:\Programas\ESET
[2011/05/05 19:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\ESET
[2011/05/05 19:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011/05/05 18:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Spybot - Search & Destroy
[2011/05/05 18:28:41 | 000,000,000 | ---D | C] -- C:\Programas\Spybot - Search & Destroy
[2011/05/05 18:28:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/04/30 01:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roger\Application Data\Malwarebytes
[2011/04/29 14:49:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/29 14:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes' Anti-Malware
[2011/04/29 14:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/04/29 14:49:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/29 14:49:20 | 000,000,000 | ---D | C] -- C:\Programas\Malwarebytes' Anti-Malware
[2011/04/26 12:30:30 | 000,000,000 | ---D | C] -- C:\Tron.Legacy.1080p.BluRay.x264-TWiZTED
[2011/04/23 16:39:34 | 000,000,000 | ---D | C] -- C:\FOUND.004
[2011/04/22 00:13:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roger\Definições locais\Application Data\SKIDROW
[2011/04/21 21:32:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Valve
[2011/04/20 18:52:33 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2011/04/20 15:31:37 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011/04/20 15:31:25 | 000,000,000 | ---D | C] -- C:\Programas\DAEMON Tools Lite
[2011/04/20 15:31:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roger\Application Data\DAEMON Tools Lite
[2011/04/20 15:31:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/04/20 09:47:30 | 000,055,768 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys
[2011/04/20 09:47:30 | 000,033,632 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys
[2011/04/20 09:47:28 | 000,143,872 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys
[2011/04/20 09:47:16 | 000,118,104 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2011/04/20 09:46:50 | 000,153,112 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2011/04/18 13:22:30 | 000,000,000 | ---D | C] -- C:\FOUND.003
[2011/04/16 15:56:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roger\Ambiente de trabalho\Confirmacao
[2011/04/14 12:08:52 | 000,000,000 | ---D | C] -- C:\FOUND.002
[2011/04/13 00:11:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roger\Ambiente de trabalho\Omega
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/06 00:07:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/06 00:06:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/06 00:06:26 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/05 23:01:54 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/05/05 18:28:50 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\Spybot - Search & Destroy.lnk
[2011/05/05 01:19:04 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/04 22:15:02 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2011/05/04 19:19:04 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/03 14:53:42 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\Roger\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/03 13:24:44 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/05/01 14:02:22 | 000,486,748 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2011/05/01 14:02:22 | 000,435,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/01 14:02:22 | 000,083,210 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2011/05/01 14:02:22 | 000,068,490 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/01 14:02:22 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Roger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/01 14:02:22 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Mozilla Firefox.lnk
[2011/04/30 03:20:54 | 000,001,681 | ---- | M] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Google Chrome.lnk
[2011/04/29 14:49:44 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Malwarebytes' Anti-Malware.lnk
[2011/04/25 22:34:24 | 270,820,936 | ---- | M] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\Dainumo- Jeesh- P SUS - 3 Flavors of 8bit.zip
[2011/04/25 17:36:32 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Roger\PUTTY.RND
[2011/04/25 09:15:26 | 000,001,659 | ---- | M] () -- C:\Documents and Settings\Roger\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/21 21:32:32 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Portal 2.lnk
[2011/04/20 15:31:40 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011/04/20 15:31:30 | 000,001,481 | ---- | M] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\DAEMON Tools Lite.lnk
[2011/04/20 09:47:30 | 000,055,768 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys
[2011/04/20 09:47:30 | 000,033,632 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwndis.sys
[2011/04/20 09:47:28 | 000,143,872 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfw.sys
[2011/04/20 09:47:16 | 000,118,104 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2011/04/20 09:46:50 | 000,153,112 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2011/04/18 13:26:16 | 000,001,858 | ---- | M] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\eBay Sidebar for Firefox.lnk
[2011/04/16 13:32:42 | 000,143,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/16 03:11:34 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/14 11:54:22 | 000,115,406 | ---- | M] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\LL.htm
[2011/04/09 13:34:40 | 000,030,015 | ---- | M] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\163088_1684623870726_1091492724_31844899_1200103_n.jpg
[2011/04/09 13:34:30 | 000,045,150 | ---- | M] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\149067_1684623550718_1091492724_31844898_3416409_n.jpg
[2011/04/09 13:32:38 | 000,044,519 | ---- | M] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\IMG_1293.jpg
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/05 23:01:51 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/05/05 23:01:49 | 000,261,920 | RHS- | C] () -- C:\cmldr
[2011/05/05 22:57:41 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/05 22:57:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/05 22:57:41 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/05 22:57:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/05 22:57:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/05 18:28:48 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\Spybot - Search & Destroy.lnk
[2011/05/01 14:02:20 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Mozilla Firefox.lnk
[2011/04/29 14:49:42 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Malwarebytes' Anti-Malware.lnk
[2011/04/25 22:34:22 | 270,820,936 | ---- | C] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\Dainumo- Jeesh- P SUS - 3 Flavors of 8bit.zip
[2011/04/25 17:31:12 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Roger\PUTTY.RND
[2011/04/21 21:32:30 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\Portal 2.lnk
[2011/04/20 18:56:28 | 001,216,564 | ---- | C] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\DSC01295.JPG
[2011/04/20 18:56:10 | 001,286,235 | ---- | C] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\DSC01294.JPG
[2011/04/20 15:31:29 | 000,001,481 | ---- | C] () -- C:\Documents and Settings\All Users\Ambiente de trabalho\DAEMON Tools Lite.lnk
[2011/04/14 11:54:10 | 000,115,406 | ---- | C] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\LL.htm
[2011/04/09 13:34:37 | 000,030,015 | ---- | C] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\163088_1684623870726_1091492724_31844899_1200103_n.jpg
[2011/04/09 13:34:26 | 000,045,150 | ---- | C] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\149067_1684623550718_1091492724_31844898_3416409_n.jpg
[2011/04/09 13:32:32 | 000,044,519 | ---- | C] () -- C:\Documents and Settings\Roger\Ambiente de trabalho\IMG_1293.jpg
[2011/03/27 17:21:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/03/21 18:08:50 | 000,019,813 | ---- | C] () -- C:\WINDOWS\HPHins02.dat
[2011/03/21 18:08:50 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat
[2011/03/21 18:08:21 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hphped05.exe
[2011/03/21 18:08:12 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2011/03/14 09:59:24 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011/03/04 15:36:12 | 000,073,728 | ---- | C] () -- C:\Documents and Settings\Roger\Definições locais\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/03 23:02:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WinInit.ini
[2011/03/03 21:10:28 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011/03/03 21:03:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/28 06:31:57 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\ASLM75.SYS
[2005/10/28 06:31:55 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2005/10/28 06:29:32 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/10/28 06:28:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/10/28 06:22:29 | 000,021,924 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/10/28 06:17:35 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/10/28 06:16:52 | 000,143,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/10/27 23:51:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/03 04:18:00 | 000,104,373 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/02/17 10:07:48 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004/12/03 08:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/11/03 11:30:05 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004/11/03 11:30:04 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/11/03 11:29:45 | 000,486,748 | ---- | C] () -- C:\WINDOWS\System32\perfh016.dat
[2004/11/03 11:29:45 | 000,314,414 | ---- | C] () -- C:\WINDOWS\System32\perfi016.dat
[2004/11/03 11:29:45 | 000,083,210 | ---- | C] () -- C:\WINDOWS\System32\perfc016.dat
[2004/11/03 11:29:45 | 000,036,952 | ---- | C] () -- C:\WINDOWS\System32\perfd016.dat
[2004/11/03 11:29:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/11/03 11:29:27 | 000,435,594 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/11/03 11:29:27 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/11/03 11:29:27 | 000,068,490 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/11/03 11:29:27 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/11/03 11:29:26 | 000,004,487 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/11/03 11:29:25 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/11/03 11:29:23 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/11/03 11:29:18 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/11/03 11:29:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/11/03 11:29:11 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/11/03 11:29:01 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/09/23 03:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/08/12 08:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/07/21 10:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/16 07:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/07/30 08:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll

< End of report >


Edited by W0rm, 06 May 2011 - 03:32 PM.

  • 0

Advertisements

#2
W0rm
Posted 06 May 2011 - 10:39 AM

W0rm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Any one ?
  • 0

#3
W0rm
Posted 07 May 2011 - 05:35 AM

W0rm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I installed kaspersky and the trojan spy.win32.zbot.bnca was detected but after deleting it allways comes back.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP