Report 2012-01-03 22.15.24

QuickScan 32-bit v0.9.9.
101
--------------------------Data da anlise: Tue Jan 03 22:15:24 2012
ID da mquina: C00D2772
4 arquivos infectados encontrados!

---------------------------------D:\WINDOWS\system32\spool\svchost.exe --> Trojan.Generic.4056132
--> Processo svchost.exe (388)
D:\WINDOWS\system32\spool\spool.exe --> Trojan.Generic.4056132
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"spoolsv"
D:\WINDOWS\system32\spool\mdm.exe --> Trojan.Generic.4056132
--> Processo mdm.exe (452)
D:\WINDOWS\kuya.exe --> Trojan.Generic.4056132
--> HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\"AlternateShell"
Processos
--------app_filter Module
368
D:\Arquivos de prog
ramas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
AsSysCtr Application
2016
D:\Arquivos de prog
ramas\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
Bilhetagem.exe
488
E:\TARITRON WINDOWS
\Bilhetagem.exe
Brother Status Monitor Application
2024
D:\Arquivos de prog
ramas\Browny02\Brother\BrStMonW.exe
BrYNCSvc
2716
D:\Arquivos de prog
ramas\Browny02\BrYNSvc.exe
Control Center 3
2036
D:\Arquivos de prog
ramas\Brother\ControlCenter3\BrccMCtl.exe
Core Service
1984
D:\Arquivos de prog
ramas\SUPERAntiSpyware\SASCore.exe
ESET Smart Security
180
D:\Arquivos de prog
ramas\ESET\ESET NOD32 Antivirus\egui.exe
ESET Smart Security
208
D:\Arquivos de prog
ramas\ESET\ESET NOD32 Antivirus\ekrn.exe
File Folder
452
D:\WINDOWS\system32
\spool\mdm.exe
File Folder
388
D:\WINDOWS\system32
\spool\svchost.exe
Google Chrome
192
D:\Documents and Se
ttings\CENTRAL\Configuraes locais\Dados de aplicativos\Google\Chrome\Application\c
hrome.exe
Google Chrome
1176
D:\Documents and Se
hrome.exe
Google Chrome
3812
D:\Documents and Se
hrome.exe
Google Chrome
3576
D:\Documents and Se
hrome.exe
Google Chrome
3500
D:\Documents and Se
hrome.exe
Google Chrome
3404
D:\Documents and Se
hrome.exe
Google Chrome
2704
D:\Documents and Se
hrome.exe
Google Chrome
2996
D:\Documents and Se
hrome.exe
Google Chrome
1064
D:\Documents and Se
hrome.exe
Java(TM) Platform SE 6 U29
612
D:\Arquivos de prog
ramas\Java\jre6\bin\jqs.exe
Microsoft Windows Operating System
2960
D:\WINDOWS\system32\alg
.exe
2100
D:\WINDOWS\system32\cid
aemon.exe
124
D:\WINDOWS\system32\cis
vc.exe
684
D:\WINDOWS\system32\csr
ss.exe
3656
D:\WINDOWS\system32\ctf
mon.exe
768
D:\WINDOWS\system32\lsa
ss.exe
1308
D:\WINDOWS\system32\spo
olsv.exe
1112
D:\WINDOWS\system32\svc
host.exe
1248
host.exe
1424
host.exe
1944
host.exe
992
host.exe
940
host.exe
1160
host.exe
NAM
204
D:\Arquivos de prog
ramas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
NexCaf
504
E:\nexcafe\NexAdmin.e
xe
NexCaf
480
E:\nexcafe\NexServ.ex
e
nssstub Components
1964
C:\Documentos\DOWNL
OADS\NSSstub.exe
NVIDIA Driver Helper Service, Version 2 816
D:\WINDOWS\system32
\nvsvc32.exe
NVIDIA Update Components
1068
D:\Arquivos de prog
ramas\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
RegCleaner
3484
D:\Arquivos de prog
ramas\RegCleaner\RegCleanr.exe
Sistema operacional Microsoft Windows 1544

D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\ser
Sistema Operacional Microsoft Windows
D:\WINDOWS\system32\sms
vices.exe
428
s.exe
D:\WINDOWS\system32\wbe
m\wmiapsrv.exe
D:\WINDOWS\system32\win
logon.exe
Windows Live Communications Platform
2536
D:\Arquivos de prog
ramas\Windows Live\Contacts\wlcomm.exe
Windows Live Messenger
324
D:\Arquivos de prog
ramas\Windows Live\Messenger\msnmsgr.exe
(verificado) Google Update
312
D:\Documents and S
ettings\CENTRAL\Configuraes locais\Dados de aplicativos\Google\Update\GoogleUpdate
.exe
(verificado) Microsoft Windows Operating System
1440
D:\WINDOWS\system32\wd
fmgr.exe
Atividade da Rede
----------------Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
Processo ekrn.exe
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
80 (HTTP) --> 74.125.234.91

80 (HTTP) --> 74.125.234.91
80 (HTTP) --> 200.154.56.237
80 (HTTP) --> 74.125.234.26
80 (HTTP) --> 74.125.234.26
80 (HTTP) --> 200.154.56.237
80 (HTTP) --> 4.53.58.203
80 (HTTP) --> 209.167.231.15
80 (HTTP) --> 184.28.2.32
80 (HTTP) --> 68.177.32.26
80 (HTTP) --> 107.20.219.162
80 (HTTP) --> 184.28.2.32
80 (HTTP) --> 74.125.234.27
80 (HTTP) --> 74.125.234.64
80 (HTTP) --> 200.154.56.14
80 (HTTP) --> 184.28.2.32
1863 (MSN) --> 65.55.71.51
80 (HTTP) --> 200.154.56.237
80 (HTTP) --> 66.151.153.10
80 (HTTP) --> 184.28.2.32
80 (HTTP) --> 67.134.208.207
80 (HTTP) --> 184.30.220.20
80 (HTTP) --> 74.125.234.20
443 (HTTP over SSL) --> 74.125.47.132
80 (HTTP) --> 200.154.56.237
80 (HTTP) --> 184.28.2.32
80 (HTTP) --> 67.134.208.207
80 (HTTP) --> 200.192.176.87
80 (HTTP) --> 200.154.56.237
80 (HTTP) --> 184.27.149.115
443 (HTTP over SSL) --> 74.125.157.132
80 (HTTP) --> 74.125.234.6
80 (HTTP) --> 200.192.176.87
443 (HTTP over SSL) --> 74.125.157.132
80 (HTTP) --> 74.125.234.6
80 (HTTP) --> 66.235.143.118
80 (HTTP) --> 200.192.176.87
80 (HTTP) --> 184.107.18.216
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
Processo
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
ekrn.exe
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
(208)
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
conectado
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
porta
80 (HTTP)
443 (HTTP
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
443 (HTTP
80 (HTTP)
80 (HTTP)
443 (HTTP
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
80 (HTTP)
--> 200.192.176.87
over SSL) --> 74.125.234.6
--> 200.192.176.87
--> 200.192.176.87
--> 74.125.234.82
--> 184.28.2.32
--> 67.131.38.66
--> 200.192.176.87
--> 69.31.132.57
--> 74.125.234.82
--> 195.27.252.18
--> 72.246.216.33
--> 74.125.234.115
--> 184.28.2.32
--> 184.28.2.32
--> 200.192.176.87
--> 195.27.252.18
--> 74.125.234.26
--> 200.192.176.87
--> 195.27.252.18
--> 72.246.216.33
--> 72.246.216.33
--> 200.192.176.87
--> 195.27.252.18
over SSL) --> 74.125.234.20
--> 195.27.252.18
--> 72.246.216.33
over SSL) --> 74.125.234.10
--> 72.246.216.33
--> 74.125.234.72
--> 69.31.132.57
--> 72.246.216.33
--> 69.171.224.11
--> 74.125.45.95
--> 69.171.224.11
--> 74.125.234.26
--> 184.28.2.32
--> 184.28.2.32
--> 74.125.234.64
--> 74.125.234.90
--> 74.125.234.122
--> 184.28.2.32
--> 184.28.2.32
Processo NexServ.exe (480) escuta na porta: 16200, 16201, 16205

Processo svchost.exe (992) escuta na porta: 135 (RPC)
Autoruns e arquivos crticos
---------------------------Bilhetagem.exe
gem.exe
Brother Status Monitor Application
owny02\Brother\BrStMonW.exe
ControlCenter
other\ControlCenter3\brctrcen.exe
CpuLevelUpHelp.exe
US\AI Suite\CpuLevelUpHelp.exe
ESET Smart Security
ET\ESET NOD32 Antivirus\egui.exe
E:\TARITRON WINDOWS\Bilheta
D:\Arquivos de programas\Br
D:\Arquivos de programas\Br
D:\Arquivos de programas\AS
D:\Arquivos de programas\ES
File Folder
D:\WINDOWS\system32\spool\s
D:\WINDOWS\system32\CRYPTNET.dl

D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\dimsntfy.dl
NexCaf
nssstub Components
E:\nexcafe\NexServ.exe
C:\Documentos\DOWNLOADS\NSS
NVIDIA Windows Display driver, Version
D:\WINDOWS\system32\NvCpl.d
pool.exe
l
l
stub.exe
ll
nwiz.exe
D:\Arquivos de programas\NV
IDIA Corporation\nview\nwiz.exe
RealUpgrade
D:\Arquivos de programas\Re
al\RealUpgrade\realupgrade.exe
Sistema operacional Microsoft Windows D:\WINDOWS\system32\BROWSEUI.dl
l
Sistema operacional Microsoft Windows D:\WINDOWS\system32\CRYPT32.dll
Sistema operacional Microsoft Windows D:\WINDOWS\System32\CSCDLL.dll
Sistema operacional Microsoft Windows D:\WINDOWS\system32\logonui.exe
Sistema operacional Microsoft Windows D:\WINDOWS\system32\sclgntfy.dl
l
Sistema operacional Microsoft Windows D:\WINDOWS\system32\SHELL32.dll
Sistema operacional Microsoft Windows D:\WINDOWS\system32\stobject.dl
l
Sistema operacional Microsoft Windows d:\windows\system32\userinit.ex
e
Sistema operacional Microsoft Windows D:\WINDOWS\system32\WlNotify.dl
l
SuperAntiSpyware
D:\Arquivos de programas\SU
PERAntiSpyware\SASSEH.DLL
SUPERAntiSpyware WinLogon Processor
D:\Arquivos de programas\SU
PERAntiSpyware\SASWINLO.DLL
Windows Live Messenger
D:\Arquivos de programas\Wi
ndows Live\Messenger\msnmsgr.exe
(verificado) Google Update
D:\Documents and Settings\
CENTRAL\Configuraes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
(verificado) Windows Internet Explorer
D:\WINDOWS\system32\msfeedss
ync.exe
(verificado) Windows Internet Explorer
D:\WINDOWS\system32\webcheck
.dll
Plugins do navegador
-------------------AcroIEHelperShim Library
d:\arquivos de programas\ar
quivos comuns\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat
D:\Arquivos de programas\Ad
obe\Reader 10.0\Reader\AIR\nppdf32.dll
BitDefender QuickScan
D:\Documents and Settings\C
ENTRAL\Configuraes locais\Dados de aplicativos\Google\Chrome\User Data\Default\Ext
ensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.101_0\npqscan.dll
Google Update
D:\Documents and Settings\C
ENTRAL\Configuraes locais\Dados de aplicativos\Google\Update\1.3.21.79\npGoogleUpd
ate3.dll
iefdm2.dll
d:\arquivos de programas\fr
ee download manager\iefdm2.dll
d:\arquivos de programas\ja
va\jre6\bin\jp2ssv.dll

D:\Arquivos de programas\Ja
va\jre6\bin\new_plugin\npjp2.dll
d:\arquivos de programas\ja
va\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Messenger
D:\Arquivos de programas\Me
ssenger\msmsgs.exe
D:\WINDOWS\system32\rsvpsp.dll
D:\WINDOWS\System32\winrnr.dll
NPSWF32.dll
D:\WINDOWS\system32\Macrome
d\Flash\NPSWF32.dll
RealJukebox NS Plugin
d:\arquivos de programas\re
al\realplayer\Netscape6\nprjplug.dll
RealNetworks(tm) Chrome Background Exte D:\Documents and Settings\A
ll Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins
\nprpchromebrowserrecordext.dll
RealPlayer Download and Record Plugin
d:\documents and settings\a
ll users\dados de aplicativos\real\realplayer\browserrecordplugin\ie\rpbrowserre
cordplugin.dll
RealPlayer Version Plugin
d:\arquivos de programas\re
al\realplayer\Netscape6\nprpjplug.dll
RealPlayer(tm) G2 LiveConnect-Enabled P d:\arquivos de programas\re
al\realplayer\Netscape6\nppl3260.dll
RealPlayer(tm) HTML5VideoShim Plug-In ( D:\Documents and Settings\A
ll Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins
\nprphtml5videoshim.dll
Shockwave for Director
D:\WINDOWS\system32\Adobe\D
irector\np32dsw.dll
Silverlight Plug-In
D:\Arquivos de programas\Mi
crosoft Silverlight\4.0.60831.0\npctrl.dll
Sistema operacional Microsoft Windows D:\WINDOWS\system32\mswsock.dll
Windows Presentation Foundation
D:\WINDOWS\Microsoft.NET\Fr
amework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows Internet Explorer
D:\WINDOWS\system32\ieframe.d
ll
(verificado) Microsoft Windows Live Login Helper
d:\arquivos de programas\arq
uivos comuns\microsoft shared\windows live\windowslivelogin.dll
(verificado) Microsoft Windows Operating System
D:\WINDOWS\Network Diagnostic\
xpnetdiag.exe
Anlise
------MD5: 5725f828277af5ed55dc929a0b2fd653 C:\Documentos\DOWNLOADS\NSSstub.exe
MD5: 198bed114015c2671c88fdc32cdcb21d D:\Arquivos de programas\Adobe\Reader 10.
0\Reader\AIR\nppdf32.dll
MD5: 8c4ac22616e77925135c221c46dc6307 d:\arquivos de programas\arquivos comuns\
adobe\acrobat\activex\acroiehelpershim.dll
MD5: 0cf54607b862bf6cdc7eb21be189be84 D:\Arquivos de programas\Arquivos comuns\
Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: 51645c21978b82e625d079156ae20b99 D:\Arquivos de programas\Arquivos comuns\
Adobe\Acrobat\ActiveX\PDFShell.PTB
MD5: a328a46d87bb92ce4d8a4528e9d84787 D:\Arquivos de programas\Arquivos comuns\
Ahead\Lib\NMIndexingService.exe
MD5: c0140cda79a1be04f0c2aadb92cf57ab D:\Arquivos de programas\Arquivos comuns\
Microsoft Shared\Filters\msgfilt.dll
MD5: 785f487a64950f3cb8e9f16253ba3b7b D:\Arquivos de programas\Arquivos comuns\
Microsoft Shared\OFFICE12\ODSERV.EXE
MD5: 94d247679e0862c7fa8c5ad712e03948 D:\Arquivos de programas\ASUS\AI Suite\Cp
uLevelUpHelp.exe
MD5: d41d31d5b0c9b0cb2a34b878e84e7b6a D:\Arquivos de programas\ASUS\AsSysCtrlSe
rvice\1.00.02\AsAcpi.dll
MD5: 954ffbff05b0b60eb63b52af561436c4
rvice\1.00.02\AsSysCtrlService.exe
MD5: b11f7db91e12bbca71be88bfb2120faf
ies\BrLogAPI.dll
MD5: 10c43ed5c5e04384669bb3dbed487965
enter3\brccDCtl.dll
MD5: 7962349960bea82a0fbd114ac8c71a40
enter3\brccFCtl.dll
MD5: 9cbc05b2044af8f85d7ca39f3588db06
enter3\brccimg.dll
MD5: 48314794c8a292c5fd247acdde03630f
enter3\BrccMCtl.exe
MD5: ccf0480884aff6d9647542a0acdf2243
enter3\brccpor.dll
MD5: 4de3ef07e0854547309c6b40235a9d44
enter3\brctrcen.exe
MD5: 77fb208063da1322c2e3355466bb3fd4
enter3\LTDIS12n.dll
MD5: 3e673974ab50a2b8276de3fded15d56a
enter3\LTFIL12n.DLL
MD5: f122133b677e43c0a027f5f742822bec
enter3\LTKRN12n.dll
MD5: 27a7a0733d89ca70ad5fc8f957eaa9cf
.dll
MD5: f71ec3fec2ebeb67d067e9da1469a9e0
a.dll
MD5: 60b2fac030061a09fb0b80371bfe7161
or.dll
MD5: b907641b954b7c8c7f81ea8679314bfd
\BrFirmUpdateCheck.dll
MD5: 640609646d2e6f805e89238f0add3a1a
\BrStMonW.exe
MD5: af1dff1bc882ad682f59c9e3b198a9bc
\BrStMonWRes.dll
MD5: ea7e57f87d6fee5fd6c5f813c04e8cd2
.exe
MD5: c3ed032af1c30f92546a698cc7173605
Antivirus\egui.exe
MD5: a999f363006b3c7e5600d46f339abe3e
Antivirus\eguiAmon.dll
MD5: 6da0496a2b907a7003991a2c16583362
Antivirus\eguiDmon.dll
MD5: 67e1e562bc092a2c0ed0e22f3942b34c
Antivirus\eguiEmon.dll
MD5: 571924da473f79aa51289022c196d5a6
Antivirus\eguiEpfw.dll
MD5: 2dfef88e99d9ade243d39af4c8296103
Antivirus\eguiHips.dll
MD5: eafd199679ff274cf5b7d1212ffb7cfe
Antivirus\eguiMailPlugins.dll
MD5: 5ee6b7d2a1de24291f82af1941b89f60
Antivirus\eguiScan.dll
MD5: 86ebf2017fa2641e1529f4ae52f29942
Antivirus\eguiUpdate.dll
MD5: c7bb95cf9631aa401e4aded1648f6af7
Antivirus\ekrn.exe
MD5: 6850a67df27e42a51805af2a0f8235f1
Antivirus\ekrnAmon.dll
MD5: 3629d654b61c49ee199b6c7822d5645d
D:\Arquivos de programas\ASUS\AsSysCtrlSe
D:\Arquivos de programas\Brother\BrUtilit
D:\Arquivos de programas\Brother\ControlC
D:\Arquivos de programas\Browny02\brlm03a
D:\Arquivos de programas\Browny02\brlmw03
D:\Arquivos de programas\Browny02\BrMonit
D:\Arquivos de programas\Browny02\Brother
D:\Arquivos de programas\Browny02\BrYNSvc
D:\Arquivos de programas\ESET\ESET NOD32
Antivirus\ekrnDmon.dll
MD5: 56a494af81a76498e93ed0091f9557e4 D:\Arquivos
Antivirus\ekrnEmon.dll
MD5: 3ad81066de62d6d639e6231cddc56261 D:\Arquivos
Antivirus\ekrnEpfw.dll
MD5: d23bbc0827b1d8730c8c1cfa1d82ccd5 D:\Arquivos
Antivirus\ekrnHips.dll
MD5: 225b0dfb3490fd7860b0c12a8103031a D:\Arquivos
Antivirus\ekrnMailPlugins.dll
MD5: aa7f66b5d4b20a8bf4d0607ecfa0d274 D:\Arquivos
Antivirus\ekrnScan.dll
MD5: 8bd055a8eb90193b72f5175fa8506156 D:\Arquivos
Antivirus\ekrnUpdate.dll
MD5: a63cff7986d4c443b21988b726e9e30a D:\Arquivos
Antivirus\shellExt.dll
MD5: f26102500a90e72fa73e9ab40c1dfb81 D:\Arquivos
Antivirus\updater.dll
MD5: 368d92d91f5aec8c3adb556522c3b287 d:\arquivos
nager\iefdm2.dll
MD5: dc365b6e595683f67bc21a203432e336 d:\arquivos
2ssv.dll
MD5: 381b25dc8e958d905b33130d500bbf29 D:\Arquivos
s.exe
MD5: 1e96525ae85d402f9f8047f8caef5f06 D:\Arquivos
w_plugin\npjp2.dll
MD5: e3a7850421a4ab8b15fc174eb587bc6b d:\arquivos
ploy\jqs\ie\jqs_plugin.dll
MD5: ce6db25ffa35fd051c503f11db745862 D:\Arquivos
light\4.0.60831.0\npctrl.dll
MD5: 5e8edd6a52e897c19ec6e149fe6c7a8e D:\Arquivos
BackItUp\NBService.exe
MD5: 9dda9e15f938423413943a9f43c516f2 D:\Arquivos
BackItUp\NBShell.dll
MD5: c1febcf27f5b682fde3e793082b4bbc2 D:\Arquivos
on\NetworkAccessManager\bin32\NMI.dll
MD5: b53d64a7ba4bc661b0baf6453f6fc743 D:\Arquivos
on\NetworkAccessManager\bin32\nSvcAppFlt.exe
MD5: 168437a522d178df6a372f09782b084f D:\Arquivos
on\NetworkAccessManager\bin32\nSvcIp.exe
MD5: a485a7229e336a1c2c9adb54234f444a D:\Arquivos
on\NetworkAccessManager\bin32\nv_common.dll
MD5: 0cc1a5508c1c3d11710bb160e0721211 D:\Arquivos
on\NetworkAccessManager\bin32\SpecialCase.dll
MD5: 9c84945feee40ea42d3bca5c22250d47 D:\Arquivos
on\NVIDIA Updatus\daemonu.exe
MD5: d081c72a6a33b6b7127d17b66ffdf995 D:\Arquivos
on\nview\nwiz.exe
MD5: 850820c1441620d2c692603551aa10db d:\arquivos
Netscape6\nppl3260.dll
MD5: 52adf2256e4df1f2837270617ba27b3c d:\arquivos
Netscape6\nprjplug.dll
MD5: 03b65f4a482da5bcb6f43d12cc51475a d:\arquivos
Netscape6\nprpjplug.dll
MD5: 874b6089db177c2c9f2029cb5199373f D:\Arquivos
\realupgrade.exe
MD5: 6595d9219001c38b9d727983b38addfd D:\Arquivos
eanr.exe
MD5: c0393eb99a6c72c6bef9bfc4a72b33a6 D:\Arquivos
\SASCore.exe
MD5: 477e08fe0114afea114fc954c983d4db D:\Arquivos
de programas\ESET\ESET NOD32
de programas\free download ma
de programas\java\jre6\bin\jp
de programas\Java\jre6\bin\jq
de programas\Java\jre6\bin\ne
de programas\java\jre6\lib\de
de programas\Microsoft Silver
de programas\Nero\Nero 7\Nero
de programas\Nero\Nero 7\Nero
de programas\NVIDIA Corporati
de programas\real\realplayer\
de programas\Real\RealUpgrade
de programas\RegCleaner\RegCl
de programas\SUPERAntiSpyware
de programas\SUPERAntiSpyware
\SASCTXMN.DLL
MD5: 39763504067962108505bff25f024345 D:\Arquivos de programas\SUPERAntiSpyware
\SASDIFSV.SYS
MD5: 77b9fc20084b48408ad3e87570eb4a85 D:\Arquivos de programas\SUPERAntiSpyware
\SASKUTIL.SYS
MD5: 2975c66459c426c20bc22d639df6b611 D:\Arquivos de programas\SUPERAntiSpyware
\SASSEH.DLL
MD5: 2ab3a3c80c935bc6c86f3880f8f34bcc D:\Arquivos de programas\SUPERAntiSpyware
\SASWINLO.DLL
MD5: 225ad6a19686099114b4e428037dd8e4 D:\Arquivos de programas\Windows Live\Mes
senger\msgslang.14.0.8117.0416.dll
MD5: 6e4c2f9fd82449049ced08913a43da68 D:\Arquivos de programas\Windows Live\Mes
senger\msgsres.dll
MD5: d09bbf0d735692fb83027291b94d49a7 D:\Arquivos de programas\Windows Live\Mes
senger\msidcrl40.dll
MD5: 37c52cf6139a5450fa586138406c42bd D:\Arquivos de programas\Windows Live\Mes
senger\msnmsgr.exe
MD5: 6b4bb6a6a818a554f5645d7ef744e929 D:\Arquivos de programas\Windows Media Pl
ayer\wmpband.dll
MD5: 835b8f5523f2dc6b3f09b52dea5b7623 D:\Arquivos de programas\WinRAR\rarext.dl
l
MD5: cc54cd805b70dd0ddaadc00fc38c9994 d:\documents and settings\all users\dados
de aplicativos\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
MD5: ffbc753853d0dc6fae5494864553c833 D:\Documents and Settings\All Users\Dados
de aplicativos\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebro
wserrecordext.dll
MD5: 405c0112d5a83d06d1278df1a76488b3 D:\Documents and Settings\All Users\Dados
de aplicativos\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5vide
oshim.dll
MD5: 070c9e727db0f737e7bcdb5d20fe25ff D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\16.0.912.63\avcodec-53.
dll
MD5: e79019659e40af375a0ef8c823b2a3e8 D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\16.0.912.63\avformat-53
.dll
MD5: b3f0d68786088a483838125dbea25fbc D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\16.0.912.63\avutil-51.d
ll
MD5: 9ef096c9c4ef512ad2d60bfbb4e48bf8 D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\16.0.912.63\chrome.dll
MD5: be0ff1633a2b280fb455ccd07c111050 D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\16.0.912.63\gcswf32.dll
MD5: 843946febd8a3588dacd3b285774e2a6 D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\16.0.912.63\icudt.dll
MD5: 093c808b9f4f2cd0732b6c1dc4760b3f D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\16.0.912.63\pdf.dll
MD5: e9739e745835e7f658c078b36278deed D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\16.0.912.63\ppGoogleNaC
lPluginChrome.dll
MD5: 78d76239df5a161c702fdecc7d6e4863 D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
MD5: c6c08494bccdeaff3837e30dcb33485b D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pdnkci
dphdcakpkheohlhocaicfamjie\0.9.9.101_0\npqscan.dll
MD5: ebb3c5714874cdf1a4fa98f9b99bb834 D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Update\1.3.21.79\goopdate.dll
MD5: 8c2044169be2224c8a7cb8e81e7581af D:\Documents and Settings\CENTRAL\Configu
raes locais\Dados de aplicativos\Google\Update\1.3.21.79\npGoogleUpdate3.dll
MD5: 1bfc95f3c140b25d28f06ec89c7a9c9b D:\WINDOWS\AppPatch\AcAdProc.dll
MD5: dcd9f48529a56e51c6b9be4cb675081a D:\WINDOWS\kuya.exe
MD5: 219af0f9a54ebeeb3e7e20025d801034 D:\WINDOWS\Microsoft.NET\Framework\v2.0.5

0727\culture.dll
MD5: ea3af33a9341b88d23fdc20d6ec826fe D:\WINDOWS\Microsoft.NET\Framework\v2.0.5
0727\Fusion.dll
MD5: bf88feadc7786ea328bdcc5cb116de89 D:\WINDOWS\Microsoft.NET\Framework\v2.0.5
0727\mscorwks.dll
MD5: 758efd18aa9dccd9f9244b11a61feaf4 D:\WINDOWS\Microsoft.NET\Framework\v2.0.5
0727\pt-BR\ShFusRes.dll
MD5: 36ba8022693af7e967359ff3f97531d7 D:\WINDOWS\Microsoft.NET\Framework\v2.0.5
0727\Shfusion.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 D:\WINDOWS\Microsoft.NET\Framework\v3.5\W
indows Presentation Foundation\NPWPF.dll
MD5: e94ad4c9fa114394cd12a37bbc69fff8 D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchs
vc.dll
MD5: b7f79d9b2f13da92f21cf88405a9473b D:\WINDOWS\system32\ACTIVEDS.dll
MD5: cf6004ae4eef682424b0be418efd44dc D:\WINDOWS\system32\actxprxy.dll
MD5: 42ba7372c3a5e7efbec986045cd1c102 D:\WINDOWS\system32\Adobe\Director\np32ds
w.dll
MD5: c8037ed502658cc8be057d33d981de93 D:\WINDOWS\system32\adsldpc.dll
MD5: 116ed54dc5d315cd573c22d35e161928 D:\WINDOWS\system32\alrsvc.dll
MD5: f2bb68162d6ff7125475c077eb759acf D:\WINDOWS\system32\Apphelp.dll
MD5: 27683d3ee8fcb7e620b25c8a84b329d6 D:\WINDOWS\System32\appmgmts.dll
MD5: ca1f2daed01c98995586216e219e7f78 d:\windows\system32\audiosrv.dll
MD5: 7b7f8bf5464d541f841ce6d4831881e4 D:\WINDOWS\system32\AUTHZ.dll
MD5: e696ae3cd0e2c732d0adeaa4429e68a2 D:\WINDOWS\system32\basesrv.dll
MD5: 6ccb6106d92ea4c2048ad101aa189ae0 D:\WINDOWS\system32\BatMeter.dll
MD5: 572aeda840986672da2bb9d4183e2aa9 d:\windows\system32\browser.dll
MD5: a8f47171a4bbedc364f9ee00f5744dd4 D:\WINDOWS\system32\BROWSEUI.dll
MD5: 01733ecbbe18a301ebba170abd710a24 D:\WINDOWS\system32\BrUsi09c.dll
MD5: fb8015c72005252f1cf672e221070cbe D:\WINDOWS\system32\BrWia09c.dll
MD5: bbc6f62e8124aa96130be0166ef1f40d D:\WINDOWS\System32\Cabinet.dll
MD5: 3d8013f2099fa067efafe562743b36e7 d:\windows\system32\certcli.dll
MD5: 5592a7f0e3e0823e41ecafb8a4659280 D:\WINDOWS\system32\cidaemon.exe
MD5: afe848924fcf62665fc79d2bbb5e0665 D:\WINDOWS\system32\cisvc.exe
MD5: 7f3b35b7bab786e241c8903230836f81 D:\WINDOWS\system32\CLBCATQ.DLL
MD5: bee90ff2d8f0b9c58ca33e68d6bff681 D:\WINDOWS\system32\clipsrv.exe
MD5: 4ecccb77d15230708b256c96dd0d60e3 D:\WINDOWS\system32\CLUSAPI.DLL
MD5: 60c32bbcf8d60c60f0f680d6d59337a8 D:\WINDOWS\system32\cnbjmon.dll
MD5: d243456a2c48ad21a5488d264f447219 D:\WINDOWS\system32\colbact.DLL
MD5: 6cf079a582d64ac2bf7932f323f76bd2 D:\WINDOWS\system32\comctl32.dll
MD5: e4af98980d2cc93af4b6dabe36ad4b6f D:\WINDOWS\system32\comdlg32.dll
MD5: d3f8e8dbe93a80440cac78b305b40a67 D:\WINDOWS\system32\COMRes.dll
MD5: 121ec5592656412029ebc0ca849aa04d D:\WINDOWS\system32\credui.dll
MD5: b849ab3850a7c2db5b7cc22417c044ed D:\WINDOWS\system32\CRYPT32.dll
MD5: ae79c5a7ed2864e4df41517494524986 D:\WINDOWS\system32\cryptdll.dll
MD5: 554798aad881736dfc4d08c572decd7a d:\windows\system32\cryptsvc.dll
MD5: 8df720c25c16a75b198b20dad836fa59 D:\WINDOWS\system32\cryptui.dll
MD5: 2c4fcd36483a1f20ba367ed440a79d8a D:\WINDOWS\System32\cscui.dll
MD5: f106a7f997c78013c7177c314079943c D:\WINDOWS\system32\CSRSRV.dll
MD5: d48e5d05ed4cac6c905a2a608740a784 D:\WINDOWS\System32\davclnt.dll
MD5: e587eeb3da2390ae30053ec7ef2afd92 d:\windows\system32\dhcpcsvc.dll
MD5: 80557066058569bc5d55856592e20985 D:\WINDOWS\system32\dllhost.exe
MD5: ef80b7fee44df9848dbcdc6bde2daba4 D:\WINDOWS\System32\dmadmin.exe
MD5: 5dce442fed25d5c726b1f10e8766eb19 d:\windows\system32\dmserver.dll
MD5: 523eeaa389cbb833b870214421ce4901 D:\WINDOWS\system32\DNSAPI.dll
MD5: 2b3ec2efefd222ea15a06ed01e722060 d:\windows\system32\dnsrslvr.dll
MD5: 00bac879da641eb1b9e88dcdf475c6ef D:\WINDOWS\system32\dot3api.dll
MD5: 0b0adbbe198e834fb426e58255a017f9 D:\WINDOWS\system32\dot3dlg.dll
MD5: 9112c98090ed2914c44fb7616565848f D:\WINDOWS\System32\dot3svc.dll
MD5: cfcb02e103e44ac7080ca04c1b5c2d7c D:\WINDOWS\system32\DRIVERS\ACPI.sys
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
MD5:
1e44bc1e83d8fd2305f8d452db109cf9
033448d435e65c4bd72e70521fd05c76
92a964547b96d697e5e9ed43b4297f5a
f8002f47101ef7e4fbb4379452d16c91
fe2c5d52066427c82ee473da3b5065c1
e8bea86235097294b6776d91328109ba
9309c5c9831203436e64cf2ae605c5d7
deff87f04ab5f6dd5edf2b80853bbe10
ce37e3d51912e59c80c6d84337c0b4cd
aaa8999a169e39fb8b48ae49cd6ac30a
06c65ac0a703cf8eea4f284d901a1550
d24d7839d594b255e1c298245b7ba6a2
485bc6beb778b5e9702e6aa3d384c0cb
2f61347dc1e20b593f8b66a92d9a46b4
d3d4832b494cbf9a87cf86d7517013cb
a23a5edd91db897d1c8f0c2e9458e0b0
53d3dba64871148591bfe21b492c3558
7d304a5eb4344ebeeab53a2fe3ffb9f0
0109c4f3850dfbab279542515386ae22
4b54dcd6adee535df80f07c59ddd8f14
a12ec731bb00adad2d016d41c1f18fa4
619d8943725402d1179941fd58574cc8
5dc6a149897820de315916b6ec984ec9
f97146d1a50500b38ec8d4015e83e0a7
62e28fb2d275059532389c615c04e054
062fb5780702c9bc28508b8fb56778f7
68d749b04bfbbd4d4d15cc5185afa4dd
d6c5a1a97fe0c533e712652ad9dc00d4
47ddfc2f003f7f9f0592c6874962a2e7
d24ea301e2b36c4e975fd216ca85d8e7
80952920d6fdd8d65d37f488de340b5d
1385e5aa9c9821790d33a9563b8d2dd0
570779360c0992d6df158f44aa9017f1
9948bf8d07fba0d5b259131421b386c1
f262d9a43bcba435d98afc40186e9cac
9b991d139c61a274324b58c026096d83
402ee8993f26d935bbfef62e1d1d1fb7
d07c97ade0a0427989573e326a081412
a8cdc8dece4735b86bbef28460996c30
481463c3384beadfce2b1400a50f7d35
79e532e2521f36e385f1473bfd46939f
4059795b00b6b23b7814018d2fbb84fb
cd0ebe7c7e0b552db7e6c3d5de9700ba
cbfbf4bd992ea7e5b2ac849659017f48
809b16d77c7c4c7e75150ae67128a791
f0f667dec61c099a28de653bf5b5dfea
c8fa7f0b81c9a217c160268b892ec819
05c621eaa979d33a12f3b510ff4c6f9f
80390e3b0222b30f1c5d676f95ffb760
7a7f2f2d69fe695495e65489c43dd3be
67dc3ada39ac3568ffcffe0f2deda920
0f70b1a8839bd83db28210b6f11f9058
c4147970b74a89bb393294138b48884e
2e502d9ab676eaae3d6463aa5d05e826
6705d283ea00ad8cf13e1753a6803dbd
1e47527c69e79ecc13326bfb2e178394
193a05e64f13843a82401cf3a63498fb
fed687d9540c8958a9f0f1816e251024
dfbfd24f448fc40c8ee880fa769f873b
de3745a51b7ac7fedc356a83f76c8023
D:\WINDOWS\System32\drivers\afd.sys
D:\WINDOWS\system32\DRIVERS\AmdPPM.sys
D:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
D:\WINDOWS\System32\drivers\dmboot.sys
D:\WINDOWS\System32\drivers\dmio.sys
D:\WINDOWS\system32\drivers\dvdfab.sys
D:\WINDOWS\system32\DRIVERS\eamon.sys
D:\WINDOWS\system32\DRIVERS\ehdrv.sys
D:\WINDOWS\System32\Drivers\ElbyCDFL.sys
D:\WINDOWS\System32\Drivers\ElbyCDIO.sys
D:\WINDOWS\system32\DRIVERS\epfwtdir.sys
D:\WINDOWS\system32\DRIVERS\ftdisk.sys
D:\WINDOWS\system32\DRIVERS\i8042prt.sys
D:\WINDOWS\system32\DRIVERS\isapnp.sys
D:\WINDOWS\system32\DRIVERS\kbdclass.sys
D:\WINDOWS\system32\DRIVERS\mouclass.sys
D:\WINDOWS\system32\DRIVERS\mouhid.sys
D:\WINDOWS\system32\DRIVERS\mrxsmb.sys
D:\WINDOWS\system32\DRIVERS\ndistapi.sys
D:\WINDOWS\system32\DRIVERS\nv4_mini.sys
D:\WINDOWS\system32\DRIVERS\NVENETFD.sys
D:\WINDOWS\system32\DRIVERS\nvgts.sys
D:\WINDOWS\system32\DRIVERS\nvnetbus.sys
D:\WINDOWS\system32\DRIVERS\pci.sys
D:\WINDOWS\system32\DRIVERS\pciide.sys
D:\WINDOWS\system32\DRIVERS\processr.sys
D:\WINDOWS\system32\DRIVERS\redbook.sys
D:\WINDOWS\system32\DRIVERS\sr.sys
D:\WINDOWS\system32\DRIVERS\srv.sys
D:\WINDOWS\system32\DRIVERS\tcpip.sys
D:\WINDOWS\system32\drivers\viahduaa.sys
D:\WINDOWS\System32\Drivers\wpdusb.sys
D:\WINDOWS\System32\drprov.dll
d:\windows\system32\EapolQec.dll
D:\WINDOWS\system32\eappcfg.dll
D:\WINDOWS\system32\eappprxy.dll
D:\WINDOWS\System32\eapsvc.dll
d:\windows\system32\ersvc.dll
D:\WINDOWS\system32\eventlog.dll
D:\WINDOWS\system32\hid.dll
d:\windows\system32\hidserv.dll
D:\WINDOWS\system32\hnetcfg.dll
d:\windows\system32\ICAAPI.dll
D:\WINDOWS\system32\ieframe.dll
D:\WINDOWS\system32\iertutil.dll
D:\WINDOWS\system32\IMAGEHLP.dll
D:\WINDOWS\system32\imapi.exe
D:\WINDOWS\system32\IMM32.DLL
D:\WINDOWS\system32\inetcomm.dll
D:\WINDOWS\system32\inetpp.dll
D:\WINDOWS\system32\IPHLPAPI.DLL
d:\windows\system32\ipnathlp.dll
D:\WINDOWS\system32\ipsecsvc.dll
D:\WINDOWS\system32\kerberos.dll
D:\WINDOWS\System32\kmsvc.dll
D:\WINDOWS\system32\LINKINFO.dll
d:\windows\system32\lmhsvc.dll
D:\WINDOWS\system32\locator.exe
D:\WINDOWS\system32\LSASRV.dll
D:\WINDOWS\system32\Macromed\Flash\NPSWF3
2.dll
MD5: 13a1ab08b4ab1a1a92faa533b6caa2a1
MD5: 56d4c3dd37e33baf2be045dcdbe07bc8
MD5: f70ccb59e0a325896d679a4935e4f835
MD5: e46f5d392e78a23acb2d271c396d4b58
MD5: 9a4d29d5f2cdf205b74bacd1029de5fe
MD5: e3a3a9d9637bd24ddb7b067111ed9868
MD5: 876611ddb9e36a94512dd1e61ebc5abb
MD5: 3cc86ca701ee4da0a5d6ea85cf75bd5b
MD5: 68a105cbf1a0bc6e5255ac0db561c10f
MD5: cf2bae9c79c39e012605647a485c1320
MD5: cf647fff068f2fff071afa5871777b82
MD5: c58e0367f951dacf32d801cf5f900ec5
MD5: 40d18424be6c011455c37fa46ee90b3d
MD5: 1dce231f3e55b71b66aa0b7b8fd9bd97
MD5: 65d6607de40d3c6e90c1da34c77a5cf4
MD5: 8c22083ed515dc94d575438662f0be6a
MD5: cb379439a2d0139e765b47d54b12f14b
MD5: 140ef97b64f560fd78643cae2cdad838
MD5: 4275ec856a60e7eb70e774223a8de352
MD5: a6bf7b0d7bf190adee8618906a0665a1
MD5: b16008da7e0d67b314c33010d4048397
MD5: a109d02040a22d69cdae5287418bbc0c
MD5: 63c2a8e1e33c8c714f11c91400f291e0
MD5: 070e2a3c3f8715c806bcacf1ab0e47f4
MD5: dfa714de2c743283e5dd912cd8c99e62
MD5: 6e9fbc68c80fbaeb207669ca7010f0c2
MD5: 4fcf99a0cb41cc9660151120c5f7ec54
MD5: cd394c2364bf59bae06c614c1ecf3e7d
MD5: 765433a4035c7fb8d0e21ee00dfc26b0
MD5: 49897d67b04e62f8e59eb8b1c7df7072
MD5: b199c4f441ddab10253abc0ac4858bff
MD5: 9a5846756de876a5394c524ec762ab91
MD5: afd59e255a5932a5e1905a08085ff303
MD5: d452067f710f1aac27fe65ac6ab38a2e
MD5: b7f4168a13d253ddacb9c04a9434857c
MD5: ec361eadd9e78bc4a64c4bc2e8f3ccbf
MD5: d08ca01360f11b3ff994ab0ba791a7dd
MD5: d8769496362e2e3739c2bb1b6b99574a
MD5: 209683d85036aaa4e4d8ca732fa51a2b
MD5: ab620d040529c26abb6754804926405e
MD5: 2161b0a46c4f57fa3645dd881572962c
MD5: 7a50e919f9cf6d3850a40c18f92c5e03
MD5: 0573c75a2895d973ea6ef2495620ba49
MD5: 49a99770cc24a41a35f02630d7b74218
MD5: 258cae6724df85bd3d7a43cfa4ae13c7
MD5: 39af06704835f7bc76cb0292a382843a
MD5: 20200ee3cfe10e9f0c028d8653be11c6
MD5: 2f2e9d7b10da7d70a15634bf737a290e
MD5: 4bb1a834f56058a3721c4050d03dfd78
MD5: fd31c18ee685587304e1416ace1b4af7
MD5: c008bbc88156e0ee109c7ff445cd9555
MD5: 5600fa4294b3df465107c150f6d7ffbb
MD5: 7e39594b4e00fa7bf8b69ae6bfb06051
MD5: c231e7793c6c60faf648f8d8ea25f133
MD5: d41e371703b0cbb03bc15b8e99d5818c
MD5: 95136a7b9c25e66860e97e823efdc54d
MD5: 225d8c522b0637dfa3bc30c52755400f
MD5: f0f5eef8c4b0444e6e4d8e09f7a8f0a8
MD5: f1062c74318a5aadaeeaf404633520db
D:\WINDOWS\system32\MFC42LOC.DLL
D:\WINDOWS\system32\MFC42u.DLL
D:\WINDOWS\system32\midimap.dll
D:\WINDOWS\system32\mlang.dll
D:\WINDOWS\system32\mnmsrvc.exe
D:\WINDOWS\system32\mpr.dll
D:\WINDOWS\system32\MPRAPI.dll
D:\WINDOWS\System32\mprdim.dll
D:\WINDOWS\system32\MSACM32.dll
D:\WINDOWS\system32\msacm32.drv
D:\WINDOWS\system32\MSCTF.dll
D:\WINDOWS\system32\msdtc.exe
D:\WINDOWS\system32\MSGINA.dll
D:\WINDOWS\System32\msgsvc.dll
D:\WINDOWS\system32\mshtml.dll
D:\WINDOWS\system32\msi.dll
D:\WINDOWS\system32\msimg32.dll
D:\WINDOWS\system32\MsPMSNSv.dll
d:\windows\system32\mstlsapi.dll
D:\WINDOWS\system32\MSUTB.dll
D:\WINDOWS\system32\MSVBVM60.DLL
D:\WINDOWS\system32\MSVCP60.dll
D:\WINDOWS\system32\msvcrt.dll
D:\WINDOWS\system32\mswsock.dll
D:\WINDOWS\system32\mui\0016\hhctrlui.dll
D:\WINDOWS\system32\NCObjAPI.DLL
D:\WINDOWS\system32\NDdeApi.dll
D:\WINDOWS\system32\netcfgx.dll
D:\WINDOWS\system32\netdde.exe
D:\WINDOWS\system32\netlogon.dll
d:\windows\system32\netman.dll
D:\WINDOWS\system32\NETRAP.dll
D:\WINDOWS\System32\NETUI0.dll
D:\WINDOWS\System32\NETUI1.dll
D:\WINDOWS\system32\ntdll.dll
D:\WINDOWS\system32\NTDSAPI.dll
D:\WINDOWS\System32\ntlanman.dll
D:\WINDOWS\system32\NTMARTA.DLL
D:\WINDOWS\system32\ntmssvc.dll
D:\WINDOWS\system32\ntshrui.dll
D:\WINDOWS\system32\nvapi.dll
D:\WINDOWS\system32\NvCpl.dll
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\ODBC32.dll
D:\WINDOWS\system32\odbcint.dll
D:\WINDOWS\system32\ole32.dll
D:\WINDOWS\system32\OLEACC.dll
D:\WINDOWS\system32\OLEAUT32.dll
D:\WINDOWS\system32\OneX.DLL
D:\WINDOWS\system32\pjlmon.dll
D:\WINDOWS\system32\POWRPROF.dll
D:\WINDOWS\system32\PROFMAP.dll
D:\WINDOWS\system32\PSAPI.DLL
D:\WINDOWS\system32\psbase.dll
D:\WINDOWS\system32\pschdprf.dll
D:\WINDOWS\system32\pstorsvc.dll
D:\WINDOWS\System32\qagentrt.dll
D:\WINDOWS\system32\qmgr.dll
d:\windows\system32\QUtil.dll
MD5: 889a287a7b2393109ea6847aa68cd4e9
MD5: 922dc3ad14add52bb9d377ccb28d67d0
MD5: 62f926b999486f11cb942186afe75246
MD5: 5f52a36def324738be4314bf99c057f8
MD5: 049be34d01e271e38c7c0b4c6a89bb29
MD5: afe2b3ac6c75a93cd869cea93cb453cb
MD5: 942c2eabb28035a735c958de94567a9d
MD5: 70870e16ba3e1b4336c53f483d67ff25
MD5: 087f126c97eae396e6520bb5452bc62c
MD5: 89ff4eebc6541fd93e2c18163c5952b0
MD5: 669b392eb438238e76ab120e02fb48e5
MD5: f86a0b0db5dee90be805d4a5f732ac30
MD5: 8401af03ca354b637e9af2d6ac5a1a06
MD5: 69647cac7369c91b6cf202e3f3509123
MD5: b122d463c76e0305c6f0c76932969f62
MD5: 879e802ef4ef2405014b170ea41e552b
MD5: 0c6b0a7a0a261e672e1a37d954ef00d5
MD5: 2b8a8cb21b259fbf2cbff7f99fb36dae
MD5: 9c2c97df8224061d9f7ee18bca61b02e
MD5: 8c4bb5aaf97ced66056fde818e61dde9
MD5: ecc3ba2be40ed02d2b46089c7f913f49
MD5: ed51239581e75663e98397209b33f28c
MD5: 51ce9301aa937291c259482a7d752f77
MD5: 2916340942247186b710eb5fb02b6a55
MD5: 39fd0dd101277f7261c7d602462c9a95
MD5: 38f24e8e1e0efb015659b72eb5219fff
MD5: 16b88a42ce305eb052ff28e33c443812
MD5: 704cd64418749ffa1514a59a7155f623
MD5: ccc42efada089fe86d679634b9798d55
MD5: b2ec6d6cc31abf1862801dfbd1c7219e
MD5: 4aab517877a3027709f66cfeac99c2de
MD5: 437fc1299848be24a5c76150e7482676
3\BRIL10A.DLL
MD5: 9d5cfee7f56db974bf227bc464b5f46e
3\briu10a.dll
MD5: dcd9f48529a56e51c6b9be4cb675081a
MD5: 20ef8e5b1425dbb98006fade559f9fc1
MD5: 60784f891563fb1b767f70117fc2428f
MD5: 4423787f4261ee43b7341429af0cbb77
MD5: 7f6662b002d84dcaf23ef71cffd6c3c7
MD5: 4424ae68e670d1270f5026e1af417933
MD5: ff266d3e7a5022a955d8be52e0c018fe
MD5: c89ad65ea13c14dba8ec9b5cb4c683cb
MD5: d5d12a7e1e9ea3f4e39cb35866541c54
MD5: fefa8cebd17a788fdcb9a1c78311afc3
MD5: 19f91b14fe01c76a995602d6bc5fd884
MD5: 0f4db70dce17b9dc1a5d835b1a5ee469
MD5: dc4e838d7b5a5e65300be3ecba2eaa20
MD5: da5006fb6163e9662696cc888151667d
MD5: cf25316a8e514fcc795d849b133da527
MD5: 9e1a74113282bf7d8898a5a21a2a40bf
MD5: e3c0a6f5732c9e9b2bd2fd3d0afceb87
MD5: 90f7ea72f20986d88533a99ef7d42a34
MD5: 421c0a7bed43eda7c4e07d2a7a8c0a67
MD5: e108c0a593b0474ffd11b034cdd8399e
MD5: 54907db28872a7a6d3ee2b4747a23828
MD5: d988fbd795104a7ff6b7923b4331c2a8
MD5: b441ef945ad4b44661a8d257d9032d44
D:\WINDOWS\system32\rasadhlp.dll
D:\WINDOWS\system32\rasapi32.dll
D:\WINDOWS\System32\rasauto.dll
D:\WINDOWS\System32\RASDLG.dll
D:\WINDOWS\system32\rasman.dll
d:\windows\system32\rasmans.dll
D:\WINDOWS\system32\REGAPI.dll
D:\WINDOWS\system32\regsvc.dll
D:\WINDOWS\system32\RESUTILS.DLL
D:\WINDOWS\system32\RPCRT4.dll
D:\WINDOWS\system32\rsvp.exe
D:\WINDOWS\system32\rtutils.dll
D:\WINDOWS\system32\SAMLIB.dll
D:\WINDOWS\system32\SAMSRV.dll
D:\WINDOWS\System32\SCardSvr.exe
D:\WINDOWS\system32\scecli.dll
D:\WINDOWS\system32\SCESRV.dll
D:\WINDOWS\system32\schannel.dll
D:\WINDOWS\system32\schedsvc.dll
D:\WINDOWS\System32\seclogon.dll
d:\windows\system32\sens.dll
D:\WINDOWS\system32\SensApi.dll
D:\WINDOWS\system32\sessmgr.exe
D:\WINDOWS\system32\SETUPAPI.dll
D:\WINDOWS\system32\sfc.dll
D:\WINDOWS\system32\sfc_os.dll
D:\WINDOWS\system32\shdoclc.dll
D:\WINDOWS\system32\SHELL32.dll
D:\WINDOWS\system32\ShimEng.dll
D:\WINDOWS\system32\SHSVCS.dll
D:\WINDOWS\system32\smlogsvc.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\
D:\WINDOWS\System32\spool\DRIVERS\W32X86\
D:\WINDOWS\system32\spool\mdm.exe
D:\WINDOWS\system32\spool\spool.exe
D:\WINDOWS\system32\spool\svchost.exe
D:\WINDOWS\system32\SPOOLSS.DLL
D:\WINDOWS\system32\spoolsv.exe
d:\windows\system32\srsvc.dll
d:\windows\system32\srvsvc.dll
d:\windows\system32\ssdpsrv.dll
D:\WINDOWS\system32\stobject.dll
D:\WINDOWS\system32\SXS.DLL
D:\WINDOWS\system32\TAPI32.dll
d:\windows\system32\tapisrv.dll
D:\WINDOWS\system32\tcpmon.dll
d:\windows\system32\termsrv.dll
D:\WINDOWS\system32\themeui.dll
D:\WINDOWS\system32\tlntsvr.exe
d:\windows\system32\trkwks.dll
D:\WINDOWS\system32\umpnpmgr.dll
D:\WINDOWS\System32\upnphost.dll
D:\WINDOWS\System32\ups.exe
D:\WINDOWS\system32\urlmon.dll
D:\WINDOWS\system32\usbmon.dll
D:\WINDOWS\system32\USER32.dll
D:\WINDOWS\system32\USERENV.dll
D:\WINDOWS\system32\usp10.dll
MD5: 81df75df3b4f85af7a0d2fafce2e0934 D:\WINDOWS\system32\UTILDLL.dll

MD5: faddca6414d67f76377074445dd200fa D:\WINDOWS\system32\UxTheme.dll
MD5: 5383e4c03d7aae01aa653e756cf20d2e D:\WINDOWS\system32\VERSION.dll
MD5: 5d0dd605dcb7712eb6c07dcf13231ed6 D:\WINDOWS\system32\VSSAPI.DLL
MD5: b919e15684e7410638fa5ee1bee4e403 D:\WINDOWS\System32\vssvc.exe
MD5: e41419f44ac35dd414d436479a0ed211 D:\WINDOWS\system32\w32time.dll
MD5: fcf0baacf583cfcd49f8d90e74a6a829 D:\WINDOWS\System32\w3ssl.dll
MD5: 59cb21d51408ca313208254a955bf93c D:\WINDOWS\System32\Wbem\esscli.dll
MD5: aad80f22e14a54b10250d82dd8dac51b D:\WINDOWS\system32\wbem\ncprov.dll
MD5: 0a4ba6085f568024be98b5a2c844e52f D:\WINDOWS\system32\wbem\repdrvfs.dll
MD5: 24fdbdc6e249218fef7e24079e14ac6f D:\WINDOWS\system32\wbem\wbemcomn.dll
MD5: 912fc613fe6356172c1b1a36b8d41111 D:\WINDOWS\System32\Wbem\wbemcore.dll
MD5: 448daa6227885acf0583c0eedd68421a D:\WINDOWS\system32\wbem\wbemess.dll
MD5: 3d4330bab77566fa1eb5d98245e9d1a5 D:\WINDOWS\system32\wbem\wbemsvc.dll
MD5: ed39d9be73cf2c95459cb029fde6ee9e D:\WINDOWS\system32\wbem\wmiapsrv.exe
MD5: 4176f07a724aec7e4722a2d539edc0b7 d:\windows\system32\wbem\wmisvc.dll
MD5: 138e04814b16911bd7c62cd05b33239c D:\WINDOWS\system32\wbem\wmiutils.dll
MD5: b95d37cfac66814bb7af14c9f2f6549c D:\WINDOWS\system32\wdmaud.drv
MD5: 4c86b7d21fe028c2ffbd2b4e6fccfb59 d:\windows\system32\webclnt.dll
MD5: 8bcdaecab7bc90e116ed6bb104eedbec d:\windows\system32\wiaservc.dll
MD5: b1253ec63b8fd371d6bd28ed4f07363c D:\WINDOWS\system32\win32spl.dll
MD5: ff2d779aba637062e34df520f087dfbd D:\WINDOWS\system32\WININET.dll
MD5: 709ca9f6ff08f3257c9eeffa8967e279 D:\WINDOWS\system32\WINIPSEC.DLL
MD5: 30c879e31a793428dad2d5fca95c9c22 D:\WINDOWS\system32\WINMM.dll
MD5: 50748522b39d42368204c1494a8dbb92 D:\WINDOWS\system32\WINSCARD.DLL
MD5: 72aa3f5e0c5ff03f8bb005b5e1a70576 D:\WINDOWS\system32\winspool.drv
MD5: 3ca616415d31f6732ba7681b5478a49e D:\WINDOWS\system32\winsrv.dll
MD5: af2777d31b4a5e89e5d6040cb06e2f4d D:\WINDOWS\system32\WINSTA.dll
MD5: c179fcc15dce76828584743783ff3daf D:\WINDOWS\system32\WLDAP32.dll
MD5: 7a01fb4a8f97a8a532d8bbba887a15c1 D:\WINDOWS\system32\wmadmod.dll
MD5: 289b5b83f5d12f46cc16608729e05b48 D:\WINDOWS\system32\WMASF.DLL
MD5: e30ef625a8a8c6a51b75a7ffc437a97a D:\WINDOWS\system32\WMI.dll
MD5: 1fa3c4b2d7e35176e65fb69ab597b0f0 D:\WINDOWS\system32\WS2_32.dll
MD5: 6832c2fb8f0d4e97b850bc6515a49633 D:\WINDOWS\system32\WS2HELP.dll
MD5: b57e408b8e0758af6ea4bf37b3adc91d d:\windows\system32\wscsvc.dll
MD5: 7ac649ba34af371d30ac3f79104a3015 D:\WINDOWS\System32\wshtcpip.dll
MD5: d20148ae41d6e6255f04c29471795582 D:\WINDOWS\system32\wsock32.dll
MD5: f87b798185351ef64bd4ec4e41f5347b D:\WINDOWS\system32\WTSAPI32.dll
MD5: eb4ea477b7b4959d41b153c6d3cd869b d:\windows\system32\wuauserv.dll
MD5: 4ef07effb4f27d88291df76aaf85183e d:\windows\system32\WZCSAPI.DLL
MD5: 8719487cf834e0560984bec1a33855ce d:\windows\system32\WZCSvc.DLL
MD5: 568df6e220b431a92b57c4c3bd97870d D:\WINDOWS\System32\xmlprov.dll
MD5: 067bc1a479f874b01f76713f730d9040 D:\WINDOWS\system32\xpsp1res.dll
MD5: a626f0fbdb61c1363afb9d00fa3dad83 D:\WINDOWS\system32\xpsp3res.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_
1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_
1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a D:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_
1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80U.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_
1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_
1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
MD5: 3976fae773878603e12188b29b86fd69 D:\WINDOWS\WinSxS\x86_Microsoft.Windows.C
ommon-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MD5: b7be09e42773c723bbda251979e04e48 D:\WINDOWS\WinSxS\x86_Microsoft.Windows.G
diPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll
MD5: 3318af3aa2c87e475776e8780259d91a E:\Nexcafe\aosmtp.dll
MD5: bd71201db2fbb0f9e40d46fd986db19e E:\nexcafe\NexAdmin.exe
MD5:
MD5:
MD5:
MD5:
MD5:
d24b052325fcfceac7c859fa9c91afaa
135851f6f831b6af68849e719cef3b96
33747e911eb348a8a6a070c3a6d45222
840505569f465f76e2c1e94b4420e666
5578d7d35924bc34804f8fb598110a09
E:\nexcafe\NexServ.exe
E:\TARITRON WINDOWS\Bilhetagem.exe
E:\TARITRON WINDOWS\c100032.dll
E:\TARITRON WINDOWS\c50032.dll
E:\TARITRON WINDOWS\C500NT.DLL
Nenhum arquivo carregado.

Fim da Anlise - a comunicao levou 3 seg
Trfego Total - 0.02 MB enviados, 2.39 KB receb
Analisados 630 arquivos e mdulos - 32 segundos
==============================================================================

Report 2012-01-03 22.15.24

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Report 2012-01-03 22.15.24

Uploaded by

Copyright:

Available Formats

QuickScan 32-bit v0.9.9.

4 arquivos infectados encontrados!

Sistema operacional Microsoft Windows 1544

Sistema Operacional Microsoft Windows

80 (HTTP) --> 74.125.234.91

Processo NexServ.exe (480) escuta na porta: 16200, 16201, 16205

Microsoft Windows Operating System

Microsoft Windows Operating System

NVIDIA Windows Display driver, Version

Java(TM) Platform SE 6 U29

MD5: 219af0f9a54ebeeb3e7e20025d801034 D:\WINDOWS\Microsoft.NET\Framework\v2.0.5

MD5: 81df75df3b4f85af7a0d2fafce2e0934 D:\WINDOWS\system32\UTILDLL.dll

Nenhum arquivo carregado.

You might also like