Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Olá, gostaria que analisassem este log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:41:53, on 01/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sttray.exe
C:\Arquivos de programas\Intel\IDU\iptray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\Arquivos de programas\iTunes\iTunesHelper.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Arquivos de programas\Intel\IDU\awServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Hijack\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thefreevpn.com/home.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O1 - Hosts: 209.59.210.202 bradesco.com.br
O1 - Hosts: 209.59.210.202 w.bradesco.com.br
O1 - Hosts: 209.59.210.202 ww.bradesco.com.br
O1 - Hosts: 209.59.210.202 www.bradesco.com.br
O1 - Hosts: 209.59.210.202 wwww.bradesco.com.br
O1 - Hosts: 209.59.210.202 bancobradesco.com.br
O1 - Hosts: 209.59.210.202 w.bancobradesco.com.br
O1 - Hosts: 209.59.210.202 ww.bancobradesco.com.br
O1 - Hosts: 209.59.210.202 www.bancobradesco.com.br
O1 - Hosts: 209.59.210.202 wwww.bancobradesco.com.br
O1 - Hosts: 67.223.236.23 bb.com.br
O1 - Hosts: 67.223.236.23 w.bb.com.br
O1 - Hosts: 67.223.236.23 ww.bb.com.br
O1 - Hosts: 67.223.236.23 www.bb.com.br
O1 - Hosts: 67.223.236.23 wwww.bb.com.br
O1 - Hosts: 67.223.236.23 bancodobrasil.com.br
O1 - Hosts: 67.223.236.23 w.bancodobrasil.com.br
O1 - Hosts: 67.223.236.23 ww.bancodobrasil.com.br
O1 - Hosts: 67.223.236.23 www.bancodobrasil.com.br
O1 - Hosts: 67.223.236.23 wwww.bancodobrasil.com.br
O1 - Hosts: 67.223.236.23 bancodobrasil.com.br
O1 - Hosts: 209.40.202.122 w.itau.com.br
O1 - Hosts: 209.40.202.122 ww.itau.com.br
O1 - Hosts: 209.40.202.122 www.itau.com.br
O1 - Hosts: 209.40.202.122 wwww.itau.com.br
O1 - Hosts: 209.40.202.122 ibankline.itau.com.br
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ipTray.exe] "C:\Arquivos de programas\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1045_Safari/532.5" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6ED63BF-48EA-49FF-B3BF-A0E98B62947B}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Admin Works Agent X8 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Arquivos de programas\Intel\IDU\awServ.exe
O23 - Service: Google Update Service (gupdate1ca7415f53b919c) (gupdate1ca7415f53b919c) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Nokia - (no file)
O23 - Service: nProtect GameGuard Service (npggsvc) - Nokia - (no file)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Arquivos de programas\proXPN\bin\openvpnserv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
--
End of file - 12825 bytes
Boa tarde! DigRam
Desculpe por estar respondendo apenas hoje. Eu já tenho o Malwarebytes de outra análise, e no dia 22 fiz uma verificação completa nele.
Malwarebytes' Anti-Malware 1.44
Versão do banco de dados: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
22/05/2010 03:57:46
mbam-log-2010-05-22 (03-57-46).txt
Tipo de Verificação: Completa (C:\|)
Objetos verificados: 285260
Tempo decorrido: 1 hour(s), 37 minute(s), 57 second(s)
Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registro infectadas: 0
Valores do Registro infectados: 0
Ítens do Registro infectados: 0
Pastas infectadas: 0
Arquivos infectados: 0
Processos da Memória infectados:
(Nenhum ítem malicioso foi detectado)
Módulos de Memória Infectados:
(Nenhum ítem malicioso foi detectado)
Chaves do Registro infectadas:
(Nenhum ítem malicioso foi detectado)
Valores do Registro infectados:
(Nenhum ítem malicioso foi detectado)
Ítens do Registro infectados:
(Nenhum ítem malicioso foi detectado)
Pastas infectadas:
(Nenhum ítem malicioso foi detectado)
Arquivos infectados:
(Nenhum ítem malicioso foi detectado)
Hijack atualizado
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:31, on 23/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sttray.exe
C:\Arquivos de programas\Intel\IDU\iptray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\Arquivos de programas\iTunes\iTunesHelper.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Arquivos de programas\Intel\IDU\awServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\STacSV.exe
C:\Arquivos de programas\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Hijack\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thefreevpn.com/home.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ipTray.exe] "C:\Arquivos de programas\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1045_Safari/532.5" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6ED63BF-48EA-49FF-B3BF-A0E98B62947B}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Admin Works Agent X8 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Arquivos de programas\Intel\IDU\awServ.exe
O23 - Service: Google Update Service (gupdate1ca7415f53b919c) (gupdate1ca7415f53b919c) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Nokia - (no file)
O23 - Service: nProtect GameGuard Service (npggsvc) - Nokia - (no file)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Arquivos de programas\proXPN\bin\openvpnserv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
--
End of file - 11481 bytes
Boa Tarde! .matiello
<@> Baixe: < OTL > ( ...by OldTimer Tools )
<@> Salve-o no desktop!
<@> Clique duplo em: < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/Canned%2520Speeches/speechimages/OTL/otlDesktopIcon.png&key=1894e5d356219721410c3360cbf9af74877ae24ccc81ed88026fc2d95dd96a07" alt="otlDesktopIcon.png" /> >
<@> Ps: Sigamos,agora,com sua configuração!
<!> 1 - Em "Saída",deixe marcado o botão "Resumida".
<!> 2 - Marque as caixas: Verificar All Users e Incluir Verificação 64bit <-- Ps: Caso o SO seja 64 bit!
<!> 3 - Processos: Usar SafeList <-- Marque!
<!> 4 - Módulos: Usar SafeList <-- Marque!
<!> 5 - Serviços: Usar SafeList <-- Marque!
<!> 6 - Drivers: Usar SafeList <-- Marque!
<!> 7 - Exame Padrão do Registro: Usar SafeList <-- Marque!
<!> 8 - Exame Extra do Registro: Usar SafeList <-- Marque!
<!> 9 - Verificação de Arquivos:
<!> Data de Criação >> Escolha: 14 dias
<!> Marque: Usar WhiteList para Nomes de Companhias
<!> Marque: Ignorar Arquivos Microsoft
<!> 10 - Arquivos Criados Desde:
<!> Marque: Data de Criação
<!> 11 - Arquivos Modificados Desde:
<!> Marque: Data de Criação
<!> Marque as caixas:
[] Verificar Lop
[] Verificar Purity
<@> Ps: Sugiro que imprima estas orientações,para posterior leitura.
netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%SYSTEMDRIVE%\*.exe%SYSTEMDRIVE%\eventlog.dll /s /md5%SYSTEMDRIVE%\scecli.dll /s /md5%SYSTEMDRIVE%\sfcfiles.dll /s /md5%SYSTEMDRIVE%\netlogon.dll /s /md5%SYSTEMDRIVE%\cngaudit.dll /s /md5%SYSTEMDRIVE%\sceclt.dll /s /md5%SYSTEMDRIVE%\ntelogon.dll /s /md5%SYSTEMDRIVE%\logevent.dll /s /md5%SYSTEMDRIVE%\iaStor.sys /s /md5%SYSTEMDRIVE%\nvstor.sys /s /md5%SYSTEMDRIVE%\atapi.sys /s /md5%SYSTEMDRIVE%\IdeChnDr.sys /s /md5%SYSTEMDRIVE%\viasraid.sys /s /md5
<@> Ps: Copie e cole estas informações,que estão no Code,para o campo abaixo de: Exames Personalizados/Correções
<@> Clique em: Verificar --> Aguarde!
<@> Concluindo,poste:
<!> <1> OTL.txt <--
<!> <2> Extra.txt <--
Abraços!
OTL Extras logfile created on: 23/05/2010 17:36:02 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Marcus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 44,68 Gb Free Space | 29,98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MARCUS
Current User Name: Marcus
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Classes\<extension>].html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mega] -- "C:\Arquivos de programas\Megacubo\megacubo.exe" "%1" (www.megacubo.net )
Directory [mega2] -- Reg Error: Value error.
Directory [OneNote.Open] -- C:\ARQUIV~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"56458:TCP" = 56458:TCP:*:Enabled:Pando Media Booster
"56458:UDP" = 56458:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"56911:TCP" = 56911:TCP:*:Enabled:Pando Media Booster
"56911:UDP" = 56911:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Console de gerenciamento Microsoft -- (Microsoft Corporation)
"C:\Arquivos de programas\LimeWire\LimeWire.exe" = C:\Arquivos de programas\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Arquivos de programas\uTorrent\uTorrent.exe" = C:\Arquivos de programas\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Arquivos de programas\Mozilla Firefox\firefox.exe" = C:\Arquivos de programas\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Arquivos de programas\MegaJogos\jre\jre\bin\javaw.exe" = C:\Arquivos de programas\MegaJogos\jre\jre\bin\javaw.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Arquivos de programas\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.)
"C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe" = C:\Arquivos de programas\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Arquivos de programas\iTunes\iTunes.exe" = C:\Arquivos de programas\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Arquivos de programas\Megacubo\megacubo.exe" = C:\Arquivos de programas\Megacubo\megacubo.exe:*:Enabled:MegaCubo -- (www.megacubo.net )
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000416-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0621e6f6-d92f-4e86-80c0-827a41d6d5eb}" = Activation (Nero BackItUp 4)
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0b442a96-9827-468c-aa60-01e99d8a7267}" = Activation (Gracenote Plug-in)
"{0ba710c6-8c7b-4dbe-97fc-ea858dc8070d}" =
"{0C405D1F-359E-41C5-A1A9-383A04BBD5E2}" = Windows Live Galeria de Fotos
"{0db7db85-f544-4931-a34e-9e82a92766f2}" =
"{10db0b19-88d7-4265-80bf-0acbd0b1fd19}" =
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{12E876C2-E000-476B-8BD2-588F34DA91B5}" = LG PC Suite II
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{15552ad0-df14-4d23-837d-08b4fde36754}" = Blu-ray/HD DVD Video Plug-in
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live
"{20BCD471-7897-481D-ACF2-CB9BABF6A6CF}" = Nokia Software Updater
"{20c0d8cf-2ac8-46ab-add5-76cd78b3dd59}" =
"{218e3808-cf3c-479c-a8c5-a1505c0469cc}" =
"{22262b0a-3b10-4357-926a-a3ebf032553b}" = DTS Plug-in
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java 6 Update 20
"{27e43871-ff08-4836-a26b-15eb22798b97}" =
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{30cef77b-6787-4f78-983a-f91a8a596fc7}" =
"{31605b54-7199-4e7e-b352-2839da91c1c8}" =
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Kit de Instalação Automatizada do Windows
"{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36820BCA-FC55-452E-9085-6E6F1F55508D}" = TD74 USB2.0 PC Camera
"{381C70F0-FC2C-4BEF-B16C-B88FA67A6B7B}" = Assistente de Conexão do Windows Live
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3b196ff6-49d7-4db4-87af-18159e48356c}" =
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4252ce53-7f37-4890-adea-0493e19cb3f9}" = Blu-ray Disc Authoring Plug-in
"{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A
"{43773997-8869-41b0-ac9f-611e31fc0b54}" = Activation (Nero 9 HD)
"{43d50f2b-ae3d-4bf0-9c2a-4e59e2815e99}" =
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4ce4bbe0-917f-4bd7-8e41-1c05e1b366ea}" =
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{51882fcb-43e5-4215-843a-9f32718b5194}" = Gracenote Plug-in
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{595dd4d2-249e-4703-9295-20f2d7debbbe}" =
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5b61eb87-bc8c-4e3b-911c-494e00fbe8d9}" = Activation (Nero 9)
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5ee0ab1b-b292-4493-a136-7e551af39932}" =
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{6094AB91-4CC8-498E-9DFF-134CC0B159DE}" = PC Connectivity Solution
"{60adec32-dd16-4750-8694-733cfa673f45}" = SecurDisc Viewer
"{624DEAA0-B27D-444B-8BFE-70622B318A4A}" = Windows Live Toolbar
"{66373617-adac-41fc-9f25-1f40a3252c7c}" = Activation (Blu-ray Video Plug-in)
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.0.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6e7cf15a-c34a-465f-b920-7a8e95c536ba}" =
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72FBAFB6-74AD-4F70-932D-5E67DA728430}" = PS TO PC CONVERTER
"{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7a47cc9c-4a7d-45df-9a6c-e4327f844fbf}" = mp3PRO Plug-in
"{7d171aa6-b3f1-40b3-9d94-f462253a4908}" =
"{7d55bd62-d8bf-4780-b590-2663668150bd}" =
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{7f47f1cf-231a-42a8-8cda-b18f492c291e}" = Blu-ray/HD DVD Video Plug-in
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{826bb56e-9380-45aa-87ea-ed481ab5f447}" =
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8EADB73B-026D-4978-A8F0-1EEF5E1ECEC7}" = Windows Live Messenger
"{8f8fda1f-642e-4fb7-951d-baff9ac0a6d6}" = mp3PRO Plug-in
"{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12
"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007
"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{91316bf4-e575-4bf6-9ac9-d5e39688b527}" = Activation (Nero Move it)
"{91e73029-e85c-4452-8bae-571147c08073}" =
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{94C65B81-1CCE-3D93-95B5-853B1A3DA539}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PTB
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0416-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9555B4ED-09A3-4722-8E8C-57A49401D059}" = Windows Live Writer
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}" = Windows Live Sync
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = você 9.0 Runtime
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{a5ff89e8-1be4-4776-ae12-dc540cbe0c1e}" =
"{a6827757-19db-4bed-84b1-86cdc81d4dab}" = Nero 9
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{a89ed966-fb96-443b-8e10-5620c0c7042d}" = SecurDisc Viewer
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA6E423F-CBDF-3608-AC30-0CF08D7C9A07}" = Microsoft .NET Framework 3.5 Language Pack - ptb
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{ab77dc0c-d938-485f-86b5-0ff46a937e91}" = Nero InCD-Reader
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AD13F3C0-44D5-40F1-8210-A5672082B0DC}" = Gerenciador Sistema Auto Bradesco
"{adeefec8-ca78-4595-9c05-9103a05df1ed}" =
"{AE98861E-5D55-4787-9E18-6A054783D124}" = Windows XP Creativity Fun Packs - Windows Media Player 9 Series
"{aec8b462-fdb1-4943-ab91-0dcdd40a4aa8}" = Activation (Nero 9)
"{AF145F8997B44EE9B106D018EF1DB58B}" = DivX Converter Mobile
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B53F4598-B3D9-41DF-911E-523FA91EE464}" = Nokia Software Launcher
"{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{bd6e6050-48f5-425c-9ca1-ee7fe3701d5d}" = Activation (Nero MediaHome 4)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c8001efd-0ced-4866-96a0-daf77d83a263}" =
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{d08a04e7-3b50-4c13-bba6-4050a58e7811}" = Nero InCD-Reader
"{d2bbd42d-db76-4c0a-9333-8d7dc897b80c}" = DTS Plug-in
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{d7ac9e3e-fb31-4f37-a93d-206f5b1a445b}" = Activation (Blu-ray Disc Authoring Plug-in)
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{da4ae073-d3b5-45a4-8e7b-b16c63de00e2}" =
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{e61cf311-aa14-4de4-bcd6-aedb5df3e452}" =
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{eb9a5ab7-7c00-4517-aa9f-c074dd34361c}" =
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EDA9F30A-8B65-3E6F-B353-CCA1C9241471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PTB
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1932E56-8A95-40E0-A15B-E06B45969845}" = Nokia NSeries System Utilities
"{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F48C6EA5-3B43-11D6-86A6-0050BA0259A2}" = ICatch (VI) PC Camera
"{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F5982296-84CC-4D5B-B791-B03650F3380E}" = Intel® Desktop Utilities
"{F6B23E59-1240-4C20-AE0B-70658A91976A}" = Intel® PRO Network Connections
"{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier
"{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player
"{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer
"219b3bb94d71729d119ee9ce52d76000" = Receitanet Java 2008.01a
"2B45FB5A391CCFACD6A011BC0ECA0A4DC67D8AC7" = Windows Driver Package - Active Development Co., Ltd. (3xHybrid) MEDIA (03/24/2007 1.3.3.2)
"7-Zip" = 7-Zip 4.65
"Add/Remove Cleaner (v2.3)" = Add/Remove Cleaner (v2.3)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Agnitum Outpost Firewall_is1" = Outpost Firewall 2009
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Combat Arms" = Combat Arms
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Discador Velox_is1" = Discador Velox 0.98
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.00
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"FASoft Compressor v0.8" = FASoft Compressor v0.8
"Game Booster_is1" = Game Booster
"Garena" = Garena
"Google Chrome" = Google Chrome
"Hamachi" = Hamachi 1.0.3.0
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Informações Velox_is1" = Informações Velox
"InstallShield_{F5982296-84CC-4D5B-B791-B03650F3380E}" = Intel® Desktop Utilities
"InstallShield_{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III
"IRPF2008 - Declaração de Ajuste Anual" = IRPF2008 - Declaração de Ajuste Anual
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full)
"LimeWire" = LimeWire 5.1.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Megacubo_is1" = Megacubo 7.3.5
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack - ptb" = Microsoft .NET Framework 3.5 Language Pack - ptb
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MV AntiSpy 4.0_is1" = MV AntiSpy 4.0
"MV RegClean 5.5_is1" = MV RegClean 5.5
"NewBlue 3D Explosions for Vegas" = NewBlue 3D Explosions for Vegas
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Patch Brazukas Evolution 2009 v1.3 + Konami 1.3 ~0B162870_is1" = Brazukas Evolution 20090 v.1.3
"PluginPac" = DebugMode PluginPac (remove only)
"PokerStars" = PokerStars
"Programador de Modem Velox_is1" = Programador de Modem Velox 2.0
"proXPN" = proXPN 2.0.1
"Revo Uninstaller" = Revo Uninstaller 1.83
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Seven Remix XP" = Seven Remix XP 2.2
"SMBus" = Intel® SMBus
"Spyware Doctor" = Spyware Doctor 6.0
"SpywareBlaster_is1" = SpywareBlaster 4.2
"ST6UNST #1" = SubSync
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"The KMPlayer" = The KMPlayer (remove only)
"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition
"VobSub" = VobSub v2.23 (Remove Only)
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = Arquivo do WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Aion Private Patch - Versão 1.1" = Aion Private Patch - Versão 1.1
"e3b16aab256db613" = Scrim Spot Anti-Cheat
"NCsoft-Aion" = Aion
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/03/2010 19:45:33 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 13/03/2010 05:28:53 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 13/03/2010 06:19:03 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 13/03/2010 11:05:46 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 14/03/2010 10:18:13 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 14/03/2010 17:23:15 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 15/03/2010 09:44:50 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 15/03/2010 20:00:33 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 16/03/2010 09:30:57 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
Error - 16/03/2010 11:17:16 | Computer Name = MARCUS | Source = PerfNet | ID = 2004
Description = Não foi possível abrir o serviço do servidor. Os dados do desempenho
do servidor não serão retornados. O código de erro retornado está no dado DWORD
0.
[ OSession Events ]
Error - 27/06/2009 18:57:02 | Computer Name = MARCUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 83
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23/07/2009 18:38:50 | Computer Name = MARCUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29/09/2009 09:44:32 | Computer Name = MARCUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 60
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22/05/2010 08:49:00 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço NOD32 Kernel Service devido ao
seguinte erro: %%3
Error - 23/05/2010 12:42:50 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço AMON devido ao seguinte erro: %%2
Error - 23/05/2010 12:42:50 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço helpsvc devido ao seguinte erro:
%%2
Error - 23/05/2010 12:42:50 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço NOD32 Kernel Service devido ao
seguinte erro: %%3
Error - 23/05/2010 13:00:44 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço AMON devido ao seguinte erro: %%2
Error - 23/05/2010 13:00:44 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço helpsvc devido ao seguinte erro:
%%2
Error - 23/05/2010 13:00:44 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço NOD32 Kernel Service devido ao
seguinte erro: %%3
Error - 23/05/2010 13:43:10 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço AMON devido ao seguinte erro: %%2
Error - 23/05/2010 13:43:10 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço helpsvc devido ao seguinte erro:
%%2
Error - 23/05/2010 13:43:10 | Computer Name = MARCUS | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço NOD32 Kernel Service devido ao
seguinte erro: %%3
< End of report >
OTL logfile created on: 23/05/2010 17:36:02 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Marcus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 44,68 Gb Free Space | 29,98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MARCUS
Current User Name: Marcus
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Marcus\desktop\OTL.exe (OldTimer Tools)
PRC - C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Arquivos de programas\Intel\IDU\iptray.exe (OSA Technologies Inc., An Avocent Company)
PRC - C:\Arquivos de programas\Intel\IDU\awServ.exe (OSA Technologies Inc., An Avocent Company)
PRC - C:\WINDOWS\system32\stacsv.exe (SigmaTel, Inc.)
PRC - C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Marcus\desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Visual Studio Analyzer RPC bridge) -- File not found
SRV - (npggsvc) -- File not found
SRV - (NOD32krn) -- File not found
SRV - (OpenVPNService) -- C:\Arquivos de programas\proXPN\bin\openvpnserv.exe ()
SRV - (Apple Mobile Device) -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (SeaPort) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (acssrv) -- C:\Arquivos de programas\Agnitum\Outpost Firewall\acs.exe (Agnitum Ltd.)
SRV - (sdCoreService) -- C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (SNMP) -- C:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
SRV - (WLSetupSvc) -- C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (usnjsvc) -- C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (AWService) -- C:\Arquivos de programas\Intel\IDU\awServ.exe (OSA Technologies Inc., An Avocent Company)
SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (STacSV) -- C:\WINDOWS\system32\stacsv.exe (SigmaTel, Inc.)
SRV - (IDriverT) -- C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (Revoflt) -- C:\WINDOWS\system32\drivers\revoflt.sys (VS Revo Group)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (SandBox) -- C:\WINDOWS\system32\drivers\SandBox.sys (Agnitum Ltd.)
DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (epfwtdi) -- C:\WINDOWS\system32\drivers\epfwtdi.sys (ESET)
DRV - (Epfwndis) -- C:\WINDOWS\system32\drivers\epfwndis.sys (ESET)
DRV - (epfw) -- C:\WINDOWS\system32\drivers\epfw.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (afw) -- C:\WINDOWS\system32\drivers\afw.sys (Agnitum Ltd.)
DRV - (avgio) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (afwcore) -- C:\WINDOWS\system32\drivers\afwcore.sys (Agnitum Ltd.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (OSA Technologies, An Avocent Company)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (usbaudio) Driver de áudio USB (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (teamviewervpn) -- C:\WINDOWS\system32\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV - (WimFltr) -- C:\WINDOWS\system32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (lgmcmdm) -- C:\WINDOWS\system32\drivers\lgmcmdm.sys (MCCI Corporation)
DRV - (lgmcobex) -- C:\WINDOWS\system32\drivers\lgmcobex.sys (MCCI Corporation)
DRV - (lgmcmdfl) -- C:\WINDOWS\system32\drivers\lgmcmdfl.sys (MCCI Corporation)
DRV - (lgmcbus) LGE Mobile driver (WDM) -- C:\WINDOWS\system32\drivers\lgmcbus.sys (MCCI Corporation)
DRV - (AMON) -- C:\WINDOWS\system32\drivers\amon.sys (Eset )
DRV - (Cap7134) -- C:\WINDOWS\system32\drivers\Cap7134.sys (Philips Semiconductors)
DRV - (PhTVTune) -- C:\WINDOWS\system32\drivers\PhTVTune.sys (Philips Semiconductors)
DRV - (hid8101) -- C:\WINDOWS\system32\drivers\hid8101.sys (Compuware Corporation)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)
DRV - (nmwcdcm) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia)
DRV - (nmwcdcj) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia)
DRV - (smbusp) Intel® -- C:\WINDOWS\system32\drivers\intelsmb.sys (Intel Corporation)
DRV - (NCPro) -- C:\WINDOWS\system32\drivers\MTictwl.sys ()
DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTictwl.sys ()
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI)
DRV - (exdisk) -- C:\WINDOWS\system32\drivers\exdisk.sys ()
DRV - (SMBios) Intel ® -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)
DRV - (CA561) ICatch (VI) -- C:\WINDOWS\system32\drivers\SPCA561.SYS (SP)
DRV - (RMSPPPOE) WAN Miniport (PPP over Ethernet Protocol) -- C:\WINDOWS\system32\drivers\RMSPPPOE.SYS (Robert Schlabbach)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://thefreevpn.com/home.php
IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7A B1 BB 11 14 45 CA 01 [binary data]
IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://thefreevpn.com/home.php"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..keyword.URL: "http://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p="
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 1
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2010/04/19 16:49:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2010/05/07 13:55:51 | 000,000,000 | ---D | M]
[2009/03/22 22:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Extensions
[2009/03/22 22:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Extensions\mozswing@mozswing.org
[2010/04/19 12:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions
[2009/09/04 19:17:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/19 10:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2009/12/19 10:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\DTToolbar@toolbarnet.com
[2009/10/24 11:59:58 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\searchplugins\daemon-search.xml
[2009/03/24 20:47:09 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\searchplugins\live-search.xml
[2009/04/09 15:25:29 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\searchplugins\yahoo.xml
[2010/05/07 13:55:52 | 000,000,000 | ---D | M] -- C:\Arquivos de programas\Mozilla Firefox\extensions
[2010/05/07 13:55:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/07/02 23:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2009/09/01 03:33:42 | 000,177,304 | ---- | M] (MGame) -- C:\Arquivos de programas\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2009/05/10 21:35:00 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Arquivos de programas\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/11/02 23:03:59 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml
[2009/11/02 23:03:59 | 000,001,135 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml
[2009/11/02 23:03:59 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml
[2009/11/02 23:03:59 | 000,000,648 | ---- | M] () -- C:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml
O1 HOSTS File: ([2010/05/23 13:56:33 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\..\Toolbar\WebBrowser: (Barra de ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ipTray.exe] C:\Arquivos de programas\Intel\IDU\iptray.exe (OSA Technologies Inc., An Avocent Company)
O4 - HKLM..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [OutpostFeedBack] C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Arquivos de programas\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006..\RunOnce: [shockwave Updater] C:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit\532.5_(KHTML,_like_Gecko)_Chrome\4.1.249.1045_Safari\532.5 - File not foundO6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Value error. File not found
O9 - Extra Button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Arquivos de programas\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O12 - Plugin for: .spop - C:\Arquivos de programas\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} [http://office.microsoft.com/officeupdate/content/opuc4.cab](http://office.microsoft.com/officeupdate/content/opuc4.cab) (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab) (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab) (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab) (Java Plug-in 1.6.0_20)O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/21 18:12:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/01/17 12:54:54 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2007/05/21 19:50:50 | 000,000,874 | ---- | M] () - C:\AutoSetup.log -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/05/23 19:12:50 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^hamachi.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Advanced SystemCare 3 - hkey= - key= - C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe (IObit)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: IntelliPoint - hkey= - key= - C:\Arquivos de programas\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Arquivos de programas\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: itype - hkey= - key= - C:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: Openwares LiveUpdate - hkey= - key= - C:\Program Files\LIVEUPDATE\LiveUpdate.exe (Openwares)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Arquivos de programas\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: TkBellExe - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sdauxservice - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootMin: sdcoreservice - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sdauxservice - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootNet: sdcoreservice - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Service
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Processamento de gráficos vetoriais (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Ligação de dados de HTML dinâmico para Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Cancelar inscrição
ActiveX: {423290D4-DC50-48FA-9871-9D61FCAD7C13} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Criação avançada
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes DirectAnimation para Java
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Agendador de tarefas
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EDA9F30A-8B65-3E6F-B353-CCA1C9241471} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\\WINDOWS\\system32\\iac25_32.ax ()
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
========== Files/Folders - Created Within 14 Days ==========
[2010/05/23 16:09:12 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marcus\Desktop\OTL.exe
[2010/05/23 14:39:22 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\TD74 Corporation
[2010/05/23 14:39:16 | 000,049,152 | ---- | C] (Vimicro) -- C:\WINDOWS\Domino.exe
[2010/05/23 14:39:15 | 000,257,408 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\drivers\usbvm323.sys
[2010/05/23 14:39:15 | 000,253,952 | ---- | C] (vimicro) -- C:\WINDOWS\System32\vmprp323.ax
[2010/05/23 14:39:15 | 000,098,304 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\VMCtrl323.ax
[2010/05/23 14:39:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\CatRoot
[2010/05/22 09:52:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marcus\Recent
[2010/05/21 22:49:54 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Pryme
[2010/05/21 22:47:33 | 000,000,000 | ---D | C] -- C:\cmos
[2010/05/21 22:25:40 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\STV
[2010/05/09 20:09:36 | 000,053,248 | ---- | C] (Sunplus) -- C:\WINDOWS\ap561.exe
[2010/05/09 20:09:35 | 000,119,798 | ---- | C] (SP) -- C:\WINDOWS\System32\drivers\SPCA561.SYS
[2010/05/09 20:09:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Setup2K
[2008/08/25 19:40:00 | 000,122,880 | ---- | C] ( ) -- C:\WINDOWS\System32\sbcrreag.dll
========== Files - Modified Within 14 Days ==========
[2010/05/23 17:08:00 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/23 16:12:48 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Marcus\Desktop\RUIDOS_SUBARU.xls
[2010/05/23 16:09:28 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marcus\Desktop\OTL.exe
[2010/05/23 14:42:45 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job
[2010/05/23 14:42:38 | 000,244,206 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/05/23 14:42:35 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/23 14:42:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/23 14:42:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/23 14:41:28 | 009,519,104 | ---- | M] () -- C:\Documents and Settings\Marcus\ntuser.dat
[2010/05/23 14:41:28 | 000,000,210 | -HS- | M] () -- C:\Documents and Settings\Marcus\ntuser.ini
[2010/05/23 14:41:25 | 020,601,538 | -H-- | M] () -- C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\IconCache.db
[2010/05/23 14:39:24 | 000,001,087 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VIMICROCAM VC0323.lnk
[2010/05/23 13:42:03 | 000,002,300 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/22 10:17:07 | 067,736,831 | ---- | M] () -- C:\Documents and Settings\Marcus\Desktop\windowsxp.zip
[2010/05/21 22:59:42 | 000,001,354 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/17 15:34:13 | 000,206,848 | ---- | M] () -- C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/11 22:36:33 | 000,002,169 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
========== Files Created - No Company Name ==========
[2010/05/23 16:12:48 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Marcus\Desktop\RUIDOS_SUBARU.xls
[2010/05/23 14:39:16 | 000,212,992 | ---- | C] () -- C:\WINDOWS\VMSnap23.exe
[2010/05/23 14:39:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\VMCap323.exe
[2010/05/23 14:39:15 | 000,001,087 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VIMICROCAM VC0323.lnk
[2010/05/22 10:04:29 | 067,736,831 | ---- | C] () -- C:\Documents and Settings\Marcus\Desktop\windowsxp.zip
[2010/05/18 10:18:50 | 009,519,104 | ---- | C] () -- C:\Documents and Settings\Marcus\ntuser.dat
[2010/05/09 20:09:35 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe
[2010/05/09 20:09:35 | 000,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini
[2010/05/09 20:09:35 | 000,007,431 | ---- | C] () -- C:\WINDOWS\Tw561a.src
[2010/05/09 20:09:35 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini
[2010/04/19 16:50:19 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/04/19 16:50:17 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/04/19 16:50:17 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/04/19 16:50:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/04/19 16:50:15 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/03 09:46:55 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/10/06 17:22:23 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009/10/06 15:58:45 | 000,000,156 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2009/09/21 19:41:16 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Power Video Converter.INI
[2009/08/18 23:22:57 | 000,000,069 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/08/12 21:28:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009/06/11 23:25:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/21 01:24:48 | 000,001,683 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/04/30 23:27:41 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/12/08 14:20:14 | 000,000,030 | ---- | C] () -- C:\WINDOWS\RefreshLock.ini
[2008/11/20 11:26:36 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/11/11 23:11:56 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/03/13 20:50:34 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\MSJCE.dll
[2008/02/15 05:55:28 | 000,000,184 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2007/10/04 15:33:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/30 08:13:43 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTictwl.sys
[2007/08/28 20:55:06 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2007/08/18 15:40:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007/08/18 14:21:29 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/08/18 14:19:13 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2007/06/10 10:53:10 | 000,000,009 | ---- | C] () -- C:\WINDOWS\WINHLP32.INI
[2007/06/10 07:41:12 | 000,000,185 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2007/06/07 06:28:44 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007/06/05 21:18:19 | 000,007,604 | ---- | C] () -- C:\WINDOWS\UEDIT32.INI
[2007/05/21 20:34:23 | 000,001,241 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/05/21 19:50:50 | 000,033,249 | R--- | C] () -- C:\WINDOWS\System32\drivers\RITFSD.sys
[2007/05/21 19:50:50 | 000,014,074 | R--- | C] () -- C:\WINDOWS\System32\drivers\exdisk.sys
[2007/05/21 19:50:44 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\RitShell.dll
[2007/05/21 19:40:53 | 000,348,880 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/05/21 19:40:53 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4624.dll
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/23 22:39:56 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/01/23 22:39:56 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/01/23 22:39:56 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/01/23 22:39:54 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/01/23 22:39:54 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/01/23 22:39:54 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002/10/15 19:54:04 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
[1998/05/18 00:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI
[1998/04/24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI
[1997/01/12 00:00:00 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\DTCTRACE.DLL
[1996/11/14 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
========== LOP Check ==========
[2009/05/10 17:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Spyware Terminator
[2009/11/03 20:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Agnitum
[2008/07/12 07:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Avocent AdminWorks
[2009/01/03 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ESET
[2008/08/30 14:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft
[2010/03/01 15:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IObit
[2010/01/06 20:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IsolatedStorage
[2009/02/25 11:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\KONAMI
[2010/01/31 20:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!
[2010/05/09 19:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NCH Swift Sound
[2009/10/28 20:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nexon
[2010/05/22 09:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NexonUS
[2008/10/11 08:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nokia
[2008/10/11 08:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite
[2009/09/16 22:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Pinnacle
[2009/05/11 09:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PMB Files
[2009/10/06 16:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\SpeedBit
[2009/05/09 11:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sports Interactive
[2010/05/22 07:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP
[2010/01/21 13:33:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk
[2009/04/02 12:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/01/17 19:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/24 17:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Actecom
[2009/11/03 11:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Auslogics
[2008/11/20 11:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\DAEMON Tools
[2009/10/07 20:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\DMCache
[2009/01/03 17:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\ESET
[2009/09/16 22:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\GlarySoft
[2009/10/06 13:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\GrabPro
[2009/10/30 18:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\ijjigame
[2009/11/11 12:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\IObit
[2008/10/30 20:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Kernel for Outlook
[2008/11/27 21:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\LG Electronics
[2007/08/28 20:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\LGSync
[2010/05/11 22:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\LimeWire
[2010/05/09 19:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\NCH Swift Sound
[2008/10/11 08:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Nokia
[2010/04/28 11:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Nokia Multimedia Player
[2008/10/11 09:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\NSeries
[2010/01/11 09:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Orbit
[2008/10/11 08:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\PC Suite
[2010/01/11 08:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\ProxyCap
[2009/09/16 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Publish Providers
[2008/10/30 19:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\RecoveryFIX for Outlook (Evaluation version - 4.05.01)
[2009/09/17 21:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Sony
[2008/11/20 11:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Sports Interactive
[2010/01/20 14:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\TeamViewer
[2010/05/01 02:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\TS3Client
[2010/05/22 09:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\uTorrent
[2010/02/10 16:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marcus\Dados de aplicativos\Vso
[2010/05/23 14:42:45 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2004/07/09 04:08:36 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\dxsetup.exe
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004/08/04 04:45:22 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=BD18C87A4E1EA136C44D374296B981DC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=A8CDC8DECE4735B86BBEF28460996C30 -- C:\WINDOWS\system32\eventlog.dll
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004/08/04 04:45:26 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=E95230A31F912E07B19F8335D4DFF110 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=879E802EF4EF2405014B170EA41E552B -- C:\WINDOWS\system32\scecli.dll
< %SYSTEMDRIVE%\sfcfiles.dll /s /md5 >
[2004/08/04 04:45:28 | 001,548,288 | ---- | M] (Microsoft Corporation) MD5=1DD4FC7EEE3A45257528A34FDF7BC689 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll
[2008/04/13 23:20:40 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=698F9583D1EB213B09F12DD5826A46E2 -- C:\WINDOWS\ERDNT\cache\sfcfiles.dll
[2008/04/13 23:20:40 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=698F9583D1EB213B09F12DD5826A46E2 -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll
[2008/04/13 23:20:40 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=698F9583D1EB213B09F12DD5826A46E2 -- C:\WINDOWS\system32\sfcfiles.dll
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004/08/04 04:45:26 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=82777C1BE8E9F0B1574DAC5BC29C7D6F -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=49897D67B04E62F8E59EB8B1C7DF7072 -- C:\WINDOWS\system32\netlogon.dll
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
< %SYSTEMDRIVE%\sceclt.dll /s /md5 >
< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >
< %SYSTEMDRIVE%\logevent.dll /s /md5 >
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004/08/04 02:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
========== Alternate Data Streams ==========
@Alternate Data Stream - 518 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:05EE1EEF
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D74B6CF5
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:888AFB86
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:AE9A5120
< End of report >
Boa Noite! .matiello
<@> Execute o OTL.exe.
<@> Copie estas informações que estão na Quote,para o campo abaixo de: Exames Personalizados/Correções
>
:filesC:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
:otl
O3 - HKU\S-1-5-21-1078081533-1409082233-725345543-1006\..\Toolbar\WebBrowser: (Barra de ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Value error. File not found
O20 - Winlogon\Notify\klogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
@Alternate Data Stream - 518 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:05EE1EEF
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D74B6CF5
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:888AFB86
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:AE9A5120
:commands
[purity]
[emptyflash]
[emptytemp]
[Reboot]
<@> Clique no botão Consertar --> Aguarde a conclusão! --> Executar!
<@> Poste o relatório,que também estará na pasta: C:\_OTL\MovedFiles\*.log <-
Abraços!
All processes killed
========== FILES ==========
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon\ deleted successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34 deleted successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D74B6CF5 deleted successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:888AFB86 deleted successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:AE9A5120 deleted successfully.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrador
User: All Users
User: Default User
User: LocalService
User: Marcus
->Flash cache emptied: 4630 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrador
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33239 bytes
User: Marcus
->Temp folder emptied: 94096663 bytes
->Temporary Internet Files folder emptied: 2695515 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 46992647 bytes
->Google Chrome cache emptied: 102619276 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 147456 bytes
RecycleBin emptied: 380207 bytes
Total Files Cleaned = 236,00 mb
OTL by OldTimer - Version 3.2.5.0 log created on 05232010_200526
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Boa Noite! .matiello
<@> Baixe: < ToolBar S&D >
<@> Salve-o no Disco Local-C,em uma pasta própria.
<@> Reinicie o computador,em Modo de Segurança. <-- Importante!
<@> Execute o programa,e à seguir,aperte o "p" --> Enter --> Ok.
<@> Digite o dois! ( 2 ) --> Aperte Enter --> Aguarde!
<@> Terminando,poste o relatório. ( C:\ToolBar SD\TB_1.txt ) <--
00000000000000000000000
ooooooooooooooooooooooo
<@> Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/Canned%2520Speeches/speechimages/combofix/desktopicon.png&key=c972c7524cf2a0d4771101cc561140ae5696a3aad55bcf64c111bf1861d92e85" alt="desktopicon.png" /> > ( ...by sUBs )
<!> Link-2 --> < ForoSpyware >
<!> Link-3 --> < GeeksToGo >
<@> Salve-o no desktop!
<@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )
<@> Feche todas as janelas e execute a ferramenta!
<@> Ps: A execução,por comando,também é possível:
<@> Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\Combofix.exe" /killall
/applications/core/interface/imageproxy/imageproxy.php?img=http://img181.imageshack.us/img181/5825/combofixejr8.gif&key=0d882a59a7a65b06e1b50e837804afc9002b25433ef74e0c3f66f43a58058f7b" alt="combofixejr8.gif" />
<@> Clique em Ok.
<@> Na janela: "Contrato de garantia de software" --> Clique em Sim!
/applications/core/interface/imageproxy/imageproxy.php?img=http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif&key=0010234c6eff8b98a829fe5910d3fd47cc8c551f0c1836fc4748c11079a71d03" alt="RcAuto1.gif" />
<@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!
<@> Terminando,clique Sim ou Yes. --> Aguarde!
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta ComboFix.exe e faça,novamente,seu download.
<!> Salve-a no desktop,renomeada como: Kombo.exe
<!> Ps: Nomeie durante o salvamento,e não após salvá-la!
<!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em "Modo de Segurança". <-- Link!
<!> Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação:
/applications/core/interface/imageproxy/imageproxy.php?img=http://img.photobucket.com/albums/v666/sUBs/Rookit_found.gif&key=eb1b849776e4208479b15adbf0e86845810495533720ff18c63647e4d0943f29" alt="Rookit_found.gif" />
<!> Ps: Anote essas detecções,e dê o OK.
<!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!
<!> Ps: Evite executar,voluntariamente,esta ferramenta!
<!> Ps: Para evitar problemas,siga todas as recomendações propostas.
<!> Ps: ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão profissional.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
<@> Abrir-se-á a janela Auto Scan. --> Aguarde!
<@> Para finalizar remoções,o ComboFix poderá reiniciar o computador.
<@> Se houver necessidade,digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!
<@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante!
<@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter!
<@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.
Abraços!
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel® Core2 CPU 6420 @ 2.13GHz )
BIOS : Default System BIOS
USER : Marcus ( Administrator )
BOOT : Fail-safe with network boot
Antivirus : ESET Smart Security 3.0 3.0 (Activated)
Firewall : Firewall pessoal do ESET 4.0.417.0 (Not Activated)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:44 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 24/05/2010|11:35 )
-----------\\ REMOVIDOS
Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll
Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\FirefoxDTT
Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\Resources
Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\uninst.exe
Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar\_DTLite.xml
Deletado! - C:\Arquivos de programas\DAEMON Tools Toolbar
-----------\\ Procura por Arquivos / Ficheiros ...
-----------\\ Extensions
(Marcus) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(Marcus) - {5B52016C-D097-4aec-BE61-9F129D8FDDBA} => wj
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="[http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"](http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch)
"Start Page Redirect Cache"="[http://br.msn.com/?ocid=iehp"](http://br.msn.com/?ocid=iehp)
"Start Page"="http://thefreevpn.com/home.php"'>[http://thefreevpn.com/home.php](http://thefreevpn.com/home.php)"
"Url"="[http://go.microsoft.com/fwlink/?LinkId=75723"](http://go.microsoft.com/fwlink/?LinkId=75723)
"Url"="[http://go.microsoft.com/fwlink/?LinkId=75724"](http://go.microsoft.com/fwlink/?LinkId=75724)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>[http://go.microsoft.com/fwlink/?LinkId=69157](http://go.microsoft.com/fwlink/?LinkId=69157)"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>[http://go.microsoft.com/fwlink/?LinkId=54896](http://go.microsoft.com/fwlink/?LinkId=54896)"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"'>[http://go.microsoft.com/fwlink/?LinkId=54896](http://go.microsoft.com/fwlink/?LinkId=54896)"
"Start Page"="[http://www.msn.com/"](http://www.msn.com/)
"SearchAssistant"="[http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"](http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch)
"CustomizeSearch"="[http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"](http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch)
--------------------\\ Procurando por outras infecções
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Marcus\Dados de aplicativos\Microsoft\Office\Recente\crack LFD2.LNK
C:\DOCUME~1\Marcus\Favoritos\Download - Football Manager 2009 + Tradu‡Æo - Patch - Crack - Baixe Turbo.URL
C:\DOCUME~1\Marcus\Meus documentos\N.+Funcionando+-+crackeado+by+baixedetudo.net.rar
C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks
C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\ArtBlendsVegas.dll
C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\ArtEffectsVegas.dll
C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\D3DExplosionsVegas.dll
C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\D3DTransformationsVegas.dll
C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\FilmEffectsVegas.dll
C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\MotionBlendsVegas.dll
C:\DOCUME~1\Marcus\Meus documentos\CA\videos\Sony Vegas Movie Studio Platinum Pro 9.0 + Todos os Plugins + Pacth_NazgoOl M3\Plugins\NewBlue FX\Cracks\MotionEffectsVegas.dll
C:\DOCUME~1\Marcus\Meus documentos\Meus arquivos recebidos\Ale Links-COD4-e-crack.txt
1 - "C:\ToolBar SD\TB_1.txt" - 24/05/2010|11:36 - Option : [2]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:08:27, on 24/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Arquivos de programas\Intel\IDU\awServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Hijack\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thefreevpn.com/home.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ipTray.exe] "C:\Arquivos de programas\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1045_Safari/532.5" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O10 - Unknown file in Winsock LSP: w2pxdrv.dll
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6ED63BF-48EA-49FF-B3BF-A0E98B62947B}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Admin Works Agent X8 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Arquivos de programas\Intel\IDU\awServ.exe
O23 - Service: Google Update Service (gupdate1ca7415f53b919c) (gupdate1ca7415f53b919c) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Nokia - (no file)
O23 - Service: nProtect GameGuard Service (npggsvc) - Nokia - (no file)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Arquivos de programas\proXPN\bin\openvpnserv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
--
End of file - 10994 bytes
ComboFix 10-05-23.07 - Marcus 24/05/2010 11:50:37.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2045.1556 [GMT -3:00]
Executando de: c:\documents and settings\Marcus\Desktop\ComboFix.exe
AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ESET Smart Security 3.0 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus On-access scanning disabled (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Firewall pessoal do ESET disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: Outpost Firewall disabled {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
* AV residente está ativo
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Marcus\Dados de aplicativos\inst.exe
c:\documents and settings\Marcus\port32.log
c:\windows\system\VI30AUT.DLL
c:\windows\system32\szxfis.exe
.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-04-24 to 2010-05-24 ))))))))))))))))))))))))))))
.
2010-05-24 14:34 . 2010-05-24 14:36 -------- d-----w- C:\ToolBar SD
2010-05-24 14:26 . 2010-05-24 14:26 -------- d-----w- C:\toolb
2010-05-23 23:05 . 2010-05-23 23:05 -------- d-----w- C:\_OTL
2010-05-23 17:48 . 2008-04-13 14:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2010-05-23 17:48 . 2008-04-13 14:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\arquivos de programas\TD74 Corporation
2010-05-23 17:39 . 2006-09-19 17:26 212992 ----a-w- c:\windows\VMSnap23.exe
2010-05-23 17:39 . 2006-06-28 05:54 49152 ----a-w- c:\windows\Domino.exe
2010-05-23 17:39 . 2006-03-30 23:24 81920 ----a-w- c:\windows\VMCap323.exe
2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\windows\CatRoot
2010-05-23 17:39 . 2007-04-24 14:56 257408 ----a-w- c:\windows\system32\drivers\usbvm323.sys
2010-05-23 16:58 . 2010-05-23 16:58 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-sse.dll
2010-05-23 16:58 . 2010-05-23 16:58 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-d3d.dll
2010-05-23 16:58 . 2010-05-23 16:58 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcp71.dll
2010-05-23 16:58 . 2010-05-23 16:58 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\jmc.dll
2010-05-23 16:58 . 2010-05-23 16:58 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcr71.dll
2010-05-22 12:46 . 2010-05-22 12:46 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-22 01:49 . 2010-05-22 12:45 -------- d-----w- c:\arquivos de programas\Pryme
2010-05-22 01:47 . 2010-05-22 12:45 -------- d-----w- C:\cmos
2010-05-22 01:25 . 2010-05-22 01:25 -------- d-----w- c:\arquivos de programas\STV
2010-05-09 23:09 . 2002-08-13 21:01 53248 ----a-w- c:\windows\ap561.exe
2010-05-09 23:09 . 2010-05-09 23:09 -------- d-----w- c:\windows\Setup2K
2010-05-09 23:09 . 2002-11-22 18:56 118784 ----a-w- c:\windows\ShowBmp.exe
2010-05-09 23:09 . 2002-10-01 17:43 119798 ----a-w- c:\windows\system32\drivers\SPCA561.SYS
2010-05-09 14:32 . 2010-05-09 22:25 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NCH Swift Sound
2010-05-09 14:32 . 2010-05-09 14:32 -------- d-----w- c:\arquivos de programas\NCH Software
2010-05-09 14:31 . 2010-05-09 22:26 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\NCH Swift Sound
2010-05-09 14:28 . 2010-05-09 14:28 -------- d-----w- c:\arquivos de programas\MIKSOFT
2010-05-07 16:58 . 2010-05-07 16:58 152064 ----a-w- c:\windows\snap.dat
2010-05-07 16:55 . 2010-04-12 20:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-01 04:10 . 2010-05-01 05:43 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\TS3Client
2010-05-01 04:09 . 2010-05-01 04:09 -------- d-----w- c:\arquivos de programas\TeamSpeak 3 Client
2010-05-01 02:15 . 2010-05-01 02:15 -------- d-----w- c:\arquivos de programas\proXPN
2010-04-28 01:05 . 2010-04-28 01:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia
2010-04-28 01:01 . 2010-04-28 01:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite
2010-04-28 01:00 . 2010-04-28 01:00 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution
2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys
2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys
2010-04-28 01:00 . 2007-02-22 13:15 8320 ----a-w- c:\windows\system32\drivers\nmwcdc.sys
2010-04-28 01:00 . 2007-02-22 13:15 137216 ----a-w- c:\windows\system32\drivers\nmwcd.sys
2010-04-28 01:00 . 2007-02-22 13:15 65536 ----a-w- c:\windows\system32\nmwcdcocls.dll
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-24 14:30 . 2007-06-07 11:06 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-22 12:46 . 2008-11-15 14:03 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\uTorrent
2010-05-22 12:46 . 2008-11-15 14:03 -------- d-----w- c:\arquivos de programas\uTorrent
2010-05-22 12:46 . 2008-11-05 21:01 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS
2010-05-22 10:51 . 2009-09-02 12:01 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2010-05-22 01:25 . 2007-05-21 22:37 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2010-05-19 18:57 . 2010-03-07 03:52 -------- d-----w- c:\arquivos de programas\Full Tilt Poker
2010-05-12 20:51 . 2007-05-23 22:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help
2010-05-12 01:42 . 2008-11-27 23:07 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\LimeWire
2010-05-11 03:09 . 2009-09-22 01:36 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live
2010-05-09 23:09 . 2007-05-21 22:36 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield
2010-05-07 16:55 . 2008-03-08 17:38 -------- d-----w- c:\arquivos de programas\Java
2010-05-01 02:20 . 2007-05-23 22:37 -------- d-----w- c:\arquivos de programas\CCleaner
2010-04-28 14:33 . 2008-10-11 12:19 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\Nokia Multimedia Player
2010-04-28 01:28 . 2008-11-28 00:03 -------- d-----w- c:\arquivos de programas\LG PC Suite II
2010-04-28 01:05 . 2008-10-11 11:01 -------- d-----w- c:\arquivos de programas\Nokia
2010-04-19 19:50 . 2009-11-04 15:12 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack
2010-04-16 18:00 . 2010-04-19 19:50 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-08 19:20 . 2009-03-31 00:39 -------- d-----w- c:\arquivos de programas\PokerStars
2010-04-03 19:22 . 2010-04-03 19:22 2336 ----a-w- C:\boot.bat
2010-03-15 09:31 . 2002-10-15 22:54 165376 ----a-w- c:\windows\system32\unrar.dll
2010-03-12 15:05 . 2010-03-12 15:05 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcp71.dll
2010-03-12 15:05 . 2010-03-12 15:05 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\jmc.dll
2010-03-12 15:05 . 2010-03-12 15:05 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcr71.dll
2010-03-12 15:05 . 2010-03-12 15:05 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-sse.dll
2010-03-12 15:05 . 2010-03-12 15:05 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-d3d.dll
2010-03-12 15:04 . 2004-08-04 12:00 79832 ----a-w- c:\windows\system32\perfc016.dat
2010-03-12 15:04 . 2004-08-04 12:00 470730 ----a-w- c:\windows\system32\perfh016.dat
2010-03-10 06:16 . 2004-08-04 07:45 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-02 04:19 . 2010-02-25 16:01 26112 ----a-w- c:\windows\system32\drivers\tap0901.sys
2010-02-26 15:05 . 2010-02-26 15:05 72488 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-02-25 06:17 . 2004-08-04 07:45 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-04 06:15 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-09-04 21:00 . 2009-09-04 21:00 916430 ----a-w- c:\arquivos de programas\Apr2006_MDX1_x86.cab
2008-08-12 00:07 . 2008-07-17 22:49 29806 ----a-w- c:\arquivos de programas\megacubo_log.log
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\ssldivx.dll
.
------- Sigcheck -------
[7] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2006-08-25 . 873E9E5B23D206BE443ABD3CF597C2E8 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2009-10-12 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[7] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . F86D3E5C8FE13297E1C2D662F9E2D59D . 578560 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B5782EE6EAFE3C218236F79F1A27B747 . 578048 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2005-03-02 . 3ED0A4D74EFD5AAF8408095F452E2613 . 577536 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 7FFBCF1B94E6929DEECE06670C2407D6 . 577536 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[7] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 732946EEAA1D8EE2A4FC24370827617B . 977920 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . DCCBF18E94D651393A3FFA060F88E0A0 . 1035264 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 45D521506825A10B80833B4E9621CCF6 . 1035264 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
[7] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="sttray.exe" [2006-05-26 282624]
"ipTray.exe"="c:\arquivos de programas\Intel\IDU\iptray.exe" [2006-12-28 2242328]
"nwiz"="c:\arquivos de programas\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"OutpostMonitor"="c:\arquiv~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
"avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2009-11-11 417792]
"AppleSyncNotifier"="c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]
"NSLauncher"="c:\arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk]
backup=c:\windows\pss\Orbit.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^hamachi.lnk]
backup=c:\windows\pss\hamachi.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]
backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-03-29 17:54 2343120 ----a-w- c:\arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 17:51 177440 ----a-w- c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:20 40448 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-07-24 15:02 490952 ----a-w- c:\arquivos de programas\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 13:44 31072 ----a-w- c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2006-07-07 23:15 600896 ----a-w- c:\arquivos de programas\Microsoft IntelliPoint\ipoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-12 08:30 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 21:07 141608 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\arquivos de programas\Microsoft IntelliType Pro\itype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 18:44 3883840 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-14 16:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Openwares LiveUpdate]
2003-12-13 17:17 61440 ----a-w- c:\program files\LIVEUPDATE\LiveUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 01:08 417792 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Dados de aplicativos\\NexonUS\\NGM\\NGM.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"=
"c:\\Arquivos de programas\\MegaJogos\\jre\\jre\\bin\\javaw.exe"=
"c:\\Arquivos de programas\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56458:TCP"= 56458:TCP:Pando Media Booster
"56458:UDP"= 56458:UDP:Pando Media Booster
"56911:TCP"= 56911:TCP:Pando Media Booster
"56911:UDP"= 56911:UDP:Pando Media Booster
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [19/01/2010 11:23 130936]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [03/11/2009 20:52 704384]
R2 acssrv;Agnitum Client Security Service;c:\arquiv~1\Agnitum\OUTPOS~1\acs.exe [03/11/2009 20:49 1195008]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [12/01/2010 13:31 108289]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [03/11/2009 20:49 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [03/11/2009 20:52 257432]
R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [10/06/2002 00:09 31232]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/11/2008 11:26 717296]
S2 gupdate1ca7415f53b919c;Google Update Service (gupdate1ca7415f53b919c);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [03/12/2009 09:41 133104]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys --> c:\windows\system32\DRIVERS\3xHybrid.sys [?]
S3 exdisk;Express Disk Service;c:\windows\system32\drivers\exdisk.sys [21/05/2007 19:50 14074]
S3 GarenaPEngine;GarenaPEngine; [x]
S3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys [22/10/2009 10:45 31908]
S3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\drivers\lgmcbus.sys [27/11/2008 21:05 83584]
S3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\drivers\lgmcmdfl.sys [27/11/2008 21:05 14976]
S3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\drivers\lgmcmdm.sys [27/11/2008 21:05 110464]
S3 lgmcobex;LGE Mobile USB WMC OBEX Interface;c:\windows\system32\drivers\lgmcobex.sys [27/11/2008 21:05 100480]
S3 npggsvc;nProtect GameGuard Service; [x]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 PhTVTune;ENCORE TV Tuner Pro PCI Adapter;c:\windows\system32\drivers\PhTVTune.sys [18/08/2007 15:24 28480]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11/01/2010 08:28 27064]
S3 sdAuxService;PC Tools Auxiliary Service;c:\arquivos de programas\Spyware Doctor\pctsAuxs.exe [19/01/2010 11:23 348752]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25/01/2008 06:12 25088]
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job
2010-05-24 c:\windows\Tasks\AWC AutoSweep.job
2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-12-03 12:41]
.
.------- Scan Suplementar -------
.
uStart Page = hxxp://thefreevpn.com/home.php
mWindow Title =
uInternet Settings,ProxyOverride = local
IE: &Clean Traces
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: w2pxdrv.dll
TCP: {F6ED63BF-48EA-49FF-B3BF-A0E98B62947B} = 156.154.70.25,156.154.71.25
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://thefreevpn.com/home.php
FF - prefs.js: keyword.URL - hxxp://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p=
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\NPMFireLauncher.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\documents and settings\All Users\Dados de aplicativos\NexonUS\NGM\npNxGameUS.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-24 11:57
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar0]
"BarID"=dword:0000e81b
"Bars"=dword:00000003
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e800
"Bar#2"=dword:00000000
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar1]
"BarID"=dword:0000e81c
"Bars"=dword:00000004
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e807
"Bar#2"=dword:0000e806
"Bar#3"=dword:00000000
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar2]
"BarID"=dword:0000e800
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000001f5
"MRUDockBottomPos"=dword:00000036
"MRUFloatStyle"=dword:00002000
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar3]
"BarID"=dword:0000e806
"XPos"=dword:fffffffe
"YPos"=dword:00000141
"Docking"=dword:00000001
"MRUDockID"=dword:0000e81c
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:00000141
"MRUDockRightPos"=dword:000000c6
"MRUDockBottomPos"=dword:00000287
"MRUFloatStyle"=dword:00002004
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar4]
"BarID"=dword:0000e807
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000000c6
"MRUDockBottomPos"=dword:00000143
"MRUFloatStyle"=dword:00002004
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Summary]
"Bars"=dword:00000005
"ScreenCX"=dword:00000400
"ScreenCY"=dword:00000300
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Settings]
"FirstRun"=dword:00000000
"xScreen"=dword:00000400
"yScreen"=dword:000002c4
"floats"="1.000000 0.500000 0.500000 120 120"
"skin"="ISR_10Moons.dll"
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\WNDSTATUS]
"FLAG"=dword:00000000
"SHOWCMD"=dword:00000001
"LEFT"=dword:fffffffc
"TOP"=dword:fffffffc
"RIGHT"=dword:00000404
"BOTTOM"=dword:000002e2
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10f_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10f_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\setupapi.dll
.
Tempo para conclusão: 2010-05-24 11:59:43
ComboFix-quarantined-files.txt 2010-05-24 14:59
Pré-execução: 51 pasta(s) 48.102.797.312 bytes disponíveis
Pós execução: 52 pasta(s) 48.057.511.936 bytes disponíveis
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
Boa Tarde! .matiello
>
------- Sigcheck -------
[-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2006-08-25 . 873E9E5B23D206BE443ABD3CF597C2E8 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2009-10-12 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . F86D3E5C8FE13297E1C2D662F9E2D59D . 578560 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B5782EE6EAFE3C218236F79F1A27B747 . 578048 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2005-03-02 . 3ED0A4D74EFD5AAF8408095F452E2613 . 577536 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 7FFBCF1B94E6929DEECE06670C2407D6 . 577536 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 732946EEAA1D8EE2A4FC24370827617B . 977920 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . DCCBF18E94D651393A3FFA060F88E0A0 . 1035264 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 45D521506825A10B80833B4E9621CCF6 . 1035264 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
<!> Estudando algumas assinaturas digitais de ficheiros,no log do OTL,detectei a não-validade de alguns. Corroborado,à seguir,pelo relatório do ComboFix.
<!> Podem ter sido alterados por malwares ou instalados,na origem,pelo CD-ROM do Windows-XP.
000000000000000000000
ooooooooooooooooooooo
<@> Estando em "Modo Normal",vá em Iniciar --> Executar --> Digite: sfc /scannow --> Clique OK.
< /applications/core/interface/imageproxy/imageproxy.php?img=http://3.bp.blogspot.com/_q75jlGfRu3M/STPNWz-Km5I/AAAAAAAAAVU/CZ6xFU9OCLc/s320/2.jpg&key=3620d08a7620140e6d3b3af681917d3a297f030785e23f31d6165f406711fffe" alt="2.jpg" /> >
<@> Será pedido a colocação do CD-ROM,do Windows XP,no drive.
<@> Será,portanto,acionada a "Proteção de arquivo do Windows".
<@> Aguarde a conclusão do reparo!
000000000000000000000
ooooooooooooooooooooo
<@> Baixe: < MGADiag >
<@> Salve-o no desktop!
<@> Duplo-clique no ícone < /applications/core/interface/imageproxy/imageproxy.php?img=http://i286.photobucket.com/albums/ll83/mcristinna/icone_WGADiag.png&key=c296d80891e7e1bfc981d3619554799888282f2e8f102e5f9627707ceeb1d605" alt="icone_WGADiag.png" /> >
<@> Clique,à seguir,em Continue :seta: Copy.
<@> Abra o Bloco de Notas --> Tecle: ctrl+v <-- Colar!
<@> Ps: Poste seu conteúdo. ( Diagnostic Report (1.9.0027.0) ) <-
<@> Clique OK para fechar a ferramenta!
Abraços!
Não tenho o cd-rom do windows xp. O que devo fazer?
>
Não tenho o cd-rom do windows xp. O que devo fazer?
//////////\\\\\\\\\\
Opa! .matiello
<!> O sistema está fragilizado e o uso do PC,para acessar online banking,temerário.
<!> Recomendo,portanto,a formatação e aquisição de um sistema operacional original,descartando as cópias piratas ou downloads dos mesmos.
<!> Ps: Caso queira postar o relatório do MGADiag,como confirmação desse fato,pode faze-lo!
Abraços!
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Geographically blocked PID
Validation Code: 13
Cached Validation Code: N/A
Windows Product Key: ***-***-FRVF4-VPF7Y-38JV3
Windows Product Key Hash: NIpQw7rwVuJX1OvyiqXGOpU8tbE=
Windows Product ID: 55274-640-0187892-23389
Windows Product ID Type: 1
Windows License Type: Volume
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {AB3F84F0-128B-4EBF-8BB1-D356E3E6F04F}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.36.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 103 Blocked VLK
Microsoft Office Enterprise 2007 - 103 Blocked VLK
OGA Version: Registered, 1.6.21.0
Signed By: Microsoft
Office Diagnostics: 025D1FF3-230-1
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
File Mismatch: C:\WINDOWS\system32\winlogon.exe[5.1.2600.5512], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\setupapi.dll[5.1.2600.5512], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\syssetup.dll[5.1.2600.5512], Hr = 0x800b0100
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{AB3F84F0-128B-4EBF-8BB1-D356E3E6F04F}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>***---***-38JV3</PKey><PID>55274-640-0187892-23389</PID><PIDType>1</PIDType><SID>S-1-5-21-1078081533-1409082233-725345543</SID><SYSTEM><Manufacturer>INTEL_</Manufacturer><Model>D946GZIS</Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>TS94610J.86A.0047.2006.0911.0110</Version><SMBIOSVersion major="2" minor="4"/><Date>20060911000000.000000+000</Date></BIOS><HWID>106132FF0184E07A</HWID><UserLCID>0416</UserLCID><SystemLCID>0416</SystemLCID><TimeZone>Hora oficial do Brasil(GMT-03:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>NiwradSoft</name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>103</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>103</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>ACD7202654E586</Val><Hash>fFic3JgCreGGRxyF8uMWB4R4Jcg=</Hash><Pid>89388-707-1528066-65481</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="103"/><App Id="16" Version="12" Result="103"/><App Id="18" Version="12" Result="103"/><App Id="19" Version="12" Result="103"/><App Id="1A" Version="12" Result="103"/><App Id="1B" Version="12" Result="103"/><App Id="44" Version="12" Result="103"/><App Id="A1" Version="12" Result="103"/><App Id="BA" Version="12" Result="103"/></Applications></Office></Software></GenuineResults>
Licensing Data-->
N/A
Windows Activation Technologies-->
N/A
HWID Data-->
N/A
OEM Activation 1.0 Data-->
BIOS string matches: no
Marker string from BIOS: N/A
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005
OEM Activation 2.0 Data-->
N/A
Boa Noite! .matiello
<!> A cópia não passou pela validação da WGA.
<!> Validation Status: Geographically blocked PID
<!> Uma quantidade menor de arquivos,não passaram na validação digital. Contrariando à indicação em ComboFix.txt,que não podemos descartar.
0000000000000000000000
oooooooooooooooooooooo
<@> Submeta estes ficheiros,abaixo,à uma análise em: < VirSCAN.org >
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\setupapi.dll
C:\WINDOWS\system32\syssetup.dll
c:\windows\system32\ctfmon.exe
c:\windows\explorer.exe
<@> Clique em "Enviar arquivo...".
<@> Localizado os ficheiros,em seu PC,clique em "Upload" --> Aguarde!
<@> Na mensagem,clique em: "Verificar novamente"
<@> Concluindo,copie e envie-nos o link aos relatórios.
<@> Ps: Faça a análise de um por vez!
<@> Exemplo: Foi verificado o arquivo NodeRefresh.dll,cujo link ao relatório segue abaixo:
Abraços!
http://virscan.org/report/cc6322c4697ea23fe5b041829a4aedae.html
http://virscan.org/report/ac961e249583e127b88653319192d319.html
http://virscan.org/report/002a03a93775b9e16e388387209c7a05.html
http://virscan.org/report/78c45406fa412331576a6425045e1065.html
http://virscan.org/report/b8439d898896847a2fc73d956f898002.html
Bom Dia! .matiello
<!> A investigação dos ficheiros,em VirSCAN.org,não revelou códigos maliciosos. O que não implica/desabilita a indicação da ferramenta MGADiag em relação às suas assinaturas digitais.
0000000000000000000000
oooooooooooooooooooooo
<!> Desinstale: C:\Arquivos de programas\PokerStars <--
<!> Após desinstalar,utilize CCleaner para limpeza ao registro.
0000000000000000000000
oooooooooooooooooooooo
<@> Baixe: < PureRa15Binary.zip > ( ...by Paul McLain & Fred de Vries )
<@> Salve-o no desktop! <-- Tire-o do zip!
<@> Execute: PureRa.exe --> Clique em Clean.
<@> Marque a opção: "Check All"
<@> Clique no botão Clean Selected --> Aguarde!
<@> Terminando ( Finished ),clique em Exit.
<@> Poste o relatório: PureRa.txt <--
0000000000000000000000
oooooooooooooooooooooo
<@> Baixe: < lspfix >
<@> Salve-o no Desktop!
<@> Feche o seu navegador e programas que estejam abertos.
<@> Execute o LSP-Fix!
<@> Marque a caixa "I know what I'm doing".
<@> Procure referências ao ficheiro: w2pxdrv.dll
<@> Mova essa referência da caixa Keep,para a Remove.
<@> Clique em Finish,para concluir!
0000000000000000000000
oooooooooooooooooooooo
<@> Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas.
<@> Salve-o,no Desktop,com o nome: CFScript.txt
>
RegLock::[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar0]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar1]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar2]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar3]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar4]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Summary]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Settings]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\WNDSTATUS]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
Driver::
"NOD32krn"
"npggsvc"
<@> Ps: É recomendável que esteja desconectado,ao rodar o script.
<@> Ps: Desabilite,temporariamente,seu antivírus.
<@> Ps: Não utilizem este script em outra máquina!
<@> Arraste,o CFScript.txt para o ícone/interior do ComboFix.
<@> Veja a demonstração!
/applications/core/interface/imageproxy/imageproxy.php?img=http://farm4.static.flickr.com/3028/2872959479_997d4500c4_o.gif&key=5df91a69abacb5902724f70d14994f3bf5ba8d87bf300cea4c6fd8c885940cf0" alt="2872959479_997d4500c4_o.gif" />
<@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.
<@> Ps: Faça o arraste,até surgir essa solicitação! ( janela )
<@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.
Abraços!
Boa noite! DigRam
Não consegui baixar o lspfix.
RaProducts' PureRa v1.5
Log created at 23:42 on 25/05/2010 (Marcus)
C:\Config.MSI emptied.
C:\WINDOWS\system32\FNTCACHE.DAT <- O sistema não pode encontrar o arquivo especificado.
Recycle bin emptied.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs emptied.
C:\WINDOWS\SoftwareDistribution\Download emptied.
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default emptied.
C:\WINDOWS\SoftwareDistribution\WuRedir emptied.
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log <- O arquivo já está sendo usado por outro processo.
C:\DOCUME~1\Marcus\CONFIG~1\Temp emptied.
C:\WINDOWS\TEMP emptied.
C:\WINDOWS\$NtUninstallKB901017$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB901214$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB902400$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB904706$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB904942$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB905414$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB905749$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB908519$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB908531$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB910437$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB911280$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB911562$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB911564$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB911927$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB913580$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB914388$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB914389$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB914440$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB915800$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB915865$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB916595$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB917344$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB917422$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB917734_WMP9$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB917953$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB918118$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB918439$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB919007$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB920213$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB920670$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB920683$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB920685$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB920872$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB921503$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB922582$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB922819$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB923191$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB923414$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB923561$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB923689$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB923694$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB923980$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB924191$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB924270$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB924496$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB924667$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB925398_WMP64$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB925902$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB926239$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB926247$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB926255$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB926436$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB927779$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB927802$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB927891$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB928255$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB928843$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB929123$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB929399$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB929969$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB930178$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB930916$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB931261$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB931768$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB931784$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB931836$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB932168$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB932823-v3$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB933360$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB933729$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB935839$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB935840$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB936021$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB936357$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB936782_WMP11$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB937894$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB938464$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB938828$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB938829$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB939683$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB941202$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB941568$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB941569$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB941644$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB941693$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB942763$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB943055$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB943460$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB943485$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB944653$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB945553$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB946026$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB946648$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB946648_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB946648_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB946648_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB948590$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB948881$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950749$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950760$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950762$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950762_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950762_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950762_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950974$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950974_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950974_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB950974_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951066$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951066_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951066_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951066_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951072-v2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951376$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951376-v2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951376-v2_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951376-v2_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951376-v2_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951376_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951376_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951376_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951698$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951698_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951698_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951698_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951748$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951748_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951748_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951748_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB951978$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952004$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952069_WM9$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952287$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952287_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952287_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952287_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952954$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952954_0$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952954_1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB952954_2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB953155$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB953839$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB954154_WM11$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB954155_WM9$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB954211$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB954459$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB954600$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB955069$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB955759$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB955839$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB956391$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB956572$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB956744$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB956802$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB956803$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB956841$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB956844$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB957095$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB957097$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB958644$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB958687$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB958690$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB958869$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB959426$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB959772_WM11$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB960225$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB960715$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB960803$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB960859$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB961118$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB961371-v2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB961373$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB961501$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB961503$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB967715$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB968389$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB968537$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB968816_WM9$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB969059$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB969898$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB969947$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB970238$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB970430$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB970653-v3$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB971468$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB971486$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB971557$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB971633$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB971657$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB971737$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB972270$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973346$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973354$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973507$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973525$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973540_WM9$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973687$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973815$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973869$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB973904$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB974112$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB974318$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB974392$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB974571$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB975025$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB975467$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB975560$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB975561$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB975713$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB976098-v2$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB977165$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB977816$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB977914$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB978037$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB978251$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB978262$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB978338$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB978601$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB978706$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB979306$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB979309$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB979683$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallKB980232$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallMSCompPackV1$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallWMFDist11$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallwmp11$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallWudf01000$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallWudf01005$ <- Successfully deleted.
C:\WINDOWS\$NtUninstallXPSEPSCLP$ <- Successfully deleted.
C:\WINDOWS\system32\wbem\Logs\FrameWork.log <- Successfully deleted.
C:\WINDOWS\system32\wbem\Logs\wbemcore.log <- Successfully deleted.
C:\WINDOWS\system32\wbem\Logs\wbemess.log <- Successfully deleted.
C:\WINDOWS\system32\wbem\Logs\wbemess.lo_ <- Successfully deleted.
C:\WINDOWS\system32\wbem\Logs\wbemprox.log <- Successfully deleted.
C:\WINDOWS\system32\wbem\Logs\wmiprov.log <- Successfully deleted.
C:\AAAtividades Diversas\Apresentacoes\Bradesco\Marcus\Nelson Meiga\Thumbs.db <- Successfully deleted.
C:\AAAtividades Diversas\Apresentacoes\Bradesco\Marcus\Nelson Meiga\Nelson Abreu\Thumbs.db <- Successfully deleted.
C:\AAAtividades Diversas\Apresentacoes\Bradesco\mEIGA\Nelson Meiga\Thumbs.db <- Successfully deleted.
C:\AAAtividades Diversas\Apresentacoes\Bradesco\mEIGA\Nelson Meiga\Nelson Abreu\Thumbs.db <- Successfully deleted.
C:\AAAtividades Diversas\Apresentacoes\Marcus\Nelson Meiga\Thumbs.db <- Successfully deleted.
C:\AAAtividades Diversas\Apresentacoes\Marcus\Nelson Meiga\Nelson Abreu\Thumbs.db <- Successfully deleted.
C:\AAAtividades Diversas\Apresentacoes\mEIGA\Nelson Meiga\Thumbs.db <- Successfully deleted.
C:\AAAtividades Diversas\Apresentacoes\mEIGA\Nelson Meiga\Nelson Abreu\Thumbs.db <- Successfully deleted.
C:\AAAtividades Diversas\Escritório de Projetos\Kit do Líder de Projetos\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Garena\GarenaTV\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Garena\shop\items\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Garena\Skin\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Garena\Skin\Flags\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Garena\web\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Garena\web\cache\ROM\config\images\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Garena\web\cache\ROM\images\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Ani\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\ani\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\number\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\Photo\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\connect_bluetooth\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\connect_music\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\connect_usb\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\Photo\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\PhotoEditor\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\test\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\unconnect\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\Skin\black\portuguese_br\unconnect_rolling\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\SkinDlg\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\LG PC Suite II\res\SkinDlg2\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\NCSoft\Aion\L10N\ENU\textures\loading\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\NCSoft\Launcher\Skins\NCsoft_plaync_001\NCLauncherCustom\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\NCSoft\Launcher\Skins\web\error404\images\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Nero\Nero 9\Nero Recode\NPRE\NeroPreview\rich\white\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Nero\Nero 9\Nero SoundTrax\NPRE\NeroPreview\rich\white\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Nero\Nero 9\Nero StartSmart\NPRE\NeroPreview\rich\white\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Nero\Nero 9\Nero WaveEditor\NPRE\NeroPreview\rich\white\Thumbs.db <- Successfully deleted.
C:\Arquivos de programas\Spyware Doctor\avdb\temp\MANUAL PARA ACELERAR SUA CONEXÆO DA INTERNET IINFALIVEL.RAR685\Manual para Acelerar sua conexÆo da Internet Iinfalivel\Veja Tamb‚m\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\IconCache.db <- Successfully deleted.
C:\Documents and Settings\All Users\Documentos\Minhas imagens\Amostras de imagens\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Portable Devices\wpdlog00.sqm <- Successfully deleted.
C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Portable Devices\wpdlog01.sqm <- Successfully deleted.
C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Portable Devices\wpdlog02.sqm <- Successfully deleted.
C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Portable Devices\wpdlog03.sqm <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\IconCache.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live OneCare safety scanner\SQM\MSVS\wlsc00.sqm <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live OneCare safety scanner\SQM\MSVS\wlsc01.sqm <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live OneCare safety scanner\SQM\MSVS\wlsc02.sqm <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_1024.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_256.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_32.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_96.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_idx.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Photo Gallery\thumbcache_sr.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Configurações locais\Temporary Internet Files\Sqm\iesqmdata0.sqm <- Successfully deleted.
C:\Documents and Settings\Marcus\Dados de aplicativos\Microsoft\MSN Messenger\sqmnoopt00.sqm <- Successfully deleted.
C:\Documents and Settings\Marcus\Dados de aplicativos\Microsoft\MSN Messenger\sqmnoopt01.sqm <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\CA\fergoooo\theme\Default\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Busca ImplacavelTaken.DVDRip.XviD.AC3-DEViSE\CD1\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Busca ImplacavelTaken.DVDRip.XviD.AC3-DEViSE\CD2\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Compressed\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Documents\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Invincible.DVDRip.XviD-DiAMOND.[www.torrentfive.com]\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Music\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Music\fernanda paes leme\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Music\PB.cacau\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Music\Playboy – Juliana Salimenim (Pânico) – Janeiro 2010\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Observe And Report.2009.DvdScr.Xvid {1337x}-Noir\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Downloads\Programs\Brazukas Evolution 2009 v1.3\Extras\Ballpacks\Ballpack Oficial Evolution by Joatan Show Man\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Meus arquivos recebidos\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas imagens\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas imagens\demotivados\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas imagens\Nova pasta\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\air race\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\fotos da festa\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\fts sampa\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\futebol\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\futebol\Henry\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\futebol\italia\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\futebol\vasco\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\iTunes\imagem\Milan\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\Los Hermanos - 4\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\Los Hermanos - Bloco Do Eu Sozinho\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\Los Hermanos - Los Hermanos\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\Minhas músicas\Los Hermanos - Ventura\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\My Videos\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\Marcus\Meus documentos\seriados\Thumbs.db <- Successfully deleted.
C:\downloads\Thumbs.db <- Successfully deleted.
C:\Fotos\Roca Sales\Thumbs.db <- Successfully deleted.
C:\Fotos\Seminario BSeguros\Ade\Thumbs.db <- Successfully deleted.
C:\Fotos\Seminario BSeguros\Ana\Thumbs.db <- Successfully deleted.
C:\Fotos\Seminario BSeguros\Ideal\Thumbs.db <- Successfully deleted.
C:\Fotos\Seminario BSeguros\Renato_Diniz\Thumbs.db <- Successfully deleted.
C:\WINDOWS\network diagnostic\Sqm\NetDiag00.sqm <- Successfully deleted.
C:\WINDOWS\network diagnostic\Sqm\NetDiag01.sqm <- Successfully deleted.
C:\WINDOWS\network diagnostic\Sqm\NetDiag02.sqm <- Successfully deleted.
C:\WINDOWS\network diagnostic\Sqm\NetDiag03.sqm <- Successfully deleted.
C:\WINDOWS\Resources\Themes\NGX\NeoGeniX\Cursors\Thumbs.db <- Successfully deleted.
C:\WINDOWS\Resources\Themes\NGX\NeoGeniX\Shell\NormalColor\Thumbs.db <- Successfully deleted.
C:\WINDOWS\Resources\Themes\NGX\NeoGeniX\Wallpaper\Thumbs.db <- Successfully deleted.
C:\WINDOWS\Resources\Themes\NGX\NeoGeniX Compact\Shell\NormalColor\Thumbs.db <- Successfully deleted.
Total space cleaned: 505774741 bytes
-=E.O.F=-
Bom Dia! .matiello
Boa noite! DigRamNão consegui baixar o lspfix
<!> Tente agora!
<!> Poste,também,ComboFix.txt
Abraços!
Bom dia! DigRam
ComboFix 10-05-23.07 - Marcus 26/05/2010 10:40:42.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2045.1569 [GMT -3:00]
Executando de: c:\documents and settings\Marcus\Desktop\ComboFix.exe
Comandos utilizados :: c:\documents and settings\Marcus\Desktop\CFScript.txt
AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ESET Smart Security 3.0 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus On-access scanning disabled (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Firewall pessoal do ESET disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: Outpost Firewall disabled {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
* AV residente está ativo
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NOD32KRN
-------\Service_NOD32krn
-------\Service_npggsvc
(((((((((((((((( Arquivos/Ficheiros criados de 2010-04-26 to 2010-05-26 ))))))))))))))))))))))))))))
.
2010-05-26 00:38 . 2010-05-26 00:45 -------- d-----w- c:\arquivos de programas\cFosSpeed
2010-05-26 00:38 . 2009-10-30 15:25 288472 ------w- c:\windows\system32\cfosspeed.dll
2010-05-24 23:07 . 2008-04-13 22:20 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-05-24 23:06 . 2001-09-06 02:50 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2010-05-24 23:05 . 2001-09-06 02:49 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2010-05-24 23:04 . 2001-09-06 02:49 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2010-05-24 23:03 . 2008-04-13 14:41 17664 -c--a-w- c:\windows\system32\dllcache\ppa3.sys
2010-05-24 23:02 . 2001-09-06 02:49 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-05-24 23:01 . 2001-08-18 00:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2010-05-24 23:00 . 2008-04-13 22:18 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2010-05-24 22:59 . 2001-08-18 00:28 488383 -c--a-w- c:\windows\system32\dllcache\hsf_v124.sys
2010-05-24 22:58 . 2001-09-06 02:50 46080 -c--a-w- c:\windows\system32\dllcache\esunib.dll
2010-05-24 22:57 . 2001-09-06 02:50 28672 -c--a-w- c:\windows\system32\dllcache\cyycoins.dll
2010-05-24 22:56 . 2001-09-06 02:12 14080 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-05-24 22:55 . 2001-09-06 02:50 61952 -c--a-w- c:\windows\system32\dllcache\acerscad.dll
2010-05-24 14:34 . 2010-05-24 14:36 -------- d-----w- C:\ToolBar SD
2010-05-24 14:26 . 2010-05-24 14:26 -------- d-----w- C:\toolb
2010-05-23 23:05 . 2010-05-23 23:05 -------- d-----w- C:\_OTL
2010-05-23 17:48 . 2008-04-13 14:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2010-05-23 17:48 . 2008-04-13 14:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\arquivos de programas\TD74 Corporation
2010-05-23 17:39 . 2006-09-19 17:26 212992 ----a-w- c:\windows\VMSnap23.exe
2010-05-23 17:39 . 2006-06-28 05:54 49152 ----a-w- c:\windows\Domino.exe
2010-05-23 17:39 . 2006-03-30 23:24 81920 ----a-w- c:\windows\VMCap323.exe
2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\windows\CatRoot
2010-05-23 17:39 . 2007-04-24 14:56 257408 ----a-w- c:\windows\system32\drivers\usbvm323.sys
2010-05-23 16:58 . 2010-05-23 16:58 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-sse.dll
2010-05-23 16:58 . 2010-05-23 16:58 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-d3d.dll
2010-05-23 16:58 . 2010-05-23 16:58 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcp71.dll
2010-05-23 16:58 . 2010-05-23 16:58 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\jmc.dll
2010-05-23 16:58 . 2010-05-23 16:58 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcr71.dll
2010-05-22 12:46 . 2010-05-22 12:46 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-22 01:49 . 2010-05-22 12:45 -------- d-----w- c:\arquivos de programas\Pryme
2010-05-22 01:47 . 2010-05-22 12:45 -------- d-----w- C:\cmos
2010-05-22 01:25 . 2010-05-22 01:25 -------- d-----w- c:\arquivos de programas\STV
2010-05-09 14:32 . 2010-05-09 22:25 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NCH Swift Sound
2010-05-09 14:32 . 2010-05-09 14:32 -------- d-----w- c:\arquivos de programas\NCH Software
2010-05-09 14:31 . 2010-05-09 22:26 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\NCH Swift Sound
2010-05-09 14:28 . 2010-05-09 14:28 -------- d-----w- c:\arquivos de programas\MIKSOFT
2010-05-07 16:58 . 2010-05-07 16:58 152064 ----a-w- c:\windows\snap.dat
2010-05-07 16:55 . 2010-04-12 20:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-01 04:10 . 2010-05-01 05:43 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\TS3Client
2010-05-01 04:09 . 2010-05-01 04:09 -------- d-----w- c:\arquivos de programas\TeamSpeak 3 Client
2010-04-28 01:05 . 2010-04-28 01:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia
2010-04-28 01:01 . 2010-04-28 01:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite
2010-04-28 01:00 . 2010-04-28 01:00 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution
2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys
2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys
2010-04-28 01:00 . 2007-02-22 13:15 8320 ----a-w- c:\windows\system32\drivers\nmwcdc.sys
2010-04-28 01:00 . 2007-02-22 13:15 137216 ----a-w- c:\windows\system32\drivers\nmwcd.sys
2010-04-28 01:00 . 2007-02-22 13:15 65536 ----a-w- c:\windows\system32\nmwcdcocls.dll
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-26 13:32 . 2008-11-15 14:03 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\uTorrent
2010-05-25 23:37 . 2007-05-21 21:11 -------- d-----w- c:\arquivos de programas\Serviços on-line
2010-05-25 12:11 . 2008-11-15 14:03 -------- d-----w- c:\arquivos de programas\uTorrent
2010-05-25 01:55 . 2007-05-21 22:36 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield
2010-05-24 14:30 . 2007-06-07 11:06 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-22 12:46 . 2008-11-05 21:01 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS
2010-05-22 10:51 . 2009-09-02 12:01 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2010-05-22 01:25 . 2007-05-21 22:37 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2010-05-19 18:57 . 2010-03-07 03:52 -------- d-----w- c:\arquivos de programas\Full Tilt Poker
2010-05-12 20:51 . 2007-05-23 22:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help
2010-05-12 01:42 . 2008-11-27 23:07 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\LimeWire
2010-05-11 03:09 . 2009-09-22 01:36 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live
2010-05-07 16:55 . 2008-03-08 17:38 -------- d-----w- c:\arquivos de programas\Java
2010-05-01 02:20 . 2007-05-23 22:37 -------- d-----w- c:\arquivos de programas\CCleaner
2010-04-28 14:33 . 2008-10-11 12:19 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\Nokia Multimedia Player
2010-04-28 01:28 . 2008-11-28 00:03 -------- d-----w- c:\arquivos de programas\LG PC Suite II
2010-04-28 01:05 . 2008-10-11 11:01 -------- d-----w- c:\arquivos de programas\Nokia
2010-04-19 19:50 . 2009-11-04 15:12 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack
2010-04-16 18:00 . 2010-04-19 19:50 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-03 19:22 . 2010-04-03 19:22 2336 ----a-w- C:\boot.bat
2010-03-15 09:31 . 2002-10-15 22:54 165376 ----a-w- c:\windows\system32\unrar.dll
2010-03-12 15:05 . 2010-03-12 15:05 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcp71.dll
2010-03-12 15:05 . 2010-03-12 15:05 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\jmc.dll
2010-03-12 15:05 . 2010-03-12 15:05 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcr71.dll
2010-03-12 15:05 . 2010-03-12 15:05 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-sse.dll
2010-03-12 15:05 . 2010-03-12 15:05 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-d3d.dll
2010-03-12 15:04 . 2004-08-04 12:00 79832 ----a-w- c:\windows\system32\perfc016.dat
2010-03-12 15:04 . 2004-08-04 12:00 470730 ----a-w- c:\windows\system32\perfh016.dat
2010-03-10 06:16 . 2004-08-04 07:45 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-02 04:19 . 2010-02-25 16:01 26112 ----a-w- c:\windows\system32\drivers\tap0901.sys
2010-02-26 15:05 . 2010-02-26 15:05 72488 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2009-09-04 21:00 . 2009-09-04 21:00 916430 ----a-w- c:\arquivos de programas\Apr2006_MDX1_x86.cab
2008-08-12 00:07 . 2008-07-17 22:49 29806 ----a-w- c:\arquivos de programas\megacubo_log.log
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\ssldivx.dll
.
------- Sigcheck -------
[7] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . F86D3E5C8FE13297E1C2D662F9E2D59D . 578560 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2005-03-02 . 3ED0A4D74EFD5AAF8408095F452E2613 . 577536 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 732946EEAA1D8EE2A4FC24370827617B . 977920 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 45D521506825A10B80833B4E9621CCF6 . 1035264 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-05-24_14.57.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-26 13:50 . 2010-05-26 13:50 16384 c:\windows\Temp\Perflib_Perfdata_7d8.dat
+ 2010-05-26 13:50 . 2010-05-26 13:50 16384 c:\windows\Temp\Perflib_Perfdata_2b4.dat
+ 2010-05-26 13:38 . 2010-05-26 13:38 16384 c:\windows\Temp\Perflib_Perfdata_264.dat
+ 2001-10-28 18:07 . 2001-10-28 18:07 32256 c:\windows\system32\wupdmgr.exe
+ 2007-05-21 21:09 . 2001-10-28 18:07 35328 c:\windows\system32\winchat.exe
+ 2004-08-04 00:45 . 2008-04-13 22:20 76288 c:\windows\system32\usbui.dll
+ 2007-01-29 08:58 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2001-10-28 18:07 . 2001-10-28 18:07 83968 c:\windows\system32\tapiui.dll
+ 2001-10-28 18:07 . 2001-10-28 18:07 37376 c:\windows\system32\syskey.exe
+ 2007-05-21 21:09 . 2001-10-28 18:07 57344 c:\windows\system32\sol.exe
+ 2010-05-26 00:17 . 2005-12-03 00:38 41728 c:\windows\system32\ReinstallBackups\0022\DriverFiles\sfng32.sys
+ 2010-05-26 00:17 . 2008-04-14 02:21 23552 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\wdmaud.drv
+ 2010-05-26 00:17 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\stream.sys
+ 2010-05-26 00:17 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\drmk.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 35328 c:\windows\system32\pifmgr.dll
+ 2001-10-28 18:07 . 2001-10-28 18:07 31744 c:\windows\system32\ntsd.exe
+ 2001-10-28 18:07 . 2001-10-28 18:07 14848 c:\windows\system32\ntlanui2.dll
+ 2004-08-04 07:45 . 2008-04-13 22:21 70144 c:\windows\system32\notepad.exe
+ 2001-10-28 18:07 . 2001-10-28 18:07 90112 c:\windows\system32\mycomput.dll
+ 2008-04-14 01:57 . 2008-04-14 01:57 80896 c:\windows\system32\msshavmsg.dll
+ 2001-10-28 18:07 . 2001-10-28 18:07 62976 c:\windows\system32\msratelc.dll
+ 2001-10-28 18:07 . 2001-10-28 18:07 15872 c:\windows\system32\msidntld.dll
+ 2001-10-28 18:07 . 2001-10-28 18:07 47104 c:\windows\system32\mprui.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 48464 c:\windows\system32\jobexec.dll
+ 2007-05-23 22:03 . 2001-10-28 18:06 13312 c:\windows\system32\irclass.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 55808 c:\windows\system32\icmui.dll
+ 2001-09-05 23:50 . 2001-09-06 02:50 57344 c:\windows\system32\dvdplay.exe
+ 2001-10-28 18:06 . 2001-10-28 18:06 47104 c:\windows\system32\drwtsn32.exe
+ 2004-08-03 23:08 . 2004-07-09 07:27 48512 c:\windows\system32\drivers\stream.sys
+ 2004-08-03 23:08 . 2008-04-13 14:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2009-10-17 10:23 . 2002-12-12 03:14 77824 c:\windows\system32\dpmodemx.dll
+ 2010-05-24 23:07 . 2001-09-06 02:50 23040 c:\windows\system32\dllcache\xrxwbtmp.dll
+ 2010-05-24 23:07 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\xrxftplt.exe
+ 2007-05-21 21:09 . 2008-04-14 02:20 11776 c:\windows\system32\dllcache\xolehlp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 50176 c:\windows\system32\dllcache\xmlprovi.dll
+ 2010-05-24 23:07 . 2001-09-06 02:50 99865 c:\windows\system32\dllcache\xlog.exe
+ 2010-05-24 23:07 . 2001-08-17 23:11 16970 c:\windows\system32\dllcache\xem336n5.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 30720 c:\windows\system32\dllcache\xcopy.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 91648 c:\windows\system32\dllcache\xactsrv.dll
+ 2004-08-04 00:45 . 2008-04-14 02:20 52736 c:\windows\system32\dllcache\wzcsapi.dll
+ 2010-05-24 23:07 . 2008-04-13 12:34 19455 c:\windows\system32\dllcache\wvchntxx.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 32256 c:\windows\system32\dllcache\wupdmgr.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 18432 c:\windows\system32\dllcache\wtsapi32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 51200 c:\windows\system32\dllcache\wstdecod.dll
+ 2007-08-18 17:22 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\wsock32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 41984 c:\windows\system32\dllcache\wsnmp32.dll
+ 2010-05-24 23:07 . 2008-04-13 12:34 12063 c:\windows\system32\dllcache\wsiintxx.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\wshtcpip.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 11264 c:\windows\system32\dllcache\wshrm.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\wship6.dll
+ 2004-08-04 07:45 . 2008-05-09 10:55 90112 c:\windows\system32\dllcache\wshext.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 36864 c:\windows\system32\dllcache\wshcon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 80896 c:\windows\system32\dllcache\wscsvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 13824 c:\windows\system32\dllcache\wscntfy.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 19968 c:\windows\system32\dllcache\ws2help.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 82432 c:\windows\system32\dllcache\ws2_32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 11776 c:\windows\system32\dllcache\wpnpinst.exe
+ 2001-09-05 23:50 . 2001-10-28 18:06 14336 c:\windows\system32\dllcache\wowfaxui.dll
+ 2007-05-21 21:10 . 2004-08-04 07:45 73728 c:\windows\system32\dllcache\wmplayer.exe
+ 2007-05-21 21:09 . 2008-04-14 02:20 97792 c:\windows\system32\dllcache\wmiutils.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 41472 c:\windows\system32\dllcache\wmipsess.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 62464 c:\windows\system32\dllcache\wmipjobj.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 61952 c:\windows\system32\dllcache\wmipiprt.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 60928 c:\windows\system32\dllcache\wmicookr.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 88576 c:\windows\system32\dllcache\wmiaprpl.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 93184 c:\windows\system32\dllcache\wlnotify.dll
+ 2010-05-24 23:07 . 2001-09-06 02:22 34890 c:\windows\system32\dllcache\wlandrv2.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 69120 c:\windows\system32\dllcache\wlanapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 53760 c:\windows\system32\dllcache\winsta.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\winshfhc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 99840 c:\windows\system32\dllcache\winscard.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\winrnr.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 32256 c:\windows\system32\dllcache\winipsec.dll
+ 2007-05-21 21:09 . 2001-10-28 18:07 35328 c:\windows\system32\dllcache\winchat.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 75776 c:\windows\system32\dllcache\wiascr.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 54272 c:\windows\system32\dllcache\wiamsmud.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 68096 c:\windows\system32\dllcache\webclnt.dll
+ 2004-08-03 23:15 . 2008-04-13 19:17 83072 c:\windows\system32\dllcache\wdmaud.sys
+ 2004-08-04 00:45 . 2008-04-14 02:21 23552 c:\windows\system32\dllcache\wdmaud.drv
+ 2004-08-04 07:45 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2010-05-24 23:06 . 2008-04-13 12:34 23615 c:\windows\system32\dllcache\wch7xxnt.sys
+ 2010-05-24 23:06 . 2008-04-13 21:53 32000 c:\windows\system32\dllcache\wceusbsh.sys
+ 2010-05-24 23:06 . 2001-08-17 23:10 35871 c:\windows\system32\dllcache\wbfirdma.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\wbemsvc.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\wbemprox.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\wbemperf.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\wbemcons.dll
+ 2008-08-30 19:21 . 2004-08-04 01:29 25471 c:\windows\system32\dllcache\watv10nt.sys
+ 2008-08-30 19:21 . 2004-08-04 01:29 22271 c:\windows\system32\dllcache\watv06nt.sys
+ 2010-05-24 23:06 . 2008-04-13 12:34 33599 c:\windows\system32\dllcache\watv04nt.sys
+ 2010-05-24 23:06 . 2008-04-13 12:34 19551 c:\windows\system32\dllcache\watv02nt.sys
+ 2010-05-24 23:06 . 2008-04-13 12:34 29311 c:\windows\system32\dllcache\watv01nt.sys
+ 2004-08-04 06:07 . 2008-04-13 18:44 17664 c:\windows\system32\dllcache\watchdog.sys
+ 2004-08-04 06:04 . 2008-04-13 18:57 34560 c:\windows\system32\dllcache\wanarp.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 53248 c:\windows\system32\dllcache\wamreg51.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 78336 c:\windows\system32\dllcache\wam51.dll
+ 2008-08-30 19:21 . 2004-08-04 01:29 11935 c:\windows\system32\dllcache\wadv11nt.sys
+ 2008-08-30 19:21 . 2004-08-04 01:29 11871 c:\windows\system32\dllcache\wadv09nt.sys
+ 2008-08-30 19:21 . 2004-08-04 01:29 11295 c:\windows\system32\dllcache\wadv08nt.sys
+ 2008-08-30 19:21 . 2004-08-04 01:29 11807 c:\windows\system32\dllcache\wadv07nt.sys
+ 2010-05-24 23:06 . 2008-04-13 12:34 11775 c:\windows\system32\dllcache\wadv05nt.sys
+ 2010-05-24 23:06 . 2008-04-13 12:34 12127 c:\windows\system32\dllcache\wadv02nt.sys
+ 2010-05-24 23:06 . 2008-04-13 12:34 12415 c:\windows\system32\dllcache\wadv01nt.sys
+ 2008-04-13 18:43 . 2008-04-13 18:43 14208 c:\windows\system32\dllcache\wacompen.sys
+ 2007-05-21 21:10 . 2008-04-14 02:21 30208 c:\windows\system32\dllcache\wabmig.exe
+ 2010-05-24 23:06 . 2001-08-17 23:13 16925 c:\windows\system32\dllcache\w940nd.sys
+ 2010-05-24 23:06 . 2001-08-17 23:13 19016 c:\windows\system32\dllcache\w926nd.sys
+ 2010-05-24 23:06 . 2001-08-17 23:13 19528 c:\windows\system32\dllcache\w840nd.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 15872 c:\windows\system32\dllcache\w3ssl.dll
+ 2010-05-24 23:06 . 2001-08-18 00:28 64605 c:\windows\system32\dllcache\vvoice.sys
+ 2004-08-04 07:37 . 2008-04-14 01:53 53248 c:\windows\system32\dllcache\volsnap.sys
+ 2004-08-04 06:07 . 2008-04-13 18:44 81664 c:\windows\system32\dllcache\videoprt.sys
+ 2010-05-24 23:06 . 2001-08-18 00:49 24576 c:\windows\system32\dllcache\viairda.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2004-08-04 06:07 . 2008-04-13 18:44 20992 c:\windows\system32\dllcache\vga.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\version.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 26624 c:\windows\system32\dllcache\verifier.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 51712 c:\windows\system32\dllcache\vdmredir.dll
+ 2001-08-17 22:02 . 2001-10-28 18:06 58112 c:\windows\system32\dllcache\vdmindvd.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 26112 c:\windows\system32\dllcache\vdmdbg.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 11325 c:\windows\system32\dllcache\vchnt5.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 30749 c:\windows\system32\dllcache\vbajet32.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 49211 c:\windows\system32\dllcache\usrvpa.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 45116 c:\windows\system32\dllcache\usrvoica.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 49209 c:\windows\system32\dllcache\usrv80a.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 41019 c:\windows\system32\dllcache\usrsvpia.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 69700 c:\windows\system32\dllcache\usrshuta.exe
+ 2001-09-05 23:50 . 2001-10-28 18:06 49211 c:\windows\system32\dllcache\usrsdpia.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 77883 c:\windows\system32\dllcache\usrrtosa.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 61508 c:\windows\system32\dllcache\usrprbda.exe
+ 2001-09-05 23:50 . 2001-10-28 18:06 77891 c:\windows\system32\dllcache\usrmlnka.exe
+ 2001-09-05 23:50 . 2001-10-28 18:06 53305 c:\windows\system32\dllcache\usrlbva.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 86073 c:\windows\system32\dllcache\usrfaxa.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 77890 c:\windows\system32\dllcache\usrdpa.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 69699 c:\windows\system32\dllcache\usrcoina.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 61500 c:\windows\system32\dllcache\usrcntra.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 26112 c:\windows\system32\dllcache\userinit.exe
+ 2004-08-04 00:45 . 2008-04-13 22:20 76288 c:\windows\system32\dllcache\usbui.dll
+ 2004-08-04 06:08 . 2008-04-13 18:45 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2004-08-04 06:08 . 2008-04-13 18:45 26368 c:\windows\system32\dllcache\usbstor.sys
+ 2010-05-24 23:06 . 2008-04-13 14:45 26112 c:\windows\system32\dllcache\usbser.sys
+ 2010-05-24 23:06 . 2008-04-13 14:45 15104 c:\windows\system32\dllcache\usbscan.sys
+ 2010-05-24 23:06 . 2008-04-13 14:47 25856 c:\windows\system32\dllcache\usbprint.sys
+ 2010-05-24 23:06 . 2008-04-13 14:45 17152 c:\windows\system32\dllcache\usbohci.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\usbmon.dll
+ 2004-08-03 23:08 . 2008-04-13 18:45 15872 c:\windows\system32\dllcache\usbintel.sys
+ 2004-08-04 06:08 . 2008-04-13 18:45 59520 c:\windows\system32\dllcache\usbhub.sys
+ 2004-08-04 06:08 . 2008-04-13 18:45 30208 c:\windows\system32\dllcache\usbehci.sys
+ 2004-08-04 06:08 . 2008-04-13 18:45 32128 c:\windows\system32\dllcache\usbccgp.sys
+ 2001-08-17 22:03 . 2008-04-13 18:45 25728 c:\windows\system32\dllcache\usbcamd2.sys
+ 2001-08-17 22:03 . 2008-04-13 18:45 25600 c:\windows\system32\dllcache\usbcamd.sys
+ 2008-04-13 18:56 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023x.sys
+ 2004-08-04 06:04 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023.sys
+ 2010-05-24 23:06 . 2008-04-13 21:52 32384 c:\windows\system32\dllcache\usb101et.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 18432 c:\windows\system32\dllcache\ups.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 16896 c:\windows\system32\dllcache\upnpcont.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 13824 c:\windows\system32\dllcache\uniplat.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\unimdmat.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 94720 c:\windows\system32\dllcache\umaxud32.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\umaxu40.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 26624 c:\windows\system32\dllcache\umaxu22.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 69632 c:\windows\system32\dllcache\umaxu12.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 50688 c:\windows\system32\dllcache\umaxscan.dll
+ 2010-05-24 23:06 . 2001-08-18 00:58 22912 c:\windows\system32\dllcache\umaxpcls.sys
+ 2010-05-24 23:06 . 2001-09-06 02:50 50176 c:\windows\system32\dllcache\umaxp60.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 47616 c:\windows\system32\dllcache\umaxcam.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 36864 c:\windows\system32\dllcache\umandlg.dll
+ 2010-05-24 23:06 . 2001-08-18 00:52 36736 c:\windows\system32\dllcache\ultra.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 26624 c:\windows\system32\dllcache\udhisapi.dll
+ 2004-08-04 06:00 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 44672 c:\windows\system32\dllcache\uagp35.sys
+ 2010-05-24 23:06 . 2001-08-18 00:48 11520 c:\windows\system32\dllcache\twotrack.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 57856 c:\windows\system32\dllcache\twext.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 50688 c:\windows\system32\dllcache\twain_32.dll
+ 2004-08-03 23:03 . 2008-04-13 18:56 12288 c:\windows\system32\dllcache\tunmp.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 50688 c:\windows\system32\dllcache\tspkg.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 53248 c:\windows\system32\dllcache\tsgqec.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 12168 c:\windows\system32\dllcache\tsddd.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 93696 c:\windows\system32\dllcache\tscfgwmi.dll
+ 2001-08-17 22:06 . 2001-10-28 18:06 21376 c:\windows\system32\dllcache\tsbvcap.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 90112 c:\windows\system32\dllcache\trkwks.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 12800 c:\windows\system32\dllcache\tracert.exe
+ 2010-05-24 23:06 . 2001-08-17 23:12 34375 c:\windows\system32\dllcache\tpro4.sys
+ 2010-05-24 23:06 . 2001-09-06 02:49 43008 c:\windows\system32\dllcache\tp4res.dll
+ 2010-05-24 23:06 . 2008-04-13 22:21 82944 c:\windows\system32\dllcache\tp4mon.exe
+ 2010-05-24 23:06 . 2001-09-06 02:50 31744 c:\windows\system32\dllcache\tp4.dll
+ 2001-08-17 22:01 . 2001-10-28 18:06 51712 c:\windows\system32\dllcache\tosdvd.sys
+ 2010-05-24 23:06 . 2001-08-17 23:10 28232 c:\windows\system32\dllcache\tos4mo.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 33792 c:\windows\system32\dllcache\tools.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 73728 c:\windows\system32\dllcache\tlntsvr.exe
+ 2004-08-04 07:45 . 2009-06-15 10:44 81408 c:\windows\system32\dllcache\tlntsess.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 62976 c:\windows\system32\dllcache\tlntadmn.exe
+ 2007-05-21 21:09 . 2008-04-14 02:21 40840 c:\windows\system32\dllcache\termdd.sys
+ 2004-08-04 07:45 . 2009-06-15 10:44 77824 c:\windows\system32\dllcache\telnet.exe
+ 2007-05-21 21:09 . 2008-04-14 02:21 21896 c:\windows\system32\dllcache\tdtcp.sys
+ 2007-05-21 21:09 . 2008-04-14 02:21 12040 c:\windows\system32\dllcache\tdpipe.sys
+ 2010-05-24 23:05 . 2001-08-17 23:13 17129 c:\windows\system32\dllcache\tdkcd31.sys
+ 2010-05-24 23:05 . 2001-08-17 23:13 37961 c:\windows\system32\dllcache\tdk100b.sys
+ 2004-08-04 06:07 . 2008-04-13 19:00 19072 c:\windows\system32\dllcache\tdi.sys
+ 2007-05-21 21:12 . 2008-04-14 02:21 32827 c:\windows\system32\dllcache\tcptest.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 46080 c:\windows\system32\dllcache\tcpmon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 14848 c:\windows\system32\dllcache\tcpmib.dll
+ 2010-05-24 23:05 . 2001-08-18 00:49 30464 c:\windows\system32\dllcache\tbatm155.sys
+ 2001-10-28 18:07 . 2008-04-14 02:21 78848 c:\windows\system32\dllcache\tasklist.exe
+ 2001-10-28 18:07 . 2008-04-14 02:21 77824 c:\windows\system32\dllcache\taskkill.exe
+ 2001-10-28 18:07 . 2001-10-28 18:07 83968 c:\windows\system32\dllcache\tapiui.dll
+ 2004-08-04 06:00 . 2008-04-13 18:40 14976 c:\windows\system32\dllcache\tape.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 34304 c:\windows\system32\dllcache\tabletoc.dll
+ 2010-05-24 23:05 . 2001-08-17 23:50 36640 c:\windows\system32\dllcache\t2r4mini.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 37376 c:\windows\system32\dllcache\syskey.exe
+ 2001-10-28 18:07 . 2008-04-14 02:21 73216 c:\windows\system32\dllcache\sysinfo.exe
+ 2004-08-03 23:15 . 2008-04-13 19:15 60800 c:\windows\system32\dllcache\sysaudio.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 57856 c:\windows\system32\dllcache\synceng.dll
+ 2010-05-24 23:05 . 2001-08-18 01:07 32640 c:\windows\system32\dllcache\symc8xx.sys
+ 2010-05-24 23:05 . 2001-08-18 01:07 16256 c:\windows\system32\dllcache\symc810.sys
+ 2010-05-24 23:05 . 2001-08-18 01:07 30688 c:\windows\system32\dllcache\sym_u3.sys
+ 2010-05-24 23:05 . 2001-08-18 01:07 28384 c:\windows\system32\dllcache\sym_hi.sys
+ 2010-05-24 23:05 . 2001-09-06 02:50 94293 c:\windows\system32\dllcache\sxports.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 10240 c:\windows\system32\dllcache\swpidflt.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 10240 c:\windows\system32\dllcache\swpdflt2.dll
+ 2001-08-17 22:00 . 2008-04-13 18:45 56576 c:\windows\system32\dllcache\swmidi.sys
+ 2010-05-24 23:05 . 2001-09-06 02:50 53760 c:\windows\system32\dllcache\sw_wheel.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\sw_effct.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 14336 c:\windows\system32\dllcache\svchost.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 46592 c:\windows\system32\dllcache\svcext51.dll
+ 2004-08-04 07:45 . 2009-10-21 05:39 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2007-08-18 17:22 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2004-08-03 23:08 . 2004-07-09 07:27 48512 c:\windows\system32\dllcache\stream.sys
+ 2007-05-21 17:18 . 2008-04-13 21:20 75776 c:\windows\system32\dllcache\storprop.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 53248 c:\windows\system32\dllcache\stlncoin.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 86528 c:\windows\system32\dllcache\stdprov.dll
+ 2010-05-24 23:05 . 2001-09-06 02:06 17024 c:\windows\system32\dllcache\stcusb.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 59392 c:\windows\system32\dllcache\stclient.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 33280 c:\windows\system32\dllcache\sstub.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 14336 c:\windows\system32\dllcache\ssstars.scr
+ 2008-04-14 02:20 . 2008-04-14 02:20 46592 c:\windows\system32\dllcache\sspifilt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 18944 c:\windows\system32\dllcache\ssmyst.scr
+ 2004-08-04 07:45 . 2008-04-14 02:21 47104 c:\windows\system32\dllcache\ssmypics.scr
+ 2004-08-04 07:45 . 2008-04-14 02:21 20992 c:\windows\system32\dllcache\ssmarque.scr
+ 2008-04-14 02:20 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\ssinc51.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\ssdpsrv.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 34816 c:\windows\system32\dllcache\ssdpapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 19968 c:\windows\system32\dllcache\ssbezier.scr
+ 2010-05-24 23:05 . 2001-08-17 23:11 48736 c:\windows\system32\dllcache\srwlnd5.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 96768 c:\windows\system32\dllcache\srvsvc.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 99328 c:\windows\system32\dllcache\srusd.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 58434 c:\windows\system32\dllcache\srchctls.dll
+ 2007-05-21 21:10 . 2008-04-14 02:02 73472 c:\windows\system32\dllcache\sr.sys
+ 2010-05-24 23:05 . 2001-09-06 02:50 24660 c:\windows\system32\dllcache\spxupchk.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 72192 c:\windows\system32\dllcache\sprio800.dll
+ 2001-09-05 23:50 . 2001-10-28 18:06 70656 c:\windows\system32\dllcache\sprio600.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 57856 c:\windows\system32\dllcache\spoolsv.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\spoolss.dll
+ 2004-08-04 07:45 . 2008-04-13 22:21 11264 c:\windows\system32\dllcache\spnpinst.exe
+ 2001-09-05 23:50 . 2001-10-28 18:06 69632 c:\windows\system32\dllcache\spnike.dll
+ 2004-08-04 05:59 . 2008-04-13 18:43 12800 c:\windows\system32\dllcache\spiisupd.exe
+ 2004-08-04 07:44 . 2008-04-13 16:43 62976 c:\windows\system32\dllcache\spgrmr.dll
+ 2010-05-24 23:05 . 2001-08-18 00:51 61824 c:\windows\system32\dllcache\speed.sys
+ 2010-05-24 23:05 . 2001-08-18 01:07 19072 c:\windows\system32\dllcache\sparrow.sys
+ 2001-10-28 18:07 . 2008-04-14 02:21 25600 c:\windows\system32\dllcache\sort.exe
+ 2010-05-24 23:05 . 2001-08-17 23:51 37040 c:\windows\system32\dllcache\sonypi.sys
+ 2010-05-24 23:05 . 2001-08-17 23:51 20752 c:\windows\system32\dllcache\sonync.sys
+ 2004-08-03 23:09 . 2008-04-13 18:46 25344 c:\windows\system32\dllcache\sonydcam.sys
+ 2007-05-21 21:09 . 2001-10-28 18:07 57344 c:\windows\system32\dllcache\sol.exe
+ 2007-06-15 08:04 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\snmpthrd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\snmpapi.dll
+ 2007-06-15 08:04 . 2008-04-14 02:21 33280 c:\windows\system32\dllcache\snmp.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 34816 c:\windows\system32\dllcache\sniffpol.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 10752 c:\windows\system32\dllcache\smtpapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 50688 c:\windows\system32\dllcache\smss.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 90624 c:\windows\system32\dllcache\smlogsvc.exe
+ 2010-05-24 23:05 . 2001-08-17 23:51 58368 c:\windows\system32\dllcache\smiminib.sys
+ 2010-05-24 23:05 . 2001-08-17 23:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys
+ 2010-05-24 23:05 . 2001-09-06 02:29 36425 c:\windows\system32\dllcache\smcirda.sys
+ 2010-05-24 23:05 . 2001-08-17 23:12 24576 c:\windows\system32\dllcache\smc8000n.sys
+ 2010-05-24 23:05 . 2008-04-13 14:36 16000 c:\windows\system32\dllcache\smbbatt.sys
+ 2010-05-24 23:05 . 2001-09-06 02:50 45568 c:\windows\system32\dllcache\smb3w.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 33792 c:\windows\system32\dllcache\smb0w.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 28672 c:\windows\system32\dllcache\sma0w.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\sm91w.dll
+ 2008-08-30 19:21 . 2004-08-04 01:41 13240 c:\windows\system32\dllcache\slwdmsup.sys
+ 2008-04-14 02:21 . 2008-04-14 02:21 73796 c:\windows\system32\dllcache\slserv.exe
+ 2008-04-14 02:21 . 2008-04-14 02:21 32866 c:\windows\system32\dllcache\slrundll.exe
+ 2008-08-30 19:21 . 2004-08-04 01:41 95424 c:\windows\system32\dllcache\slnthal.sys
+ 2007-08-18 17:22 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 73832 c:\windows\system32\dllcache\slcoinst.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 98304 c:\windows\system32\dllcache\slbiop.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 25600 c:\windows\system32\dllcache\slayerxp.dll
+ 2010-05-24 23:05 . 2008-04-13 12:35 63547 c:\windows\system32\dllcache\sla30nd5.sys
+ 2010-05-24 23:05 . 2001-08-17 23:12 91294 c:\windows\system32\dllcache\skfpwin.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 26112 c:\windows\system32\dllcache\skeys.exe
+ 2010-05-24 23:05 . 2001-09-06 02:29 94890 c:\windows\system32\dllcache\sk98xwin.sys
+ 2010-05-24 23:05 . 2001-08-17 23:50 50432 c:\windows\system32\dllcache\sisv.sys
+ 2010-05-24 23:05 . 2008-04-13 12:35 32768 c:\windows\system32\dllcache\sisnic.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2010-05-24 23:05 . 2001-08-17 23:50 68608 c:\windows\system32\dllcache\sis6306p.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 13824 c:\windows\system32\dllcache\sigtab.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 20480 c:\windows\system32\dllcache\shutdown.exe
+ 2007-05-21 21:12 . 2008-04-14 02:21 16437 c:\windows\system32\dllcache\shtml.exe
+ 2007-05-21 21:12 . 2008-04-14 02:20 20536 c:\windows\system32\dllcache\shtml.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 45056 c:\windows\system32\dllcache\shmgrate.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 65024 c:\windows\system32\dllcache\shimeng.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 68096 c:\windows\system32\dllcache\shgina.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\shfolder.dll
+ 2010-05-24 23:04 . 2001-07-22 01:29 18400 c:\windows\system32\dllcache\sgsmld.sys
+ 2010-05-24 23:04 . 2001-08-17 23:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys
+ 2010-05-24 23:04 . 2001-08-17 23:19 36480 c:\windows\system32\dllcache\sfmanm.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 11392 c:\windows\system32\dllcache\sfloppy.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 11008 c:\windows\system32\dllcache\sffp_sd.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 11904 c:\windows\system32\dllcache\sffdisk.sys
+ 2008-04-14 02:21 . 2008-04-14 02:21 32768 c:\windows\system32\dllcache\setupn.exe
+ 2007-05-21 21:10 . 2008-04-14 02:21 73728 c:\windows\system32\dllcache\setup50.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 32768 c:\windows\system32\dllcache\sethc.exe
+ 2010-05-24 23:04 . 2001-09-06 02:27 18176 c:\windows\system32\dllcache\sermouse.sys
+ 2004-08-04 07:37 . 2008-04-14 01:55 65536 c:\windows\system32\dllcache\serial.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 15744 c:\windows\system32\dllcache\serenum.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 39424 c:\windows\system32\dllcache\sens.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\sendcmsg.dll
+ 2004-08-04 07:45 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\seclogon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 19456 c:\windows\system32\dllcache\secedit.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 29184 c:\windows\system32\dllcache\sdhcinst.dll
+ 2004-08-04 06:07 . 2008-04-13 18:36 79232 c:\windows\system32\dllcache\sdbus.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 77824 c:\windows\system32\dllcache\sdbinst.exe
+ 2010-05-24 23:04 . 2008-04-13 14:45 11520 c:\windows\system32\dllcache\scsiscan.sys
+ 2010-05-24 23:04 . 2001-08-18 00:52 11648 c:\windows\system32\dllcache\scsiprnt.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 96384 c:\windows\system32\dllcache\scsiport.sys
+ 2007-05-21 21:09 . 2008-04-14 02:21 36352 c:\windows\system32\dllcache\scrcons.exe
+ 2010-05-24 23:04 . 2001-09-06 02:27 17408 c:\windows\system32\dllcache\scr111.sys
+ 2010-05-24 23:04 . 2001-09-06 02:27 16768 c:\windows\system32\dllcache\scmstcs.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\sclgntfy.dll
+ 2010-05-24 23:04 . 2001-08-18 00:51 23936 c:\windows\system32\dllcache\sccmusbm.sys
+ 2010-05-24 23:04 . 2001-09-06 02:26 24064 c:\windows\system32\dllcache\sccmn50m.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 99328 c:\windows\system32\dllcache\scardsvr.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 69632 c:\windows\system32\dllcache\scarddlg.dll
+ 2010-05-24 23:04 . 2008-04-13 14:40 43904 c:\windows\system32\dllcache\sbp2port.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 13824 c:\windows\system32\dllcache\savedump.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 64000 c:\windows\system32\dllcache\samlib.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 45568 c:\windows\system32\dllcache\safrslv.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\safrdm.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\safrcdlg.dll
+ 2010-05-24 23:04 . 2001-08-17 23:50 75392 c:\windows\system32\dllcache\s3savmxm.sys
+ 2010-05-24 23:04 . 2001-08-17 23:50 77824 c:\windows\system32\dllcache\s3sav4m.sys
+ 2010-05-24 23:04 . 2001-08-17 23:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys
+ 2010-05-24 23:04 . 2001-09-06 02:49 62496 c:\windows\system32\dllcache\s3mtrio.dll
+ 2010-05-24 23:04 . 2001-08-17 23:50 41216 c:\windows\system32\dllcache\s3mt3d.sys
+ 2010-05-24 23:04 . 2001-08-18 00:57 65664 c:\windows\system32\dllcache\s3legacy.sys
+ 2010-05-24 22:55 . 2001-09-06 02:49 66048 c:\windows\system32\dllcache\s3legacy.dll
+ 2010-05-24 23:04 . 2001-09-06 02:50 83456 c:\windows\system32\dllcache\rwia450.dll
+ 2010-05-24 23:04 . 2001-09-06 02:50 80896 c:\windows\system32\dllcache\rwia430.dll
+ 2010-05-24 23:04 . 2008-04-13 22:20 29696 c:\windows\system32\dllcache\rw450ext.dll
+ 2010-05-24 23:04 . 2008-04-13 22:20 28160 c:\windows\system32\dllcache\rw430ext.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 29184 c:\windows\system32\dllcache\rw330ext.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 28160 c:\windows\system32\dllcache\rw001ext.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 14336 c:\windows\system32\dllcache\runonce.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 44032 c:\windows\system32\dllcache\rtutils.dll
+ 2010-05-24 23:04 . 2008-04-13 12:35 20992 c:\windows\system32\dllcache\rtl8139.sys
+ 2010-05-24 23:04 . 2001-08-17 23:12 19017 c:\windows\system32\dllcache\rtl8029.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 31744 c:\windows\system32\dllcache\rtipxmib.dll
+ 2010-05-24 23:04 . 2001-08-17 23:19 30720 c:\windows\system32\dllcache\rthwcls.sys
+ 2001-10-28 18:07 . 2008-04-14 02:20 92672 c:\windows\system32\dllcache\rsvpsp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\rsmps.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\rshx32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 15872 c:\windows\system32\dllcache\rsh.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\rrcm.dll
+ 2010-05-24 23:04 . 2008-04-13 21:54 79360 c:\windows\system32\dllcache\rocket.sys
+ 2008-04-13 18:56 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismpx.sys
+ 2004-08-04 06:04 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismp.sys
+ 2010-05-24 23:04 . 2001-08-17 23:12 37563 c:\windows\system32\dllcache\rlnet5.sys
+ 2001-08-17 21:24 . 2001-10-28 18:06 12032 c:\windows\system32\dllcache\riodrv.sys
+ 2001-08-17 21:24 . 2001-10-28 18:06 12032 c:\windows\system32\dllcache\rio8drv.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 59136 c:\windows\system32\dllcache\rfcomm.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 14848 c:\windows\system32\dllcache\rexec.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 58880 c:\windows\system32\dllcache\resutils.dll
+ 2010-05-24 23:04 . 2001-09-06 02:50 86097 c:\windows\system32\dllcache\reslog32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 11776 c:\windows\system32\dllcache\regsvr32.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 59904 c:\windows\system32\dllcache\regsvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 49664 c:\windows\system32\dllcache\regapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 51200 c:\windows\system32\dllcache\reg.exe
+ 2007-05-21 18:07 . 2008-04-14 01:53 58240 c:\windows\system32\dllcache\redbook.sys
+ 2008-08-30 19:21 . 2004-08-04 01:41 13776 c:\windows\system32\dllcache\recagent.sys
+ 2007-05-21 21:09 . 2008-04-14 02:21 67072 c:\windows\system32\dllcache\rdshost.exe
+ 2007-05-21 21:09 . 2008-04-14 02:21 13824 c:\windows\system32\dllcache\rdsaddin.exe
+ 2007-05-21 21:09 . 2008-04-14 02:21 87176 c:\windows\system32\dllcache\rdpwsx.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 19968 c:\windows\system32\dllcache\rdpsnd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 92424 c:\windows\system32\dllcache\rdpdd.dll
+ 2007-05-21 21:09 . 2008-04-14 02:21 62976 c:\windows\system32\dllcache\rdpclip.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 23040 c:\windows\system32\dllcache\rcp.exe
+ 2010-05-24 23:04 . 2004-08-04 07:45 35840 c:\windows\system32\dllcache\rcimlby.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 58368 c:\windows\system32\dllcache\rastapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 16384 c:\windows\system32\dllcache\rassapi.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 61952 c:\windows\system32\dllcache\rasqec.dll
+ 2004-08-04 06:14 . 2008-04-13 19:19 48384 c:\windows\system32\dllcache\raspptp.sys
+ 2004-08-04 06:05 . 2008-04-13 18:57 41472 c:\windows\system32\dllcache\raspppoe.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\rasman.dll
+ 2004-08-04 06:14 . 2008-04-13 19:19 51328 c:\windows\system32\dllcache\rasl2tp.sys
+ 2010-05-24 23:04 . 2001-08-18 00:51 19584 c:\windows\system32\dllcache\rasirda.sys
+ 2004-08-04 07:45 . 2009-10-12 13:39 79872 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 88576 c:\windows\system32\dllcache\rasauto.dll
+ 2008-04-13 18:41 . 2008-04-13 18:41 20736 c:\windows\system32\dllcache\ramdisk.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\racpldlg.dll
+ 2010-05-24 23:04 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\qvusd.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 76800 c:\windows\system32\dllcache\qutil.dll
+ 2007-05-21 21:09 . 2008-04-14 02:21 20480 c:\windows\system32\dllcache\qprocess.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\qmgrprxy.dll
+ 2010-05-24 23:04 . 2001-08-18 00:52 49024 c:\windows\system32\dllcache\ql1280.sys
+ 2010-05-24 23:04 . 2001-08-18 00:52 40448 c:\windows\system32\dllcache\ql1240.sys
+ 2010-05-24 23:04 . 2001-08-18 00:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2010-05-24 23:04 . 2001-08-18 00:52 33152 c:\windows\system32\dllcache\ql10wnt.sys
+ 2010-05-24 23:04 . 2001-08-18 00:52 40320 c:\windows\system32\dllcache\ql1080.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 62464 c:\windows\system32\dllcache\qcliprov.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 34304 c:\windows\system32\dllcache\pstorsvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\pstorec.dll
+ 2010-05-24 23:04 . 2001-09-06 02:50 35328 c:\windows\system32\dllcache\psisload.dll
+ 2010-05-24 23:04 . 2001-09-06 02:21 16512 c:\windows\system32\dllcache\pscr.sys
+ 2004-08-04 06:04 . 2008-04-13 18:56 69120 c:\windows\system32\dllcache\psched.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\psapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 27648 c:\windows\system32\dllcache\profmap.dll
+ 2004-08-04 00:35 . 2008-04-14 01:51 39936 c:\windows\system32\dllcache\processr.sys
+ 2010-05-24 23:03 . 2001-08-18 00:53 17792 c:\windows\system32\dllcache\ppa.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\powrprof.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 49152 c:\windows\system32\dllcache\powercfg.exe
+ 2007-05-21 21:09 . 2008-04-14 02:20 92672 c:\windows\system32\dllcache\policman.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 58880 c:\windows\system32\dllcache\pnrpnsp.dll
+ 2004-08-04 00:45 . 2008-04-14 02:20 15360 c:\windows\system32\dllcache\pjlmon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 19456 c:\windows\system32\dllcache\ping.exe
+ 2001-10-28 18:07 . 2001-10-28 18:07 35328 c:\windows\system32\dllcache\pifmgr.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 24064 c:\windows\system32\dllcache\pidgen.dll
+ 2004-08-04 00:45 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\pid.dll
+ 2010-05-24 23:03 . 2001-08-18 01:07 19840 c:\windows\system32\dllcache\philtune.sys
+ 2010-05-24 23:03 . 2001-08-18 01:04 92416 c:\windows\system32\dllcache\phildec.sys
+ 2010-05-24 23:03 . 2001-08-18 01:04 75776 c:\windows\system32\dllcache\philcam1.sys
+ 2010-05-24 23:03 . 2001-09-06 02:50 16896 c:\windows\system32\dllcache\philcam1.dll
+ 2010-05-24 23:03 . 2008-04-13 14:44 28032 c:\windows\system32\dllcache\perm3.sys
+ 2010-05-24 23:03 . 2008-04-13 14:44 27904 c:\windows\system32\dllcache\perm2.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\perfproc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 26112 c:\windows\system32\dllcache\perfos.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 18432 c:\windows\system32\dllcache\perfnet.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 27136 c:\windows\system32\dllcache\perfdisk.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\perfctrs.dll
+ 2010-05-24 23:03 . 2001-08-18 01:07 27296 c:\windows\system32\dllcache\perc2.sys
+ 2010-05-24 23:03 . 2001-09-06 02:50 86016 c:\windows\system32\dllcache\pctspk.exe
+ 2010-05-24 23:03 . 2001-08-17 23:11 35328 c:\windows\system32\dllcache\pcntpci5.sys
+ 2010-05-24 23:03 . 2001-08-17 23:11 29769 c:\windows\system32\dllcache\pcntn5m.sys
+ 2010-05-24 23:03 . 2001-08-17 23:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys
+ 2010-05-24 23:03 . 2001-08-17 23:12 26153 c:\windows\system32\dllcache\pcmlm56.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2004-08-04 07:35 . 2008-04-14 02:02 68992 c:\windows\system32\dllcache\pci.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 38400 c:\windows\system32\dllcache\pchsvc.dll
+ 2010-05-24 23:03 . 2008-04-13 12:35 29502 c:\windows\system32\dllcache\pca200e.sys
+ 2010-05-24 23:03 . 2001-08-17 23:12 30495 c:\windows\system32\dllcache\pc100nds.sys
+ 2001-10-28 18:07 . 2008-04-13 18:40 19712 c:\windows\system32\dllcache\partmgr.sys
+ 2004-08-04 00:35 . 2008-04-14 02:02 80384 c:\windows\system32\dllcache\parport.sys
+ 2004-08-04 00:34 . 2008-04-14 02:02 46848 c:\windows\system32\dllcache\p3.sys
+ 2010-05-24 23:03 . 2001-09-06 02:50 42496 c:\windows\system32\dllcache\ovui2rc.dll
+ 2010-05-24 23:03 . 2001-09-06 02:50 44544 c:\windows\system32\dllcache\ovui2.dll
+ 2010-05-24 23:03 . 2001-08-18 01:05 25216 c:\windows\system32\dllcache\ovsound2.sys
+ 2010-05-24 23:03 . 2001-09-06 02:50 39424 c:\windows\system32\dllcache\ovcoms.exe
+ 2010-05-24 23:03 . 2001-09-06 02:50 20480 c:\windows\system32\dllcache\ovcomc.dll
+ 2010-05-24 23:03 . 2001-08-18 01:05 31872 c:\windows\system32\dllcache\ovce.sys
+ 2010-05-24 23:03 . 2001-08-18 01:05 28032 c:\windows\system32\dllcache\ovcd.sys
+ 2010-05-24 23:03 . 2001-08-18 01:05 48000 c:\windows\system32\dllcache\ovcam2.sys
+ 2010-05-24 23:03 . 2001-08-18 01:05 25088 c:\windows\system32\dllcache\ovca.sys
+ 2010-05-24 23:03 . 2001-09-06 02:15 54698 c:\windows\system32\dllcache\otcsercb.sys
+ 2010-05-24 23:03 . 2001-09-06 02:15 44009 c:\windows\system32\dllcache\otceth5.sys
+ 2010-05-24 23:03 . 2001-08-17 23:12 27209 c:\windows\system32\dllcache\otc06x5.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 70144 c:\windows\system32\dllcache\opnfiles.exe
+ 2010-05-24 23:03 . 2001-08-17 23:20 54528 c:\windows\system32\dllcache\opl3sax.sys
+ 2007-05-21 21:10 . 2008-04-14 02:21 51712 c:\windows\system32\dllcache\oobebaln.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 84992 c:\windows\system32\dllcache\olepro32.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 69632 c:\windows\system32\dllcache\oledb32r.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 37376 c:\windows\system32\dllcache\olecnv32.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\olecli32.dll
+ 2010-05-24 23:03 . 2008-04-13 14:46 61696 c:\windows\system32\dllcache\ohci1394.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\oemiglib.dll
+ 2007-05-21 21:10 . 2008-04-14 02:21 60928 c:\windows\system32\dllcache\oemig50.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 20511 c:\windows\system32\dllcache\odtext32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 20510 c:\windows\system32\dllcache\odpdx32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 20510 c:\windows\system32\dllcache\odfox32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 20510 c:\windows\system32\dllcache\odexl32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 20511 c:\windows\system32\dllcache\oddbse32.dll
+ 2004-08-04 07:44 . 2008-04-13 17:26 12288 c:\windows\system32\dllcache\odbcp32r.dll
+ 2004-08-04 07:44 . 2008-04-14 02:19 57375 c:\windows\system32\dllcache\odbcji32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 65536 c:\windows\system32\dllcache\odbccu32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 65536 c:\windows\system32\dllcache\odbccr32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 69632 c:\windows\system32\dllcache\odbcconf.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 16384 c:\windows\system32\dllcache\odbc32gt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\ocmsn.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 69120 c:\windows\system32\dllcache\ocmanage.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 15872 c:\windows\system32\dllcache\ocgen.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 65536 c:\windows\system32\dllcache\nwwks.dll
+ 2004-08-04 06:03 . 2008-04-13 18:56 88320 c:\windows\system32\dllcache\nwlnkipx.sys
+ 2001-10-28 18:07 . 2008-04-14 02:20 64000 c:\windows\system32\dllcache\nwapi32.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 15360 c:\windows\system32\dllcache\ntvdmd.dll
+ 2001-10-28 18:07 . 2001-10-28 18:07 31744 c:\windows\system32\dllcache\ntsd.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 91648 c:\windows\system32\dllcache\ntprint.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 63488 c:\windows\system32\dllcache\ntoc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\ntmsapi.dll
+ 2001-10-28 18:07 . 2001-10-28 18:07 14848 c:\windows\system32\dllcache\ntlanui2.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 44032 c:\windows\system32\dllcache\ntlanman.dll
+ 2010-05-24 23:03 . 2001-08-17 23:49 51552 c:\windows\system32\dllcache\ntgrip.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 67072 c:\windows\system32\dllcache\ntdsapi.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\nsepm.dll
+ 2010-05-24 23:03 . 2008-04-13 14:54 28672 c:\windows\system32\dllcache\nscirda.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 55296 c:\windows\system32\dllcache\npptools.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 15360 c:\windows\system32\dllcache\nppagent.exe
+ 2004-08-04 06:00 . 2008-04-13 18:32 30848 c:\windows\system32\dllcache\npfs.sys
+ 2004-08-04 07:45 . 2008-04-13 22:21 70144 c:\windows\system32\dllcache\notepad.exe
+ 2004-08-04 05:59 . 2008-04-13 18:53 40320 c:\windows\system32\dllcache\nmnt.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\nmmkcert.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\nmcom.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 81920 c:\windows\system32\dllcache\nmchat.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\nmasnt.dll
+ 2010-05-24 23:03 . 2001-08-17 23:20 87040 c:\windows\system32\dllcache\nm6wdm.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 98304 c:\windows\system32\dllcache\nlhtml.dll
+ 2001-08-17 21:24 . 2001-10-28 18:06 12032 c:\windows\system32\dllcache\nikedrv.sys
+ 2004-08-03 22:58 . 2008-04-13 18:51 61824 c:\windows\system32\dllcache\nic1394.sys
+ 2010-05-24 23:03 . 2001-08-17 23:12 32840 c:\windows\system32\dllcache\ngrpci.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 81920 c:\windows\system32\dllcache\netui0.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 37376 c:\windows\system32\dllcache\netstat.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 87040 c:\windows\system32\dllcache\netsh.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 11776 c:\windows\system32\dllcache\netrap.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\netoc.dll
+ 2010-05-24 23:03 . 2001-09-06 02:05 65918 c:\windows\system32\dllcache\netflx3.sys
+ 2004-08-04 06:03 . 2008-04-13 18:56 34688 c:\windows\system32\dllcache\netbios.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 42496 c:\windows\system32\dllcache\net.exe
+ 2010-05-24 23:02 . 2001-08-17 23:50 39264 c:\windows\system32\dllcache\neo20xx.sys
+ 2010-05-24 23:02 . 2001-08-18 00:49 15872 c:\windows\system32\dllcache\ne2000.sys
+ 2001-10-28 18:07 . 2008-04-13 18:57 40576 c:\windows\system32\dllcache\ndproxy.sys
+ 2004-08-04 06:14 . 2008-04-13 19:20 91520 c:\windows\system32\dllcache\ndiswan.sys
+ 2004-08-03 23:03 . 2008-04-13 18:55 14592 c:\windows\system32\dllcache\ndisuio.sys
+ 2001-10-28 18:07 . 2008-04-13 18:57 10112 c:\windows\system32\dllcache\ndistapi.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\ndisnpp.dll
+ 2007-08-18 17:22 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\nddenb32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 18432 c:\windows\system32\dllcache\nddeapi.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 47104 c:\windows\system32\dllcache\ncprov.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 36352 c:\windows\system32\dllcache\ncobjapi.dll
+ 2004-08-04 07:45 . 2008-04-13 22:21 53760 c:\windows\system32\dllcache\narrator.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 30208 c:\windows\system32\dllcache\napipsec.dll
+ 2007-08-18 17:21 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2010-05-24 23:02 . 2001-09-06 02:49 91488 c:\windows\system32\dllcache\n9i3disp.dll
+ 2010-05-24 23:02 . 2001-08-17 23:50 27936 c:\windows\system32\dllcache\n9i3d.sys
+ 2010-05-24 23:02 . 2001-08-17 23:50 33088 c:\windows\system32\dllcache\n9i128v2.sys
+ 2010-05-24 23:02 . 2001-09-06 02:49 59104 c:\windows\system32\dllcache\n9i128v2.dll
+ 2010-05-24 23:02 . 2001-08-17 23:50 13664 c:\windows\system32\dllcache\n9i128.sys
+ 2010-05-24 23:02 . 2001-09-06 02:49 35392 c:\windows\system32\dllcache\n9i128.dll
+ 2010-05-24 23:02 . 2001-09-06 02:28 52767 c:\windows\system32\dllcache\n1000nt5.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 90112 c:\windows\system32\dllcache\mycomput.dll
+ 2010-05-24 23:02 . 2001-09-06 02:27 76544 c:\windows\system32\dllcache\mxport.sys
+ 2010-05-24 23:02 . 2001-08-18 00:49 19968 c:\windows\system32\dllcache\mxnic.sys
+ 2010-05-24 23:02 . 2001-09-06 02:50 19968 c:\windows\system32\dllcache\mxicfg.dll
+ 2010-05-24 23:02 . 2001-09-06 02:27 22016 c:\windows\system32\dllcache\mxcard.sys
+ 2008-04-13 18:43 . 2008-04-13 18:43 12672 c:\windows\system32\dllcache\mutohpen.sys
+ 2007-05-21 21:09 . 2008-06-12 14:22 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 34304 c:\windows\system32\dllcache\mtxlegih.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 30720 c:\windows\system32\dllcache\mtxdm.dll
+ 2004-08-04 07:45 . 2008-06-12 14:22 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 24576 c:\windows\system32\dllcache\msxactps.dll
+ 2004-08-04 07:45 . 2008-08-28 07:47 74752 c:\windows\system32\dllcache\msw3prt.dll
+ 2004-08-04 05:58 . 2008-04-13 18:30 61440 c:\windows\system32\dllcache\msvcrt40.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\msvcirt.dll
+ 2007-05-21 21:10 . 2008-04-14 02:21 12288 c:\windows\system32\dllcache\mstinit.exe
+ 2010-05-24 23:02 . 2008-04-13 14:46 49024 c:\windows\system32\dllcache\mstape.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\mst123.dll
+ 2004-08-03 23:07 . 2008-04-13 18:36 15488 c:\windows\system32\dllcache\mssmbios.sys
+ 2008-04-14 01:57 . 2008-04-14 01:57 80896 c:\windows\system32\dllcache\msshamsg.dll
+ 2004-08-04 07:45 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2010-05-24 23:02 . 2001-08-18 00:48 12416 c:\windows\system32\dllcache\msriffwv.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 62976 c:\windows\system32\dllcache\msratelc.dll
+ 2004-08-04 07:44 . 2008-04-13 16:23 48128 c:\windows\system32\dllcache\msprivs.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\mspatcha.dll
+ 2004-08-04 07:44 . 2007-03-28 12:54 24576 c:\windows\system32\dllcache\msorc32r.dll
+ 2007-05-21 21:10 . 2008-04-14 02:21 29184 c:\windows\system32\dllcache\msoobe.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\msobweb.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 30720 c:\windows\system32\dllcache\msobshel.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 16384 c:\windows\system32\dllcache\msobdl.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\mslwvtts.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\mslbui.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 15360 c:\windows\system32\dllcache\msisip.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 40960 c:\windows\system32\dllcache\msiregmv.exe
+ 2010-05-24 23:02 . 2008-04-13 14:54 22016 c:\windows\system32\dllcache\msircomm.sys
+ 2010-05-24 23:02 . 2001-10-28 18:07 40448 c:\windows\system32\dllcache\msinfo32.exe
+ 2001-10-28 18:07 . 2001-10-28 18:07 15872 c:\windows\system32\dllcache\msidntld.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 33792 c:\windows\system32\dllcache\msgsvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 15360 c:\windows\system32\dllcache\msgrocm.dll
+ 2004-08-04 06:04 . 2008-04-13 18:56 35072 c:\windows\system32\dllcache\msgpc.sys
+ 2010-05-24 23:02 . 2001-08-18 01:02 35200 c:\windows\system32\dllcache\msgame.sys
+ 2004-08-04 06:00 . 2008-04-13 18:32 19072 c:\windows\system32\dllcache\msfs.sys
+ 2009-03-15 16:05 . 2008-04-13 14:46 51200 c:\windows\system32\dllcache\msdv.sys
+ 2001-10-28 18:07 . 2008-04-14 02:20 90112 c:\windows\system32\dllcache\msdtcstp.dll
+ 2007-05-21 21:09 . 2008-06-12 14:22 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\msdmo.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 36864 c:\windows\system32\dllcache\msdfmap.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 20480 c:\windows\system32\dllcache\msdatt.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 94208 c:\windows\system32\dllcache\msdatl3.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msdasqlr.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msdaremr.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msdaprsr.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\msdaosp.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 20480 c:\windows\system32\dllcache\msdaorar.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 68608 c:\windows\system32\dllcache\msctfp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 36864 c:\windows\system32\dllcache\mscpxl32.dll
+ 2004-08-04 07:44 . 2008-04-13 17:26 12288 c:\windows\system32\dllcache\mscpx32r.dll
+ 2004-08-04 07:45 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll
+ 2004-08-04 07:45 . 2009-09-04 21:04 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 86016 c:\windows\system32\dllcache\msapsspc.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\msadrh15.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\msador15.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 28672 c:\windows\system32\dllcache\msader15.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 24576 c:\windows\system32\dllcache\msaddsr.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 53248 c:\windows\system32\dllcache\msadcs.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msadcor.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 16384 c:\windows\system32\dllcache\msadcfr.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\msadcf.dll
+ 2007-05-21 21:10 . 2007-03-28 12:54 20480 c:\windows\system32\dllcache\msadcer.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\msacm32.dll
+ 2010-05-24 23:02 . 2001-08-18 00:52 17280 c:\windows\system32\dllcache\mraid35x.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 49152 c:\windows\system32\dllcache\mqupgrd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 95744 c:\windows\system32\dllcache\mqsec.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 89088 c:\windows\system32\dllcache\mqlogmgr.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\mqise.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 47616 c:\windows\system32\dllcache\mqdscli.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 19968 c:\windows\system32\dllcache\mqbkup.exe
+ 2004-08-04 05:58 . 2008-04-13 18:39 92544 c:\windows\system32\dllcache\mqac.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 47104 c:\windows\system32\dllcache\mprui.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 53248 c:\windows\system32\dllcache\mprdim.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 87040 c:\windows\system32\dllcache\mprapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 59904 c:\windows\system32\dllcache\mpr.dll
+ 2007-08-18 17:22 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\mpe.sys
+ 2004-08-04 05:58 . 2008-04-13 18:39 42368 c:\windows\system32\dllcache\mountmgr.sys
+ 2004-08-04 00:35 . 2008-04-14 01:50 23552 c:\windows\system32\dllcache\mouclass.sys
+ 2007-05-21 21:09 . 2008-04-14 02:21 16384 c:\windows\system32\dllcache\mofcomp.exe
+ 2010-05-24 23:02 . 2001-08-18 00:57 16128 c:\windows\system32\dllcache\modemcsa.sys
+ 2004-08-04 00:35 . 2008-04-14 01:50 30336 c:\windows\system32\dllcache\modem.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 34560 c:\windows\system32\dllcache\mnmdd.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 17920 c:\windows\system32\dllcache\mmfutil.dll
+ 2008-04-14 02:21 . 2008-04-14 02:21 34304 c:\windows\system32\dllcache\mmcperf.exe
+ 2001-10-28 18:06 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\mimefilt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 60928 c:\windows\system32\dllcache\miglibnt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 18944 c:\windows\system32\dllcache\midimap.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 14848 c:\windows\system32\dllcache\mgmtapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 22528 c:\windows\system32\dllcache\mfcsubs.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\mf3216.dll
+ 2004-08-03 23:07 . 2008-04-13 18:36 63744 c:\windows\system32\dllcache\mf.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 86016 c:\windows\system32\dllcache\metada51.dll
+ 2010-05-24 23:01 . 2008-04-13 14:41 26112 c:\windows\system32\dllcache\memstpci.sys
+ 2010-05-24 23:01 . 2001-09-06 02:50 47616 c:\windows\system32\dllcache\memgrp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\medctroc.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 37888 c:\windows\system32\dllcache\md5filt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 23552 c:\windows\system32\dllcache\mciwave.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\mciqtz32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 85504 c:\windows\system32\dllcache\mciavi32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\mcastmib.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 57344 c:\windows\system32\dllcache\makecab.exe
+ 2010-05-24 23:01 . 2001-08-17 23:19 48768 c:\windows\system32\dllcache\maestro.sys
+ 2010-05-24 23:01 . 2001-09-06 02:50 59392 c:\windows\system32\dllcache\m3092dc.dll
+ 2010-05-24 23:01 . 2001-09-06 02:50 58880 c:\windows\system32\dllcache\m3091dc.dll
+ 2010-05-24 23:01 . 2001-08-17 23:49 22848 c:\windows\system32\dllcache\lwusbhid.sys
+ 2010-05-24 23:01 . 2008-04-13 12:39 20864 c:\windows\system32\dllcache\lwadihid.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 13312 c:\windows\system32\dllcache\lsass.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\lprmon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 10240 c:\windows\system32\dllcache\lprhelp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 22016 c:\windows\system32\dllcache\lpk.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\lpdsvc.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 13312 c:\windows\system32\dllcache\lonsint.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 60928 c:\windows\system32\dllcache\logman.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 19968 c:\windows\system32\dllcache\log.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 75264 c:\windows\system32\dllcache\locator.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 11776 c:\windows\system32\dllcache\localui.dll
+ 2010-05-24 23:01 . 2001-08-17 23:12 70730 c:\windows\system32\dllcache\lne100tx.sys
+ 2010-05-24 23:01 . 2001-08-17 23:12 20573 c:\windows\system32\dllcache\lne100.sys
+ 2010-05-24 23:01 . 2001-08-17 23:11 25065 c:\windows\system32\dllcache\lmndis3.sys
+ 2007-06-15 08:04 . 2008-04-14 02:20 33792 c:\windows\system32\dllcache\lmmib2.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 13824 c:\windows\system32\dllcache\lmhsvc.dll
+ 2010-05-24 23:01 . 2001-09-06 02:11 16128 c:\windows\system32\dllcache\lit220p.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 19968 c:\windows\system32\dllcache\linkinfo.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 58880 c:\windows\system32\dllcache\licwmi.dll
+ 2010-05-24 23:01 . 2008-04-13 14:40 34688 c:\windows\system32\dllcache\lbrtfdc.sys
+ 2010-05-24 23:01 . 2001-09-06 02:10 26634 c:\windows\system32\dllcache\lanepic5.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 37376 c:\windows\system32\dllcache\l2store.dll
+ 2010-05-24 23:01 . 2001-08-17 23:12 19016 c:\windows\system32\dllcache\ktc111.sys
+ 2004-08-04 05:59 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 24576 c:\windows\system32\dllcache\krnlprov.dll
+ 2010-05-24 23:01 . 2001-09-06 02:50 37376 c:\windows\system32\dllcache\kousd.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\kmsvc.dll
+ 2010-05-24 23:01 . 2008-04-13 22:20 49152 c:\windows\system32\dllcache\kdsui.dll
+ 2004-08-04 07:39 . 2008-04-14 01:58 14720 c:\windows\system32\dllcache\kbdhid.sys
+ 2004-08-04 07:39 . 2008-04-14 01:58 25088 c:\windows\system32\dllcache\kbdclass.sys
+ 2001-10-28 18:06 . 2001-10-28 18:06 48464 c:\windows\system32\dllcache\jobexec.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 54784 c:\windows\system32\dllcache\ixsso.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\isrdbg32.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 27136 c:\windows\system32\dllcache\iscomlog.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 68608 c:\windows\system32\dllcache\isatq.dll
+ 2001-10-28 18:06 . 2008-04-14 01:58 37632 c:\windows\system32\dllcache\isapnp.sys
+ 2010-05-24 23:00 . 2001-08-18 00:49 26624 c:\windows\system32\dllcache\irstusb.sys
+ 2010-05-24 23:00 . 2001-08-18 00:51 18688 c:\windows\system32\dllcache\irsir.sys
+ 2010-05-24 23:00 . 2008-04-13 22:20 28672 c:\windows\system32\dllcache\irmon.dll
+ 2010-05-24 23:00 . 2001-08-18 00:49 23552 c:\windows\system32\dllcache\irmk7.sys
+ 2007-05-21 17:18 . 2008-04-13 18:54 11264 c:\windows\system32\dllcache\irenum.sys
+ 2010-05-24 23:00 . 2008-04-13 14:54 88192 c:\windows\system32\dllcache\irda.sys
+ 2007-05-23 22:03 . 2001-10-28 18:06 13312 c:\windows\system32\dllcache\irclass.dll
+ 2008-04-13 18:45 . 2008-04-13 18:45 46592 c:\windows\system32\dllcache\irbus.sys
+ 2001-10-28 18:06 . 2008-04-14 02:20 22016 c:\windows\system32\dllcache\ipxwan.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 24064 c:\windows\system32\dllcache\ipxroute.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 59904 c:\windows\system32\dllcache\ipv6mon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 53760 c:\windows\system32\dllcache\ipv6.exe
+ 2004-08-04 06:14 . 2008-04-13 19:19 75264 c:\windows\system32\dllcache\ipsec.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 35840 c:\windows\system32\dllcache\iprip.dll
+ 2004-08-04 06:04 . 2008-04-13 18:57 20864 c:\windows\system32\dllcache\ipinip.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 95744 c:\windows\system32\dllcache\iphlpapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 56832 c:\windows\system32\dllcache\ipconfig.exe
+ 2004-08-04 06:00 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\ip6fw.sys
+ 2010-05-24 23:00 . 2001-08-17 23:12 45632 c:\windows\system32\dllcache\ip5515.sys
+ 2010-05-24 23:00 . 2001-09-06 02:50 90200 c:\windows\system32\dllcache\io8ports.dll
+ 2010-05-24 23:00 . 2001-08-18 00:50 38784 c:\windows\system32\dllcache\io8.sys
+ 2004-08-04 07:38 . 2008-04-14 01:57 40448 c:\windows\system32\dllcache\intelppm.sys
+ 2010-05-24 23:00 . 2001-09-06 02:05 13568 c:\windows\system32\dllcache\inport.sys
+ 2010-05-24 23:00 . 2001-08-18 00:52 16000 c:\windows\system32\dllcache\ini910u.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 13312 c:\windows\system32\dllcache\infoadmn.dll
+ 2007-05-21 21:10 . 2008-04-14 02:21 20480 c:\windows\system32\dllcache\inetwiz.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\inetpp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\inetmib1.dll
+ 2008-04-14 02:21 . 2008-04-14 02:21 15872 c:\windows\system32\dllcache\inetin51.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 36921 c:\windows\system32\dllcache\imeshare.dll
+ 2004-08-04 06:00 . 2008-04-13 18:40 42112 c:\windows\system32\dllcache\imapi.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 81920 c:\windows\system32\dllcache\ils.dll
+ 2008-04-14 02:21 . 2008-04-14 02:21 31232 c:\windows\system32\dllcache\iisrstas.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 64512 c:\windows\system32\dllcache\iismap.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 79872 c:\windows\system32\dllcache\iislog51.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 68608 c:\windows\system32\dllcache\iisext51.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\iisadmin.dll
+ 2009-08-14 15:42 . 2008-04-13 22:20 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 49152 c:\windows\system32\dllcache\icwutil.dll
+ 2007-05-21 21:10 . 2008-04-14 02:21 24576 c:\windows\system32\dllcache\icwrmind.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 65536 c:\windows\system32\dllcache\icwphbk.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\icwdl.dll
+ 2007-05-21 21:10 . 2008-04-14 02:21 86016 c:\windows\system32\dllcache\icwconn2.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\icwconn.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 55808 c:\windows\system32\dllcache\icmui.dll
+ 2010-05-24 23:00 . 2001-09-06 02:50 20480 c:\windows\system32\dllcache\icam5ext.dll
+ 2010-05-24 23:00 . 2001-09-06 02:50 45056 c:\windows\system32\dllcache\icam5com.dll
+ 2010-05-24 23:00 . 2001-09-06 02:50 62976 c:\windows\system32\dllcache\icam4ext.dll
+ 2010-05-24 23:00 . 2001-09-06 02:50 91648 c:\windows\system32\dllcache\icam4com.dll
+ 2010-05-24 23:00 . 2001-09-06 02:50 26624 c:\windows\system32\dllcache\icam3ext.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 11264 c:\windows\system32\dllcache\icaapi.dll
+ 2010-05-24 23:00 . 2001-08-18 01:06 38528 c:\windows\system32\dllcache\ibmvcap.sys
+ 2010-05-24 23:00 . 2001-08-17 23:11 28700 c:\windows\system32\dllcache\ibmexmp.sys
+ 2004-08-04 07:37 . 2008-04-14 01:55 53504 c:\windows\system32\dllcache\i8042prt.sys
+ 2010-05-24 23:00 . 2001-08-17 23:49 58592 c:\windows\system32\dllcache\i740nt5.sys
+ 2010-05-24 23:00 . 2008-04-13 14:41 18560 c:\windows\system32\dllcache\i2omp.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 42496 c:\windows\system32\dllcache\htui.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 61952 c:\windows\system32\dllcache\httpod51.dll
+ 2004-08-04 07:45 . 2009-10-21 05:39 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 32285 c:\windows\system32\dllcache\hsfcisp2.dll
+ 2010-05-24 22:59 . 2001-08-18 00:28 50751 c:\windows\system32\dllcache\hsf_tone.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 73279 c:\windows\system32\dllcache\hsf_spkp.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 44863 c:\windows\system32\dllcache\hsf_soar.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 57471 c:\windows\system32\dllcache\hsf_samp.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 67167 c:\windows\system32\dllcache\hsf_bsc2.sys
+ 2010-05-24 22:59 . 2001-09-06 02:50 19456 c:\windows\system32\dllcache\hr1w.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 13312 c:\windows\system32\dllcache\hpsjmcro.dll
+ 2010-05-24 22:59 . 2001-08-18 01:07 25952 c:\windows\system32\dllcache\hpn.sys
+ 2010-05-24 22:59 . 2001-09-06 02:50 32768 c:\windows\system32\dllcache\hpgtmcro.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 68608 c:\windows\system32\dllcache\hpgt53tk.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 31232 c:\windows\system32\dllcache\hpgt42tk.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 93696 c:\windows\system32\dllcache\hpgt42.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 48128 c:\windows\system32\dllcache\hpgt33tk.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 89088 c:\windows\system32\dllcache\hpgt33.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 83968 c:\windows\system32\dllcache\hpgt21.dll
+ 2007-06-15 08:04 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\hostmib.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 72704 c:\windows\system32\dllcache\hlink.dll
+ 2001-10-28 18:06 . 2008-04-13 18:45 10368 c:\windows\system32\dllcache\hidusb.sys
+ 2004-08-04 00:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\hidserv.dll
+ 2004-08-04 06:08 . 2008-04-13 18:45 24960 c:\windows\system32\dllcache\hidparse.sys
+ 2008-04-13 18:45 . 2008-04-13 18:45 19200 c:\windows\system32\dllcache\hidir.sys
+ 2004-08-04 06:08 . 2008-04-13 18:45 36864 c:\windows\system32\dllcache\hidclass.sys
+ 2008-04-14 01:54 . 2008-04-14 01:54 25728 c:\windows\system32\dllcache\hidbth.sys
+ 2010-05-24 22:59 . 2008-04-13 14:36 20352 c:\windows\system32\dllcache\hidbatt.sys
+ 2004-08-04 00:45 . 2008-04-14 02:20 20992 c:\windows\system32\dllcache\hid.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 41472 c:\windows\system32\dllcache\hhsetup.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 10752 c:\windows\system32\dllcache\hh.exe
+ 2001-10-28 18:06 . 2008-04-14 02:21 16384 c:\windows\system32\dllcache\help.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\h323cc.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 32256 c:\windows\system32\dllcache\gzip.dll
+ 2010-05-24 22:59 . 2008-04-13 21:54 28544 c:\windows\system32\dllcache\grserial.sys
+ 2010-05-24 22:59 . 2001-09-06 02:23 82432 c:\windows\system32\dllcache\grclass.sys
+ 2010-05-24 22:59 . 2001-09-06 02:22 17664 c:\windows\system32\dllcache\gpr400.sys
+ 2004-08-04 07:44 . 2008-04-14 01:54 10240 c:\windows\system32\dllcache\gpkrsrc.dll
+ 2001-10-28 18:06 . 2008-04-14 02:21 61440 c:\windows\system32\dllcache\getmac.exe
+ 2010-05-24 22:59 . 2008-04-13 14:45 59136 c:\windows\system32\dllcache\gckernel.sys
+ 2007-08-19 17:52 . 2008-04-13 18:45 10624 c:\windows\system32\dllcache\gameenum.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 46464 c:\windows\system32\dllcache\gagp30kx.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 23552 c:\windows\system32\dllcache\fxsmon.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 23552 c:\windows\system32\dllcache\fxsext32.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 60416 c:\windows\system32\dllcache\fxsevent.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 26624 c:\windows\system32\dllcache\fxsdrv.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 72192 c:\windows\system32\dllcache\fxscom.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 60416 c:\windows\system32\dllcache\fwcfg.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 92160 c:\windows\system32\dllcache\fuusd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\ftp.exe
+ 2001-09-05 23:20 . 2001-10-28 18:06 12416 c:\windows\system32\dllcache\fsvga.sys
+ 2007-05-21 21:12 . 2008-04-14 02:20 20538 c:\windows\system32\dllcache\fpremadm.exe
+ 2007-05-21 21:12 . 2008-04-14 02:20 20541 c:\windows\system32\dllcache\fpexedll.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 94208 c:\windows\system32\dllcache\fpencode.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 20541 c:\windows\system32\dllcache\fpadmdll.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 24632 c:\windows\system32\dllcache\fpadmcgi.exe
+ 2007-05-21 21:12 . 2008-04-14 02:20 15120 c:\windows\system32\dllcache\fp98sadm.exe
+ 2007-05-21 21:12 . 2008-04-14 02:20 49212 c:\windows\system32\dllcache\fp4awebs.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 32826 c:\windows\system32\dllcache\fp4avss.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 41020 c:\windows\system32\dllcache\fp4avnb.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 49210 c:\windows\system32\dllcache\fp4areg.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 82035 c:\windows\system32\dllcache\fp4anscp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 32828 c:\windows\system32\dllcache\fp40ext.dll
+ 2010-05-24 22:59 . 2008-04-13 12:35 34173 c:\windows\system32\dllcache\forehe.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\fontview.exe
+ 2001-10-28 18:06 . 2009-10-15 16:32 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 71680 c:\windows\system32\dllcache\fnfilter.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\fltmc.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 16896 c:\windows\system32\dllcache\fltlib.dll
+ 2004-08-04 05:59 . 2008-04-13 18:40 20480 c:\windows\system32\dllcache\flpydisk.sys
+ 2001-10-28 18:06 . 2008-04-14 01:52 44672 c:\windows\system32\dllcache\fips.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\findstr.exe
+ 2010-05-24 22:59 . 2001-08-17 23:13 27165 c:\windows\system32\dllcache\fetnd5.sys
+ 2010-05-24 22:59 . 2001-08-17 23:10 22090 c:\windows\system32\dllcache\fem556n5.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\feclient.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\fdeploy.dll
+ 2004-08-04 05:59 . 2008-04-13 18:40 27392 c:\windows\system32\dllcache\fdc.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 80896 c:\windows\system32\dllcache\faultrep.dll
+ 2010-05-24 22:59 . 2001-08-17 23:12 24618 c:\windows\system32\dllcache\fa410nd5.sys
+ 2010-05-24 22:59 . 2001-08-17 23:12 16074 c:\windows\system32\dllcache\fa312nd5.sys
+ 2010-05-24 22:59 . 2001-08-17 23:11 11850 c:\windows\system32\dllcache\f3ab18xj.sys
+ 2010-05-24 22:59 . 2001-08-17 23:11 12362 c:\windows\system32\dllcache\f3ab18xi.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\extrac32.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\exstrace.dll
+ 2010-05-24 22:59 . 2001-08-17 23:12 16998 c:\windows\system32\dllcache\ex10.sys
+ 2001-10-28 18:06 . 2008-04-14 02:20 84992 c:\windows\system32\dllcache\evtrig.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\evtgprov.dll
+ 2007-06-15 08:04 . 2008-04-14 02:20 93696 c:\windows\system32\dllcache\evntwin.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\evntrprv.dll
+ 2007-06-15 08:04 . 2008-04-14 02:20 24576 c:\windows\system32\dllcache\evntcmd.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 56320 c:\windows\system32\dllcache\eventlog.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 52224 c:\windows\system32\dllcache\evcreate.exe
+ 2010-05-24 22:58 . 2001-09-06 02:50 46080 c:\windows\system32\dllcache\esuni.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 34816 c:\windows\system32\dllcache\esuimg.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 43008 c:\windows\system32\dllcache\esucm.dll
+ 2010-05-24 22:58 . 2001-08-17 23:19 63360 c:\windows\system32\dllcache\ess.sys
+ 2010-05-24 22:58 . 2001-08-17 23:19 72192 c:\windows\system32\dllcache\es1969.sys
+ 2010-05-24 22:58 . 2001-08-17 23:19 40704 c:\windows\system32\dllcache\es1371mp.sys
+ 2010-05-24 22:58 . 2001-08-17 23:19 37120 c:\windows\system32\dllcache\es1370mp.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 23040 c:\windows\system32\dllcache\ersvc.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 62464 c:\windows\system32\dllcache\eqnloop.exe
+ 2010-05-24 22:58 . 2001-09-06 02:50 51712 c:\windows\system32\dllcache\eqnlogr.exe
+ 2010-05-24 22:58 . 2001-09-06 02:50 53248 c:\windows\system32\dllcache\eqndiag.exe
+ 2010-05-24 22:58 . 2001-08-17 23:12 18503 c:\windows\system32\dllcache\epro4.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 20480 c:\windows\system32\dllcache\encapi.dll
+ 2010-05-24 22:58 . 2001-08-17 23:10 19996 c:\windows\system32\dllcache\em556n4.sys
+ 2010-05-24 22:58 . 2001-08-17 23:10 25159 c:\windows\system32\dllcache\elnk3.sys
+ 2010-05-24 22:58 . 2001-08-17 23:11 70174 c:\windows\system32\dllcache\el98xn5.sys
+ 2010-05-24 22:58 . 2001-08-17 23:11 66591 c:\windows\system32\dllcache\el90xbc5.sys
+ 2010-05-24 22:58 . 2001-08-17 23:11 77386 c:\windows\system32\dllcache\el656nd5.sys
+ 2010-05-24 22:58 . 2001-08-17 23:11 69194 c:\windows\system32\dllcache\el656cd5.sys
+ 2010-05-24 22:58 . 2001-08-17 23:10 26141 c:\windows\system32\dllcache\el589nd5.sys
+ 2010-05-24 22:58 . 2001-08-17 23:10 69692 c:\windows\system32\dllcache\el575nd5.sys
+ 2010-05-24 22:58 . 2001-08-17 23:10 24653 c:\windows\system32\dllcache\el574nd4.sys
+ 2010-05-24 22:58 . 2001-08-17 23:10 55999 c:\windows\system32\dllcache\el556nd5.sys
+ 2010-05-24 22:58 . 2001-09-06 02:11 44103 c:\windows\system32\dllcache\el515.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 27136 c:\windows\system32\dllcache\efsadu.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 33792 c:\windows\system32\dllcache\eapsvc.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 59392 c:\windows\system32\dllcache\eapqec.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\eappprxy.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 94720 c:\windows\system32\dllcache\eappgnui.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 30720 c:\windows\system32\dllcache\eapolqec.dll
+ 2010-05-24 22:58 . 2001-08-17 23:12 19594 c:\windows\system32\dllcache\e100isa4.sys
+ 2010-05-24 22:58 . 2001-09-06 02:10 51231 c:\windows\system32\dllcache\e1000nt5.sys
+ 2004-08-04 06:00 . 2008-04-13 18:38 71168 c:\windows\system32\dllcache\dxg.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 17920 c:\windows\system32\dllcache\dvdupgrd.exe
+ 2001-09-05 23:50 . 2001-09-06 02:50 57344 c:\windows\system32\dllcache\dvdplay.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 10752 c:\windows\system32\dllcache\dumprep.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\dswave.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 51712 c:\windows\system32\dllcache\dssec.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 93184 c:\windows\system32\dllcache\dskquota.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\dsdmoprp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 16384 c:\windows\system32\dllcache\ds32gt.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 47104 c:\windows\system32\dllcache\drwtsn32.exe
+ 2001-10-28 18:06 . 2008-04-14 02:20 64512 c:\windows\system32\dllcache\drvqry.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\drprov.dll
+ 2004-08-03 23:08 . 2008-04-13 14:45 60160 c:\windows\system32\dllcache\drmk.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 57856 c:\windows\system32\dllcache\dpwsockx.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 83456 c:\windows\system32\dllcache\dpvsetup.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 21504 c:\windows\system32\dllcache\dpvacm.dll
+ 2010-05-24 22:58 . 2001-08-18 01:07 20192 c:\windows\system32\dllcache\dpti2o.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 17920 c:\windows\system32\dllcache\dpnsvr.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 60928 c:\windows\system32\dllcache\dpnhupnp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 35328 c:\windows\system32\dllcache\dpnhpast.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\dplaysvr.exe
+ 2010-05-24 22:58 . 2001-08-17 23:12 28062 c:\windows\system32\dllcache\dp83820.sys
+ 2010-05-24 22:58 . 2001-09-06 02:06 24064 c:\windows\system32\dllcache\dot4usb.sys
+ 2010-05-24 22:58 . 2001-08-18 00:47 12928 c:\windows\system32\dllcache\dot4prt.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 56832 c:\windows\system32\dllcache\dot3msm.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\dot3clnt.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 59392 c:\windows\system32\dllcache\dot3cfg.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 26112 c:\windows\system32\dllcache\dot3api.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 48640 c:\windows\system32\dllcache\docprop2.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2004-08-04 00:45 . 2008-04-14 02:20 55296 c:\windows\system32\dllcache\dmutil.dll
+ 2007-05-21 22:37 . 2008-04-13 18:45 52864 c:\windows\system32\dllcache\dmusic.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 23552 c:\windows\system32\dllcache\dmserver.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 82432 c:\windows\system32\dllcache\dmscript.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 15872 c:\windows\system32\dllcache\dmremote.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 35840 c:\windows\system32\dllcache\dmloader.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 61440 c:\windows\system32\dllcache\dmcompos.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\dmband.dll
+ 2010-05-24 22:58 . 2001-08-17 23:11 29696 c:\windows\system32\dllcache\dm9pci5.sys
+ 2010-05-24 22:58 . 2001-08-17 23:11 26698 c:\windows\system32\dllcache\dlh5xnd5.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 29768 c:\windows\system32\dllcache\divasu.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 37962 c:\windows\system32\dllcache\divaprop.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 38985 c:\windows\system32\dllcache\disrvsu.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 31817 c:\windows\system32\dllcache\disrvpp.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\dispex.dll
+ 2004-08-04 05:59 . 2008-04-13 18:40 14208 c:\windows\system32\dllcache\diskdump.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 36352 c:\windows\system32\dllcache\disk.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 86528 c:\windows\system32\dllcache\directdb.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 39936 c:\windows\system32\dllcache\dimsroam.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 19456 c:\windows\system32\dllcache\dimsntfy.dll
+ 2010-05-24 22:58 . 2001-08-17 23:13 91305 c:\windows\system32\dllcache\dimaint.sys
+ 2010-05-24 22:58 . 2001-09-06 02:04 42528 c:\windows\system32\dllcache\digirlpt.sys
+ 2010-05-24 22:58 . 2001-08-17 23:14 21606 c:\windows\system32\dllcache\digiisdn.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 41046 c:\windows\system32\dllcache\digiisdn.dll
+ 2010-05-24 22:58 . 2001-09-06 02:04 90717 c:\windows\system32\dllcache\digifep5.sys
+ 2010-05-24 22:58 . 2001-09-06 02:04 37895 c:\windows\system32\dllcache\digiasyn.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 65622 c:\windows\system32\dllcache\digiasyn.dll
+ 2010-05-24 22:57 . 2001-09-06 02:50 32256 c:\windows\system32\dllcache\diapi2NT.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 87040 c:\windows\system32\dllcache\diantz.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 48640 c:\windows\system32\dllcache\dhcpqec.dll
+ 2010-05-24 22:58 . 2001-09-06 02:27 29659 c:\windows\system32\dllcache\dgapci.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 28672 c:\windows\system32\dllcache\dfsshlex.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 39424 c:\windows\system32\dllcache\dfrgsnap.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 54272 c:\windows\system32\dllcache\dfrgres.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 82944 c:\windows\system32\dllcache\dfrgfat.exe
+ 2010-05-24 22:58 . 2001-08-17 23:11 24649 c:\windows\system32\dllcache\dfe650d.sys
+ 2010-05-24 22:58 . 2001-08-17 23:11 24648 c:\windows\system32\dllcache\dfe650.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 24064 c:\windows\system32\dllcache\devldr32.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 59904 c:\windows\system32\dllcache\devenum.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 18432 c:\windows\system32\dllcache\deskperf.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 16896 c:\windows\system32\dllcache\deskmon.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 16896 c:\windows\system32\dllcache\deskadp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 25088 c:\windows\system32\dllcache\defrag.exe
+ 2010-05-24 22:58 . 2001-08-17 23:11 20928 c:\windows\system32\dllcache\defpa.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 27136 c:\windows\system32\dllcache\ddrawex.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\dcap32.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 86528 c:\windows\system32\dllcache\dc240usd.dll
+ 2010-05-24 22:58 . 2001-08-17 23:12 63208 c:\windows\system32\dllcache\dc21x4.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 81408 c:\windows\system32\dllcache\dc210usd.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 25600 c:\windows\system32\dllcache\dc210_32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 25600 c:\windows\system32\dllcache\davclnt.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 42496 c:\windows\system32\dllcache\davcdata.exe
+ 2010-05-24 22:58 . 2001-08-18 00:52 14720 c:\windows\system32\dllcache\dac960nt.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\cyzports.dll
+ 2010-05-24 22:58 . 2001-09-06 02:25 50560 c:\windows\system32\dllcache\cyzport.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 27648 c:\windows\system32\dllcache\cyzcoins.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 28160 c:\windows\system32\dllcache\cyyports.dll
+ 2010-05-24 22:57 . 2001-09-06 02:25 50816 c:\windows\system32\dllcache\cyyport.sys
+ 2010-05-24 22:57 . 2001-09-06 02:25 15104 c:\windows\system32\dllcache\cyclom-y.sys
+ 2010-05-24 22:57 . 2001-09-06 02:25 17408 c:\windows\system32\dllcache\cyclad-z.sys
+ 2010-05-24 22:57 . 2008-04-13 12:36 48640 c:\windows\system32\dllcache\cwrwdm.sys
+ 2010-05-24 22:57 . 2001-08-17 23:19 93952 c:\windows\system32\dllcache\cwcwdm.sys
+ 2010-05-24 22:57 . 2001-08-17 23:19 72832 c:\windows\system32\dllcache\cwbwdm.sys
+ 2007-05-21 21:10 . 2004-08-04 12:00 28672 c:\windows\system32\dllcache\custsat.dll
+ 2010-05-24 22:57 . 2001-08-17 23:19 96256 c:\windows\system32\dllcache\ctlsb16.sys
+ 2004-08-04 07:45 . 2009-12-14 07:09 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 62464 c:\windows\system32\dllcache\cryptsvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 64512 c:\windows\system32\dllcache\cryptnet.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 54784 c:\windows\system32\dllcache\cryptext.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 33280 c:\windows\system32\dllcache\cryptdll.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 75264 c:\windows\system32\dllcache\cryptdlg.dll
+ 2004-08-04 00:38 . 2008-04-14 01:57 40832 c:\windows\system32\dllcache\crusoe.sys
+ 2010-05-24 22:57 . 2001-08-17 23:19 42112 c:\windows\system32\dllcache\crtaud.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 12800 c:\windows\system32\dllcache\credssp.dll
+ 2010-05-24 22:57 . 2001-09-06 02:23 61386 c:\windows\system32\dllcache\cpqtrnd5.sys
+ 2010-05-24 22:57 . 2001-09-06 02:23 21533 c:\windows\system32\dllcache\cpqndis5.sys
+ 2001-08-17 21:24 . 2001-10-28 18:06 11776 c:\windows\system32\dllcache\cpqdap01.sys
+ 2010-05-24 22:57 . 2001-08-18 00:52 14976 c:\windows\system32\dllcache\cpqarray.sys
+ 2004-08-04 07:45 . 2009-03-08 07:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 67072 c:\windows\system32\dllcache\console.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 45056 c:\windows\system32\dllcache\confmrsl.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 97792 c:\windows\system32\dllcache\comrepl.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\compfilt.dll
+ 2010-05-24 22:57 . 2008-04-13 14:36 10240 c:\windows\system32\dllcache\compbatt.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 28160 c:\windows\system32\dllcache\comaddin.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 60416 c:\windows\system32\dllcache\colbact.dll
+ 2008-04-13 16:44 . 2008-04-13 16:44 17920 c:\windows\system32\dllcache\cobramsg.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 47104 c:\windows\system32\dllcache\coadmin.dll
+ 2010-05-24 22:57 . 2001-08-17 23:11 39936 c:\windows\system32\dllcache\cnxt1803.sys
+ 2010-05-24 22:57 . 2001-09-06 02:50 44032 c:\windows\system32\dllcache\cnusd.dll
+ 2004-08-04 00:45 . 2008-04-14 02:20 49152 c:\windows\system32\dllcache\cnbjmon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 40960 c:\windows\system32\dllcache\cmutil.dll
+ 2004-08-04 07:45 . 2004-08-04 07:45 65024 c:\windows\system32\dllcache\cmstp.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 13312 c:\windows\system32\dllcache\cmsetacl.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 15872 c:\windows\system32\dllcache\cmcfg32.dll
+ 2010-05-24 22:57 . 2001-09-06 02:18 20864 c:\windows\system32\dllcache\cmbp0wdm.sys
+ 2010-05-24 22:57 . 2008-04-13 14:36 13952 c:\windows\system32\dllcache\cmbatt.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 58368 c:\windows\system32\dllcache\clusapi.dll
+ 2004-08-04 06:14 . 2008-04-13 19:16 49536 c:\windows\system32\dllcache\classpnp.sys
+ 2010-05-24 22:57 . 2001-08-18 00:57 45696 c:\windows\system32\dllcache\cirrus.sys
+ 2010-05-24 22:57 . 2001-09-06 02:49 91264 c:\windows\system32\dllcache\cirrus.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 57856 c:\windows\system32\dllcache\cipher.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 69120 c:\windows\system32\dllcache\ciodm.dll
+ 2007-05-21 21:09 . 2001-10-28 18:06 80896 c:\windows\system32\dllcache\charmap.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 15423 c:\windows\system32\dllcache\ch7xxnt5.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 16896 c:\windows\system32\dllcache\cfgmgr32.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 39424 c:\windows\system32\dllcache\cfgbkend.dll
+ 2010-05-24 22:57 . 2001-09-06 02:15 49182 c:\windows\system32\dllcache\cem56n5.sys
+ 2010-05-24 22:57 . 2001-09-06 02:15 22044 c:\windows\system32\dllcache\cem33n5.sys
+ 2010-05-24 22:57 . 2001-09-06 02:15 22044 c:\windows\system32\dllcache\cem28n5.sys
+ 2010-05-24 22:57 . 2001-09-06 02:15 27164 c:\windows\system32\dllcache\ce3n5.sys
+ 2010-05-24 22:57 . 2001-09-06 02:15 21530 c:\windows\system32\dllcache\ce2n5.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 62976 c:\windows\system32\dllcache\cdrom.sys
+ 2004-08-04 06:14 . 2008-04-13 19:14 63744 c:\windows\system32\dllcache\cdfs.sys
+ 2001-08-17 21:52 . 2001-10-28 18:06 18688 c:\windows\system32\dllcache\cdaudio.sys
+ 2007-08-18 17:21 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2001-10-28 18:06 . 2001-10-28 18:06 13952 c:\windows\system32\dllcache\cbidf2k.sys
+ 2010-05-24 22:57 . 2001-08-17 23:13 46108 c:\windows\system32\dllcache\cben5.sys
+ 2010-05-24 22:57 . 2001-08-17 23:12 39680 c:\windows\system32\dllcache\cb325.sys
+ 2010-05-24 22:57 . 2001-08-17 23:12 37916 c:\windows\system32\dllcache\cb102.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 85504 c:\windows\system32\dllcache\catsrvps.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 50688 c:\windows\system32\dllcache\camocx.dll
+ 2010-05-24 22:57 . 2001-09-06 02:50 74240 c:\windows\system32\dllcache\camexo20.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 20480 c:\windows\system32\dllcache\cacls.exe
+ 2004-08-04 07:45 . 2010-01-13 14:01 86528 c:\windows\system32\dllcache\cabview.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 60416 c:\windows\system32\dllcache\cabinet.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 50688 c:\windows\system32\dllcache\btpanui.dll
+ 2008-04-13 18:46 . 2008-04-13 18:46 18944 c:\windows\system32\dllcache\bthusb.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 30208 c:\windows\system32\dllcache\bthserv.dll
+ 2008-04-13 18:46 . 2008-04-13 18:46 36480 c:\windows\system32\dllcache\bthprint.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 37888 c:\windows\system32\dllcache\bthmodem.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\bthenum.sys
+ 2004-08-04 07:45 . 2008-04-13 22:20 20992 c:\windows\system32\dllcache\bthci.dll
+ 2010-05-24 22:56 . 2001-08-17 23:11 31529 c:\windows\system32\dllcache\brzwlan.sys
+ 2010-05-24 22:56 . 2001-08-18 00:12 10368 c:\windows\system32\dllcache\brusbscn.sys
+ 2010-05-24 22:56 . 2001-08-18 00:12 11008 c:\windows\system32\dllcache\brusbmdm.sys
+ 2010-05-24 22:56 . 2001-08-18 00:12 60416 c:\windows\system32\dllcache\brserwdm.sys
+ 2010-05-24 22:56 . 2001-09-06 02:12 39680 c:\windows\system32\dllcache\brparwdm.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 78336 c:\windows\system32\dllcache\browsewm.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 77824 c:\windows\system32\dllcache\browser.dll
+ 2004-08-04 07:44 . 2008-04-14 01:53 67584 c:\windows\system32\dllcache\browselc.dll
+ 2010-05-24 22:56 . 2001-09-06 02:50 41472 c:\windows\system32\dllcache\brmfusb.dll
+ 2010-05-24 22:56 . 2001-09-06 02:50 32256 c:\windows\system32\dllcache\brmfrsmg.exe
+ 2010-05-24 22:56 . 2001-09-06 02:50 29696 c:\windows\system32\dllcache\brmflpt.dll
+ 2010-05-24 22:56 . 2001-09-06 02:50 81920 c:\windows\system32\dllcache\brmfcwia.dll
+ 2010-05-24 22:56 . 2001-09-06 02:50 15360 c:\windows\system32\dllcache\brmfbidi.dll
+ 2004-08-04 05:59 . 2008-04-13 18:53 71552 c:\windows\system32\dllcache\bridge.sys
+ 2010-05-24 22:56 . 2001-08-18 00:12 12160 c:\windows\system32\dllcache\brfiltlo.sys
+ 2010-05-24 22:56 . 2001-09-06 02:50 12800 c:\windows\system32\dllcache\brevif.dll
+ 2010-05-24 22:56 . 2001-09-06 02:50 19456 c:\windows\system32\dllcache\brbidiif.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 71680 c:\windows\system32\dllcache\blastcln.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\bidispl.dll
+ 2007-08-18 17:21 . 2008-04-13 18:46 11776 c:\windows\system32\dllcache\bdasup.sys
+ 2010-05-24 22:56 . 2001-08-17 23:11 26568 c:\windows\system32\dllcache\bcm4e5.sys
+ 2010-05-24 22:56 . 2001-08-17 23:11 54271 c:\windows\system32\dllcache\bcm42xx5.sys
+ 2010-05-24 22:56 . 2001-08-17 23:11 66557 c:\windows\system32\dllcache\bcm42u.sys
+ 2010-05-24 22:56 . 2008-04-13 14:36 14208 c:\windows\system32\dllcache\battc.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 52736 c:\windows\system32\dllcache\basesrv.dll
+ 2010-05-24 22:56 . 2001-08-17 23:48 36128 c:\windows\system32\dllcache\banshee.sys
+ 2010-05-24 22:56 . 2001-09-06 02:09 97184 c:\windows\system32\dllcache\b57xp32.sys
+ 2010-05-24 22:56 . 2001-08-17 23:13 89952 c:\windows\system32\dllcache\b1cbase.sys
+ 2010-05-24 22:56 . 2001-08-17 23:19 36992 c:\windows\system32\dllcache\aztw2320.sys
+ 2010-05-24 22:56 . 2001-08-17 23:13 37568 c:\windows\system32\dllcache\avmwan.sys
+ 2010-05-24 22:56 . 2001-09-06 02:50 87552 c:\windows\system32\dllcache\avmcoxp.dll
+ 2004-08-04 07:45 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2010-05-24 22:56 . 2008-04-13 14:46 13696 c:\windows\system32\dllcache\avcstrm.sys
+ 2010-05-24 22:56 . 2001-08-18 01:01 36096 c:\windows\system32\dllcache\avcaudio.sys
+ 2010-05-24 22:56 . 2008-04-13 14:46 38912 c:\windows\system32\dllcache\avc.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 11264 c:\windows\system32\dllcache\autolfn.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 62464 c:\windows\system32\dllcache\authz.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 16439 c:\windows\system32\dllcache\author.exe
+ 2007-05-21 21:12 . 2008-04-14 02:20 20540 c:\windows\system32\dllcache\author.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 14336 c:\windows\system32\dllcache\auditusr.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 42496 c:\windows\system32\dllcache\audiosrv.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 17279 c:\windows\system32\dllcache\atv10nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 14143 c:\windows\system32\dllcache\atv06nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 25471 c:\windows\system32\dllcache\atv04nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 11359 c:\windows\system32\dllcache\atv02nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 21183 c:\windows\system32\dllcache\atv01nt5.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 12288 c:\windows\system32\dllcache\attrib.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 30208 c:\windows\system32\dllcache\atmlib.dll
+ 2004-08-04 05:58 . 2008-04-13 18:51 55808 c:\windows\system32\dllcache\atmlane.sys
+ 2004-08-04 05:58 . 2008-04-13 18:51 59904 c:\windows\system32\dllcache\atmarpc.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 11776 c:\windows\system32\dllcache\atmadm.exe
+ 2004-08-04 07:45 . 2009-07-17 19:03 58880 c:\windows\system32\dllcache\atl.dll
+ 2010-05-24 22:56 . 2001-08-17 23:49 23552 c:\windows\system32\dllcache\atixbar.sys
+ 2010-05-24 22:56 . 2001-08-17 23:49 26624 c:\windows\system32\dllcache\ativxbar.sys
+ 2010-05-24 22:56 . 2001-08-17 23:49 19456 c:\windows\system32\dllcache\ativttxx.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\ativtmxx.dll
+ 2010-05-24 22:56 . 2001-08-17 23:49 17152 c:\windows\system32\dllcache\atitvsnd.sys
+ 2010-05-24 22:56 . 2001-08-17 23:49 17152 c:\windows\system32\dllcache\atitunep.sys
+ 2010-05-24 22:56 . 2001-08-17 23:49 26880 c:\windows\system32\dllcache\atirtsnd.sys
+ 2010-05-24 22:56 . 2001-08-17 23:49 49920 c:\windows\system32\dllcache\atirtcap.sys
+ 2010-05-24 22:56 . 2001-09-06 02:08 70656 c:\windows\system32\dllcache\atiragem.sys
+ 2010-05-24 22:56 . 2001-08-17 23:49 10240 c:\windows\system32\dllcache\atipcxxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 63488 c:\windows\system32\dllcache\atinxsxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 31744 c:\windows\system32\dllcache\atinxbxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 73216 c:\windows\system32\dllcache\atintuxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 13824 c:\windows\system32\dllcache\atinttxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 28672 c:\windows\system32\dllcache\atinsnxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 52224 c:\windows\system32\dllcache\atinraxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 14336 c:\windows\system32\dllcache\atinpdxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 13824 c:\windows\system32\dllcache\atinmdxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 57856 c:\windows\system32\dllcache\atinbtxx.sys
+ 2010-05-24 22:56 . 2001-09-06 02:08 75264 c:\windows\system32\dllcache\atimpae.sys
+ 2010-05-24 22:56 . 2001-09-06 02:50 37376 c:\windows\system32\dllcache\atievxx.exe
+ 2010-05-24 22:56 . 2001-08-17 23:49 46464 c:\windows\system32\dllcache\atibt829.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 34735 c:\windows\system32\dllcache\ati1xsxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 29455 c:\windows\system32\dllcache\ati1xbxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 36463 c:\windows\system32\dllcache\ati1tuxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 21343 c:\windows\system32\dllcache\ati1ttxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 26367 c:\windows\system32\dllcache\ati1snxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 63663 c:\windows\system32\dllcache\ati1rvxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 30671 c:\windows\system32\dllcache\ati1raxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 12047 c:\windows\system32\dllcache\ati1pdxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 11615 c:\windows\system32\dllcache\ati1mdxx.sys
+ 2008-08-30 19:20 . 2004-08-04 01:29 56623 c:\windows\system32\dllcache\ati1btxx.sys
+ 2010-05-24 22:56 . 2001-09-06 02:08 77824 c:\windows\system32\dllcache\ati.sys
+ 2010-05-24 22:56 . 2001-09-06 02:49 96128 c:\windows\system32\dllcache\ati.dll
+ 2004-08-04 05:59 . 2008-04-13 18:40 96512 c:\windows\system32\dllcache\atapi.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 25600 c:\windows\system32\dllcache\at.exe
+ 2004-08-04 06:05 . 2008-04-13 18:57 14336 c:\windows\system32\dllcache\asyncmac.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 65024 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 32768 c:\windows\system32\dllcache\asr_pfu.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 30208 c:\windows\system32\dllcache\asr_fmt.exe
+ 2010-05-24 22:56 . 2001-08-17 23:12 97354 c:\windows\system32\dllcache\aspndis3.sys
+ 2010-05-24 22:56 . 2001-08-18 00:51 14848 c:\windows\system32\dllcache\asc3550.sys
+ 2010-05-24 22:56 . 2001-08-18 00:52 22400 c:\windows\system32\dllcache\asc3350p.sys
+ 2010-05-24 22:56 . 2001-08-18 00:52 26496 c:\windows\system32\dllcache\asc.sys
+ 2004-08-03 22:58 . 2008-04-13 18:51 60800 c:\windows\system32\dllcache\arp1394.sys
+ 2010-05-24 22:56 . 2008-04-13 12:35 36224 c:\windows\system32\dllcache\an983.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 70656 c:\windows\system32\dllcache\amstream.dll
+ 2010-05-24 22:56 . 2001-08-18 00:52 12032 c:\windows\system32\dllcache\amsint.sys
+ 2004-08-04 00:35 . 2008-04-14 01:51 41856 c:\windows\system32\dllcache\amdk7.sys
+ 2004-08-04 00:35 . 2008-04-14 01:51 41472 c:\windows\system32\dllcache\amdk6.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 43008 c:\windows\system32\dllcache\amdagp.sys
+ 2010-05-24 22:56 . 2001-08-17 23:11 16969 c:\windows\system32\dllcache\amb8002.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 17408 c:\windows\system32\dllcache\alrsvc.dll
+ 2004-08-03 23:07 . 2008-04-13 18:36 42752 c:\windows\system32\dllcache\alim1541.sys
+ 2010-05-24 22:56 . 2001-08-18 00:49 26624 c:\windows\system32\dllcache\alifir.sys
+ 2010-05-24 22:56 . 2001-08-17 23:11 27678 c:\windows\system32\dllcache\ali5261.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 44544 c:\windows\system32\dllcache\alg.exe
+ 2010-05-24 22:56 . 2001-08-18 01:07 56960 c:\windows\system32\dllcache\aic78xx.sys
+ 2010-05-24 22:56 . 2001-08-18 01:07 55168 c:\windows\system32\dllcache\aic78u2.sys
+ 2010-05-24 22:56 . 2001-08-18 00:52 12800 c:\windows\system32\dllcache\aha154x.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\agtintl.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 20480 c:\windows\system32\dllcache\agt0c0a.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0816.dll
+ 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0804.dll
+ 2007-05-21 17:18 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt041f.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt041d.dll
+ 2007-05-21 17:18 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0419.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 20480 c:\windows\system32\dllcache\agt0416.dll
+ 2007-05-21 17:18 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0415.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0414.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0413.dll
+ 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0412.dll
+ 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0411.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0410.dll
+ 2007-05-21 17:18 . 2007-04-02 18:26 19968 c:\windows\system32\dllcache\agt040e.dll
+ 2007-04-02 18:26 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt040d.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 21504 c:\windows\system32\dllcache\agt040c.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt040b.dll
+ 2001-10-28 18:06 . 2008-04-13 17:32 19968 c:\windows\system32\dllcache\agt0409.dll
+ 2007-05-21 17:18 . 2007-04-02 18:26 22016 c:\windows\system32\dllcache\agt0408.dll
+ 2001-10-28 18:06 . 2007-04-02 18:26 21504 c:\windows\system32\dllcache\agt0407.dll
+ 2001-10-28 18:06 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0406.dll
+ 2007-05-21 17:18 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0405.dll
+ 2007-04-02 18:25 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0404.dll
+ 2007-04-02 18:25 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0401.dll
+ 2004-08-03 23:07 . 2008-04-13 18:36 44928 c:\windows\system32\dllcache\agpcpq.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 42368 c:\windows\system32\dllcache\agp440.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 44032 c:\windows\system32\dllcache\agentsr.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\agentpsh.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 49152 c:\windows\system32\dllcache\agentmpx.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 57344 c:\windows\system32\dllcache\agentdpv.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 42496 c:\windows\system32\dllcache\agentdp2.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 24064 c:\windows\system32\dllcache\agentanm.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 68096 c:\windows\system32\dllcache\adsmsext.dll
+ 2010-05-24 22:56 . 2001-08-17 23:11 46112 c:\windows\system32\dllcache\adptsf50.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 43520 c:\windows\system32\dllcache\admwprox.dll
+ 2010-05-24 22:56 . 2008-04-13 12:36 10880 c:\windows\system32\dllcache\admjoy.sys
+ 2007-05-21 21:12 . 2008-04-14 02:20 16439 c:\windows\system32\dllcache\admin.exe
+ 2007-05-21 21:12 . 2008-04-14 02:20 20540 c:\windows\system32\dllcache\admin.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 29696 c:\windows\system32\dllcache\admexs.dll
+ 2010-05-24 22:56 . 2001-08-17 23:11 20160 c:\windows\system32\dllcache\adm8511.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 98304 c:\windows\system32\dllcache\actxprxy.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 11904 c:\windows\system32\dllcache\acpiec.sys
+ 2007-05-21 21:10 . 2001-10-28 18:06 68096 c:\windows\system32\dllcache\acctres.dll
+ 2010-05-24 22:55 . 2008-04-13 12:36 84480 c:\windows\system32\dllcache\ac97via.sys
+ 2010-05-24 22:55 . 2001-08-17 23:20 96256 c:\windows\system32\dllcache\ac97intc.sys
+ 2010-05-24 22:55 . 2001-08-18 00:52 23552 c:\windows\system32\dllcache\abp480n5.sys
+ 2010-05-24 22:55 . 2001-09-06 02:50 98304 c:\windows\system32\dllcache\a3d.dll
+ 2010-05-24 22:55 . 2001-09-06 02:49 38400 c:\windows\system32\dllcache\8514a.dll
+ 2010-05-24 22:55 . 2008-04-13 14:46 48128 c:\windows\system32\dllcache\61883.sys
+ 2010-05-24 22:55 . 2008-04-13 14:40 12288 c:\windows\system32\dllcache\4mmdat.sys
+ 2010-05-24 22:55 . 2001-08-18 01:06 11264 c:\windows\system32\dllcache\1394vdbg.sys
+ 2010-05-24 22:55 . 2008-04-13 14:46 53376 c:\windows\system32\dllcache\1394bus.sys
+ 2001-10-28 18:06 . 2001-10-28 18:06 54272 c:\windows\system32\dfrgres.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 18432 c:\windows\system32\deskperf.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 16896 c:\windows\system32\deskmon.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 16896 c:\windows\system32\deskadp.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 67072 c:\windows\system32\console.dll
+ 2004-08-04 07:45 . 2004-08-04 07:45 65024 c:\windows\system32\cmstp.exe
+ 2007-05-21 21:09 . 2001-10-28 18:06 80896 c:\windows\system32\charmap.exe
+ 2004-08-04 07:45 . 2008-04-13 22:20 20992 c:\windows\system32\bthci.dll
+ 2007-05-21 21:10 . 2001-10-28 18:06 68096 c:\windows\system32\acctres.dll
+ 2007-05-21 21:09 . 2001-10-28 18:07 5632 c:\windows\system32\write.exe
+ 2010-05-26 00:17 . 2008-04-14 02:20 4096 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\ksuser.dll
+ 2007-05-21 22:37 . 2002-12-12 03:14 4096 c:\windows\system32\ksuser.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 9216 c:\windows\system32\eventvwr.exe
+ 2010-05-24 23:07 . 2001-09-06 02:50 4608 c:\windows\system32\dllcache\xrxflnch.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 6656 c:\windows\system32\dllcache\wuauserv.dll
+ 2010-05-24 23:07 . 2008-04-13 22:20 8192 c:\windows\system32\dllcache\wshirda.dll
+ 2007-05-21 21:09 . 2001-10-28 18:07 5632 c:\windows\system32\dllcache\write.exe
+ 2001-09-05 23:49 . 2001-10-28 18:06 3200 c:\windows\system32\dllcache\wowfax.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 5632 c:\windows\system32\dllcache\wmm2res2.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 7680 c:\windows\system32\dllcache\wmm2ext.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\wmm2eres.dll
+ 2007-05-21 21:09 . 2008-04-14 01:55 7168 c:\windows\system32\dllcache\wmiapres.dll
+ 2010-05-24 23:07 . 2008-04-13 14:36 8832 c:\windows\system32\dllcache\wmiacpi.sys
+ 2004-08-04 07:45 . 2008-04-14 02:19 5632 c:\windows\system32\dllcache\wmi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 5632 c:\windows\system32\dllcache\winver.exe
+ 2010-05-24 23:06 . 2008-04-13 14:40 5376 c:\windows\system32\dllcache\viaide.sys
+ 2010-05-24 23:06 . 2001-08-18 00:28 7556 c:\windows\system32\dllcache\usroslba.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 4736 c:\windows\system32\dllcache\usbd.sys
+ 2010-05-24 23:06 . 2001-09-06 02:12 4992 c:\windows\system32\dllcache\toside.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\tlntsvrp.dll
+ 2010-05-24 23:05 . 2001-08-18 00:52 7040 c:\windows\system32\dllcache\tandqic.sys
+ 2010-05-24 23:05 . 2001-08-18 01:02 3968 c:\windows\system32\dllcache\swusbflt.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 4352 c:\windows\system32\dllcache\swenum.sys
+ 2001-09-05 23:50 . 2001-10-28 18:06 8192 c:\windows\system32\dllcache\streamci.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\staxmem.dll
+ 2007-05-21 22:37 . 2008-04-13 18:45 6272 c:\windows\system32\dllcache\splitter.sys
+ 2010-05-24 23:05 . 2001-08-18 00:56 7552 c:\windows\system32\dllcache\sonypvu1.sys
+ 2010-05-24 23:05 . 2001-08-18 00:53 9600 c:\windows\system32\dllcache\sonymc.sys
+ 2010-05-24 23:05 . 2008-04-13 14:40 7552 c:\windows\system32\dllcache\sonyait.sys
+ 2010-05-24 23:05 . 2001-08-18 00:53 7040 c:\windows\system32\dllcache\snyaitmc.sys
+ 2007-06-15 08:04 . 2008-04-14 02:21 8704 c:\windows\system32\dllcache\snmptrap.exe
+ 2007-06-15 08:04 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\snmpmib.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 8192 c:\windows\system32\dllcache\smbinst.exe
+ 2010-05-24 23:05 . 2001-08-18 00:57 6784 c:\windows\system32\dllcache\smbhc.sys
+ 2010-05-24 23:05 . 2008-04-13 14:36 6912 c:\windows\system32\dllcache\smbclass.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 5888 c:\windows\system32\dllcache\smbali.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 3901 c:\windows\system32\dllcache\siint5.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 5120 c:\windows\system32\dllcache\sfc.dll
+ 2010-05-24 23:04 . 2001-09-06 02:27 6912 c:\windows\system32\dllcache\serscan.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\sensapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 5632 c:\windows\system32\dllcache\security.dll
+ 2010-05-24 23:04 . 2001-08-18 00:53 6912 c:\windows\system32\dllcache\seaddsmc.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 9216 c:\windows\system32\dllcache\scrnsave.scr
+ 2008-04-14 02:20 . 2008-04-14 02:20 9728 c:\windows\system32\dllcache\rwnh.dll
+ 2010-05-24 23:04 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\rsmgrstr.dll
+ 2010-05-24 23:04 . 2001-08-17 23:19 3840 c:\windows\system32\dllcache\rpfun.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\rpcref.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 7680 c:\windows\system32\dllcache\rasadhlp.dll
+ 2010-05-24 23:04 . 2001-08-18 00:53 3328 c:\windows\system32\dllcache\qv2kux.sys
+ 2010-05-24 23:04 . 2008-04-13 14:40 6016 c:\windows\system32\dllcache\qic157.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 7680 c:\windows\system32\dllcache\pwsdata.dll
+ 2010-05-24 23:04 . 2001-09-06 02:50 5632 c:\windows\system32\dllcache\ptpusb.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 9728 c:\windows\system32\dllcache\proxycfg.exe
+ 2010-05-24 23:03 . 2008-04-13 14:40 8832 c:\windows\system32\dllcache\powerfil.sys
+ 2010-05-24 23:03 . 2001-08-18 00:53 7168 c:\windows\system32\dllcache\pnrmc.sys
+ 2010-05-24 23:03 . 2001-08-18 01:07 5504 c:\windows\system32\dllcache\perc2hib.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 3456 c:\windows\system32\dllcache\pciide.sys
+ 2001-10-28 18:07 . 2001-10-28 18:07 3456 c:\windows\system32\dllcache\oprghdlr.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\ntlsapi.dll
+ 2010-05-24 23:03 . 2001-09-06 02:08 9472 c:\windows\system32\dllcache\ntapm.sys
+ 2010-05-24 23:03 . 2001-08-18 00:53 7552 c:\windows\system32\dllcache\nsmmc.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 4096 c:\windows\system32\dllcache\nddeapir.exe
+ 2010-05-24 23:02 . 2001-09-06 02:50 7168 c:\windows\system32\dllcache\mxport.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\mtxex.dll
+ 2007-08-18 17:22 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 4992 c:\windows\system32\dllcache\mspqm.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 5376 c:\windows\system32\dllcache\mspclock.sys
+ 2010-05-24 23:02 . 2001-08-18 01:00 2944 c:\windows\system32\dllcache\msmpu401.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 7552 c:\windows\system32\dllcache\mskssrv.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 4608 c:\windows\system32\dllcache\msimg32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 6656 c:\windows\system32\dllcache\msidle.dll
+ 2010-05-24 23:02 . 2001-08-18 00:48 6016 c:\windows\system32\dllcache\msfsio.sys
+ 2007-05-21 21:09 . 2008-04-14 02:21 6144 c:\windows\system32\dllcache\msdtc.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdaurl.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdasc.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdaer.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdaenum.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\msdadc.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 3584 c:\windows\system32\dllcache\msafd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 4608 c:\windows\system32\dllcache\mqsvc.exe
+ 2008-04-14 02:21 . 2008-04-14 02:21 7680 c:\windows\system32\dllcache\migregdb.exe
+ 2010-05-24 23:01 . 2001-08-18 00:58 8320 c:\windows\system32\dllcache\memcard.sys
+ 2010-05-24 23:01 . 2001-08-18 00:52 7424 c:\windows\system32\dllcache\mammoth.sys
+ 2010-05-24 23:01 . 2008-04-13 14:40 7040 c:\windows\system32\dllcache\ltotape.sys
+ 2010-05-24 23:01 . 2001-08-18 00:53 4992 c:\windows\system32\dllcache\loop.sys
+ 2007-05-21 22:37 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\ksuser.dll
+ 2004-08-04 05:59 . 2008-04-13 18:31 7424 c:\windows\system32\dllcache\kd1394.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdukx.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 7680 c:\windows\system32\dllcache\kbdsmsno.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 7680 c:\windows\system32\dllcache\kbdsmsfi.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdpash.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdno1.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdnepr.dll
+ 2001-10-28 18:06 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdnec.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdmlt48.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdmlt47.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 5632 c:\windows\system32\dllcache\kbdmaori.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdlk41j.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6656 c:\windows\system32\dllcache\kbdlk41a.dll
+ 2010-05-24 23:01 . 2001-08-18 09:36 8192 c:\windows\system32\dllcache\kbdkor.dll
+ 2010-05-24 23:01 . 2001-08-18 09:36 8704 c:\windows\system32\dllcache\kbdjpn.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdiultn.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 6656 c:\windows\system32\dllcache\kbdinmal.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdinben.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdinbe1.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdibm02.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\kbdfi1.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdbhc.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbdax2.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbd106n.dll
+ 2010-05-24 23:00 . 2001-08-18 01:55 5632 c:\windows\system32\dllcache\kbd103.dll
+ 2010-05-24 23:00 . 2001-08-18 01:55 6144 c:\windows\system32\dllcache\kbd101c.dll
+ 2010-05-24 23:00 . 2001-08-18 01:55 6144 c:\windows\system32\dllcache\kbd101b.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6144 c:\windows\system32\dllcache\kbd101.dll
+ 2010-05-24 23:00 . 2008-04-13 21:57 5632 c:\windows\system32\dllcache\intelide.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\iisfecnv.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\igmpagnt.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 3584 c:\windows\system32\dllcache\icmp.dll
+ 2010-05-24 23:00 . 2001-09-06 02:48 9728 c:\windows\system32\dllcache\ibmsgnet.dll
+ 2010-05-24 23:00 . 2008-04-13 14:41 8576 c:\windows\system32\dllcache\i2omgmt.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\httpmb51.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 9759 c:\windows\system32\dllcache\hsf_inst.dll
+ 2010-05-24 22:59 . 2001-08-18 00:52 5760 c:\windows\system32\dllcache\hpt4qic.sys
+ 2010-05-24 22:59 . 2001-08-18 01:02 2688 c:\windows\system32\dllcache\hidswvd.sys
+ 2010-05-24 22:59 . 2001-08-18 01:02 8576 c:\windows\system32\dllcache\hidgame.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\hccoin.dll
+ 2008-04-14 02:18 . 2008-04-14 02:18 6656 c:\windows\system32\dllcache\fxsres.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 8704 c:\windows\system32\dllcache\fxsperf.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\ftpmib.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 9344 c:\windows\system32\dllcache\framebuf.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 7680 c:\windows\system32\dllcache\forcedos.exe
+ 2008-04-14 02:18 . 2008-04-14 02:18 7168 c:\windows\system32\dllcache\f3ahvoas.dll
+ 2010-05-24 22:59 . 2001-08-18 00:52 7040 c:\windows\system32\dllcache\exabyte2.sys
+ 2001-10-28 18:06 . 2001-10-28 18:06 9216 c:\windows\system32\dllcache\eventvwr.exe
+ 2010-05-24 22:58 . 2001-08-18 00:46 6400 c:\windows\system32\dllcache\enum1394.sys
+ 2010-05-24 22:58 . 2001-08-18 00:53 7296 c:\windows\system32\dllcache\elmsmc.sys
+ 2004-08-04 07:44 . 2008-04-14 02:00 4096 c:\windows\system32\dllcache\dsprpres.dll
+ 2004-08-03 23:07 . 2008-04-13 18:45 2944 c:\windows\system32\dllcache\drmkaud.sys
+ 2004-08-04 07:44 . 2008-04-14 02:18 3072 c:\windows\system32\dllcache\dpnlobby.dll
+ 2004-08-04 07:44 . 2008-04-14 02:18 3072 c:\windows\system32\dllcache\dpnaddr.dll
+ 2010-05-24 22:58 . 2001-08-18 00:47 8704 c:\windows\system32\dllcache\dot4scan.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 9216 c:\windows\system32\dllcache\dot3dlg.dll
+ 2010-05-24 22:58 . 2008-04-13 14:40 8320 c:\windows\system32\dllcache\dlttape.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 5120 c:\windows\system32\dllcache\dllhost.exe
+ 2010-05-24 22:58 . 2001-09-06 02:50 6216 c:\windows\system32\dllcache\divaci.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 6729 c:\windows\system32\dllcache\disrvci.dll
+ 2010-05-24 22:58 . 2001-08-18 00:52 7424 c:\windows\system32\dllcache\ddsmc.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\dcomcnfg.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 8704 c:\windows\system32\dllcache\dciman32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\d3d8thk.dll
+ 2010-05-24 22:57 . 2001-08-17 23:19 3584 c:\windows\system32\dllcache\cwcosnt5.sys
+ 2010-05-24 22:57 . 2001-08-17 23:19 3072 c:\windows\system32\dllcache\cwbmidi.sys
+ 2010-05-24 22:57 . 2001-08-17 23:19 3072 c:\windows\system32\dllcache\cwbase.sys
+ 2010-05-24 22:57 . 2001-09-06 02:50 4096 c:\windows\system32\dllcache\ctwdm32.dll
+ 2010-05-24 22:57 . 2001-08-17 23:19 3712 c:\windows\system32\dllcache\ctljystk.sys
+ 2010-05-24 22:57 . 2001-08-17 23:19 6912 c:\windows\system32\dllcache\ctlfacem.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\csrss.exe
+ 2007-05-21 21:09 . 2008-04-14 02:20 6144 c:\windows\system32\dllcache\comrereg.exe
+ 2007-05-21 21:09 . 2008-04-14 02:20 9728 c:\windows\system32\dllcache\comrepl.exe
+ 2010-05-24 22:57 . 2001-09-06 02:18 6656 c:\windows\system32\dllcache\cmdide.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 5632 c:\windows\system32\dllcache\cisvc.exe
+ 2010-05-24 22:57 . 2008-04-13 14:41 8192 c:\windows\system32\dllcache\changer.sys
+ 2010-05-24 22:57 . 2001-08-18 00:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys
+ 2010-05-24 22:56 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\brserif.dll
+ 2010-05-24 22:56 . 2001-09-06 02:50 5120 c:\windows\system32\dllcache\brscnrsm.dll
+ 2010-05-24 22:56 . 2001-08-18 00:12 3168 c:\windows\system32\dllcache\brparimg.sys
+ 2010-05-24 22:56 . 2001-08-18 00:12 3968 c:\windows\system32\dllcache\brfiltup.sys
+ 2010-05-24 22:56 . 2001-08-18 00:12 2944 c:\windows\system32\dllcache\brfilt.sys
+ 2010-05-24 22:56 . 2001-09-06 02:50 9728 c:\windows\system32\dllcache\brcoinst.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\bitsprx4.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 7168 c:\windows\system32\dllcache\bitsprx3.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 8192 c:\windows\system32\dllcache\bitsprx2.dll
+ 2007-05-21 18:07 . 2001-08-17 21:59 3072 c:\windows\system32\dllcache\audstub.sys
+ 2010-05-24 22:56 . 2001-08-17 23:49 9472 c:\windows\system32\dllcache\ativmdcd.sys
+ 2010-05-24 22:56 . 2001-08-18 00:47 6272 c:\windows\system32\dllcache\apmbatt.sys
+ 2010-05-24 22:56 . 2001-08-18 00:51 5248 c:\windows\system32\dllcache\aliide.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 3775 c:\windows\system32\dllcache\adv11nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 3711 c:\windows\system32\dllcache\adv09nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 3135 c:\windows\system32\dllcache\adv08nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 3647 c:\windows\system32\dllcache\adv07nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 3615 c:\windows\system32\dllcache\adv05nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 3967 c:\windows\system32\dllcache\adv02nt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 4255 c:\windows\system32\dllcache\adv01nt5.dll
+ 2010-05-24 22:56 . 2001-08-18 00:53 7424 c:\windows\system32\dllcache\adicvls.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 4096 c:\windows\system32\dllcache\actmovie.exe
+ 2004-08-04 07:44 . 2008-04-13 18:35 192512 c:\windows\system32\xpsp1res.dll
+ 2007-05-21 21:09 . 2001-10-28 18:07 119808 c:\windows\system32\winmine.exe
+ 2001-10-28 18:07 . 2001-10-28 18:07 102400 c:\windows\system32\verifier.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 347136 c:\windows\system32\tourstart.exe
+ 2007-05-21 21:09 . 2001-10-28 18:07 139264 c:\windows\system32\sndvol32.exe
+ 2010-05-26 00:17 . 2006-05-26 14:58 117248 c:\windows\system32\ReinstallBackups\0022\DriverFiles\staco.dll
+ 2010-05-26 00:17 . 2006-05-26 14:58 217088 c:\windows\system32\ReinstallBackups\0022\DriverFiles\stacapi.dll
+ 2010-05-26 00:17 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\portcls.sys
+ 2009-08-03 18:07 . 2009-08-03 18:07 230768 c:\windows\system32\OGAEXEC.exe
+ 2009-08-03 18:07 . 2009-08-03 18:07 403816 c:\windows\system32\OGACheckControl.dll
+ 2009-08-03 18:07 . 2009-08-03 18:07 322928 c:\windows\system32\OGAAddin.dll
+ 2007-05-21 21:09 . 2008-04-14 02:21 677888 c:\windows\system32\mstsc.exe
+ 2007-05-21 21:09 . 2001-10-28 18:07 128000 c:\windows\system32\mshearts.exe
+ 2001-09-05 23:50 . 2001-09-06 02:50 147968 c:\windows\system32\mdwmdmsp.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 117248 c:\windows\system32\inetcplc.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 237568 c:\windows\system32\ieakui.dll
+ 2010-05-26 12:43 . 2010-05-26 12:43 274968 c:\windows\system32\FNTCACHE.DAT
+ 2007-05-21 17:18 . 2001-10-28 18:06 103424 c:\windows\system32\eqnclass.dll
+ 2004-08-03 23:15 . 2008-04-13 15:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2009-10-17 10:23 . 2002-12-12 03:14 381952 c:\windows\system32\dpvoice.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 127488 c:\windows\system32\dmdskres.dll
+ 2010-05-24 23:07 . 2008-04-13 22:20 116224 c:\windows\system32\dllcache\xrxwiadr.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 129024 c:\windows\system32\dllcache\xmlprov.dll
+ 2004-08-04 00:45 . 2008-04-14 02:20 483840 c:\windows\system32\dllcache\wzcsvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 383488 c:\windows\system32\dllcache\wzcdlg.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 108032 c:\windows\system32\dllcache\wshbth.dll
+ 2004-08-04 07:45 . 2008-05-08 11:24 155648 c:\windows\system32\dllcache\wscript.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 264704 c:\windows\system32\dllcache\wow32.dll
+ 2007-05-21 21:09 . 2008-04-21 21:15 216064 c:\windows\system32\dllcache\wordpad.exe
+ 2007-05-21 21:10 . 2008-04-14 02:20 325632 c:\windows\system32\dllcache\wmm2fxb.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 502272 c:\windows\system32\dllcache\wmm2fxa.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 402432 c:\windows\system32\dllcache\wmm2filt.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 167936 c:\windows\system32\dllcache\wmm2ae.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 145408 c:\windows\system32\dllcache\wmisvc.dll
+ 2007-05-21 21:09 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2007-05-21 21:09 . 2009-02-09 10:53 453120 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 144896 c:\windows\system32\dllcache\wmiprov.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 132096 c:\windows\system32\dllcache\wmipdskq.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 156672 c:\windows\system32\dllcache\wmipcima.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 140800 c:\windows\system32\dllcache\wmidcprv.dll
+ 2007-05-21 21:09 . 2008-04-14 02:21 365056 c:\windows\system32\dllcache\wmic.exe
+ 2007-05-21 21:09 . 2008-04-14 02:21 126464 c:\windows\system32\dllcache\wmiapsrv.exe
+ 2007-05-21 21:09 . 2008-04-14 02:21 196608 c:\windows\system32\dllcache\wmiadap.exe
+ 2010-05-24 23:07 . 2008-04-13 12:35 154624 c:\windows\system32\dllcache\wlluc48.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 172544 c:\windows\system32\dllcache\wldap32.dll
+ 2004-08-04 07:45 . 2009-06-10 06:15 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2004-08-04 07:45 . 2009-12-24 07:00 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 146944 c:\windows\system32\dllcache\winspool.drv
+ 2004-08-04 07:45 . 2008-04-14 02:20 179200 c:\windows\system32\dllcache\winmm.dll
+ 2007-05-21 21:09 . 2001-10-28 18:07 119808 c:\windows\system32\dllcache\winmine.exe
+ 2004-08-04 07:45 . 2009-08-25 09:19 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 287744 c:\windows\system32\dllcache\winhlp32.exe
+ 2010-05-24 23:07 . 2001-08-18 00:28 771581 c:\windows\system32\dllcache\winacisa.sys
+ 2004-08-04 07:45 . 2008-08-28 07:47 105472 c:\windows\system32\dllcache\win32spl.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 111104 c:\windows\system32\dllcache\wiavideo.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 334336 c:\windows\system32\dllcache\wiaservc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 124928 c:\windows\system32\dllcache\wiadss.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 136192 c:\windows\system32\dllcache\webvw.dll
+ 2010-05-24 23:06 . 2001-08-18 00:28 701386 c:\windows\system32\dllcache\wdhaalba.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 197120 c:\windows\system32\dllcache\wbemupgd.dll
+ 2007-05-21 21:09 . 2008-04-14 02:21 118784 c:\windows\system32\dllcache\wbemtest.exe
+ 2007-05-21 21:09 . 2008-04-14 02:20 273920 c:\windows\system32\dllcache\wbemess.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 178176 c:\windows\system32\dllcache\wbemdisp.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 531968 c:\windows\system32\dllcache\wbemcore.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 214528 c:\windows\system32\dllcache\wbemcomn.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 199168 c:\windows\system32\dllcache\wbemcntl.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 215552 c:\windows\system32\dllcache\wavemsp.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 368128 c:\windows\system32\dllcache\w3svc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 176128 c:\windows\system32\dllcache\w32time.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 292864 c:\windows\system32\dllcache\vssvc.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 430592 c:\windows\system32\dllcache\vssapi.dll
+ 2010-05-24 23:06 . 2001-08-18 00:28 397502 c:\windows\system32\dllcache\vpctcom.sys
+ 2010-05-24 23:06 . 2001-08-18 00:28 604253 c:\windows\system32\dllcache\vmodem.sys
+ 2010-05-24 23:06 . 2001-08-17 23:14 249402 c:\windows\system32\dllcache\vinwm.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 131584 c:\windows\system32\dllcache\viewprov.dll
+ 2001-10-28 18:07 . 2001-10-28 18:07 102400 c:\windows\system32\dllcache\verifier.exe
+ 2004-08-04 07:45 . 2010-03-10 06:16 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2010-05-24 23:06 . 2001-08-18 00:28 687999 c:\windows\system32\dllcache\usrwdxjs.sys
+ 2001-09-05 23:50 . 2001-10-28 18:06 102457 c:\windows\system32\dllcache\usrv42a.dll
+ 2010-05-24 23:06 . 2001-08-18 00:28 765884 c:\windows\system32\dllcache\usrti.sys
+ 2010-05-24 23:06 . 2001-08-18 00:28 113762 c:\windows\system32\dllcache\usrpda.sys
+ 2001-09-05 23:50 . 2001-10-28 18:06 323641 c:\windows\system32\dllcache\usrdtea.dll
+ 2010-05-24 23:06 . 2001-08-18 00:28 224802 c:\windows\system32\dllcache\usr1807a.sys
+ 2010-05-24 23:06 . 2001-08-18 00:28 794399 c:\windows\system32\dllcache\usr1806v.sys
+ 2010-05-24 23:06 . 2001-08-18 00:28 793598 c:\windows\system32\dllcache\usr1806.sys
+ 2010-05-24 23:06 . 2001-08-18 00:28 794654 c:\windows\system32\dllcache\usr1801.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-04-13 18:46 . 2008-04-13 18:46 121984 c:\windows\system32\dllcache\usbvideo.sys
+ 2004-08-04 06:08 . 2008-04-13 18:45 143872 c:\windows\system32\dllcache\usbport.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 186368 c:\windows\system32\dllcache\upnphost.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 133632 c:\windows\system32\dllcache\upnp.dll
+ 2004-08-04 05:58 . 2008-04-13 18:39 384768 c:\windows\system32\dllcache\update.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 316416 c:\windows\system32\dllcache\untfs.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 124416 c:\windows\system32\dllcache\umpnpmgr.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 212480 c:\windows\system32\dllcache\um54scan.dll
+ 2010-05-24 23:06 . 2001-09-06 02:50 216576 c:\windows\system32\dllcache\um34scan.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 303616 c:\windows\system32\dllcache\ulib.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 103936 c:\windows\system32\dllcache\uihelper.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 101376 c:\windows\system32\dllcache\txflog.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 131584 c:\windows\system32\dllcache\tsoc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 279040 c:\windows\system32\dllcache\tshoot.dll
+ 2007-05-21 21:10 . 2009-06-21 21:48 153088 c:\windows\system32\dllcache\triedit.dll
+ 2010-05-24 23:06 . 2001-08-17 23:51 166784 c:\windows\system32\dllcache\tridxpm.sys
+ 2010-05-24 23:06 . 2001-09-06 02:50 525568 c:\windows\system32\dllcache\tridxp.dll
+ 2010-05-24 23:06 . 2001-08-17 23:51 159232 c:\windows\system32\dllcache\tridkbm.sys
+ 2010-05-24 23:06 . 2001-09-06 02:49 440576 c:\windows\system32\dllcache\tridkb.dll
+ 2010-05-24 23:06 . 2001-08-17 23:51 222336 c:\windows\system32\dllcache\trid3dm.sys
+ 2010-05-24 23:06 . 2001-09-06 02:49 315520 c:\windows\system32\dllcache\trid3d.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 260096 c:\windows\system32\dllcache\tracerpt.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 347136 c:\windows\system32\dllcache\tourstrt.exe
+ 2010-05-24 23:06 . 2001-08-18 01:02 230912 c:\windows\system32\dllcache\tosdvd03.sys
+ 2010-05-24 23:06 . 2001-08-18 01:01 241664 c:\windows\system32\dllcache\tosdvd02.sys
+ 2010-05-24 23:06 . 2001-08-17 23:14 123995 c:\windows\system32\dllcache\tjisdn.sys
+ 2010-05-24 23:05 . 2001-08-17 23:51 138528 c:\windows\system32\dllcache\tgiulnt5.sys
+ 2010-05-24 23:05 . 2008-04-13 14:40 149376 c:\windows\system32\dllcache\tffsport.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 296960 c:\windows\system32\dllcache\termsrv.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 358912 c:\windows\system32\dllcache\termmgr.dll
+ 2004-08-04 06:07 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2004-08-04 06:14 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 249856 c:\windows\system32\dllcache\tapisrv.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 181760 c:\windows\system32\dllcache\tapi32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 859648 c:\windows\system32\dllcache\tapi3.dll
+ 2010-05-24 23:05 . 2001-09-06 02:49 172768 c:\windows\system32\dllcache\t2r4disp.dll
+ 2004-08-04 07:45 . 2009-10-15 16:32 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 173568 c:\windows\system32\dllcache\sysmoda.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 193536 c:\windows\system32\dllcache\sysmod.dll
+ 2010-05-24 23:05 . 2001-08-18 00:50 103936 c:\windows\system32\dllcache\sx.sys
+ 2010-05-24 23:05 . 2001-09-06 02:50 155648 c:\windows\system32\dllcache\stlnprop.dll
+ 2010-05-24 23:05 . 2001-09-06 02:06 286432 c:\windows\system32\dllcache\stlnata.sys
+ 2004-08-04 07:45 . 2008-04-14 02:21 684032 c:\windows\system32\dllcache\sstext3d.scr
+ 2004-08-04 07:45 . 2008-04-14 02:21 610304 c:\windows\system32\dllcache\sspipes.scr
+ 2004-08-04 07:45 . 2008-04-14 02:21 393216 c:\windows\system32\dllcache\ssflwbox.scr
+ 2004-08-04 07:45 . 2008-04-14 02:21 708608 c:\windows\system32\dllcache\ss3dfo.scr
+ 2004-08-04 06:14 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 171520 c:\windows\system32\dllcache\srsvc.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 217088 c:\windows\system32\dllcache\sqlxmlx.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 180800 c:\windows\system32\dllcache\sqlunirl.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 110592 c:\windows\system32\dllcache\sqlse20.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 462848 c:\windows\system32\dllcache\sqlqp20.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 151552 c:\windows\system32\dllcache\sqldb20.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 271872 c:\windows\system32\dllcache\sptip.dll
+ 2007-06-02 03:08 . 2008-04-13 18:38 736256 c:\windows\system32\dllcache\spru0416.dll
+ 2004-08-04 07:44 . 2008-04-13 18:35 192512 c:\windows\system32\dllcache\sprs0416.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 106584 c:\windows\system32\dllcache\spdports.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 114688 c:\windows\system32\dllcache\sonypi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 130048 c:\windows\system32\dllcache\softkbd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 183296 c:\windows\system32\dllcache\snmpsnap.dll
+ 2007-06-15 08:04 . 2008-04-14 02:20 188416 c:\windows\system32\dllcache\snmpsmir.dll
+ 2007-06-15 08:04 . 2008-04-14 02:20 358400 c:\windows\system32\dllcache\snmpincl.dll
+ 2007-06-15 08:04 . 2008-04-14 02:20 259072 c:\windows\system32\dllcache\snmpcl.dll
+ 2007-05-21 21:09 . 2001-10-28 18:07 139264 c:\windows\system32\dllcache\sndvol32.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 463360 c:\windows\system32\dllcache\smtpsvc.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 189952 c:\windows\system32\dllcache\smtpadm.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 366592 c:\windows\system32\dllcache\smlogcfg.dll
+ 2010-05-24 23:05 . 2001-09-06 02:49 147200 c:\windows\system32\dllcache\smidispb.dll
+ 2007-06-15 08:04 . 2008-04-14 02:21 236544 c:\windows\system32\dllcache\smi2smir.exe
+ 2008-08-30 19:21 . 2004-08-04 01:41 404990 c:\windows\system32\dllcache\slntamr.sys
+ 2008-08-30 19:21 . 2004-08-04 01:41 129535 c:\windows\system32\dllcache\slnt7554.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 188508 c:\windows\system32\dllcache\slgen.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 286792 c:\windows\system32\dllcache\slextspk.dll
+ 2010-05-24 23:05 . 2001-09-06 02:49 157696 c:\windows\system32\dllcache\sisv256.dll
+ 2010-05-24 23:05 . 2001-09-06 02:50 238592 c:\windows\system32\dllcache\sisgrv.dll
+ 2010-05-24 23:05 . 2001-08-17 23:50 104064 c:\windows\system32\dllcache\sisgrp.sys
+ 2010-05-24 23:05 . 2001-09-06 02:49 150144 c:\windows\system32\dllcache\sis6306v.dll
+ 2010-05-24 23:05 . 2001-09-06 02:49 252032 c:\windows\system32\dllcache\sis300iv.dll
+ 2010-05-24 23:05 . 2001-08-17 23:50 101760 c:\windows\system32\dllcache\sis300ip.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2004-08-04 07:45 . 2009-12-08 09:24 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2010-05-24 23:04 . 2001-09-06 02:28 161632 c:\windows\system32\dllcache\sgsmusb.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 101888 c:\windows\system32\dllcache\setupqry.dll
+ 2007-05-21 21:10 . 2004-08-04 07:45 774144 c:\windows\system32\dllcache\setup_wm.exe
+ 2007-05-21 21:09 . 2008-04-14 02:21 142848 c:\windows\system32\dllcache\sessmgr.exe
+ 2004-08-04 07:45 . 2009-02-09 11:25 111104 c:\windows\system32\dllcache\services.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 221696 c:\windows\system32\dllcache\seo.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 126976 c:\windows\system32\dllcache\sctasks.exe
+ 2004-08-04 07:45 . 2008-05-09 10:55 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 199680 c:\windows\system32\dllcache\scripta.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 216576 c:\windows\system32\dllcache\script.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 193536 c:\windows\system32\dllcache\schedsvc.dll
+ 2004-08-04 07:45 . 2009-06-25 08:27 147456 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 320512 c:\windows\system32\dllcache\scesrv.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 184832 c:\windows\system32\dllcache\scecli.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 171008 c:\windows\system32\dllcache\sccsccp.dll
+ 2010-05-24 23:04 . 2001-09-06 02:50 495616 c:\windows\system32\dllcache\sblfx.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 159232 c:\windows\system32\dllcache\sbeio.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 270848 c:\windows\system32\dllcache\sbe.dll
+ 2007-05-21 17:18 . 2008-04-14 02:20 741376 c:\windows\system32\dllcache\sapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 428032 c:\windows\system32\dllcache\samsrv.dll
+ 2010-05-24 23:04 . 2001-09-06 02:49 245632 c:\windows\system32\dllcache\s3savmx.dll
+ 2010-05-24 23:04 . 2001-09-06 02:49 198400 c:\windows\system32\dllcache\s3sav4.dll
+ 2010-05-24 23:04 . 2001-09-06 02:49 179264 c:\windows\system32\dllcache\s3sav3d.dll
+ 2010-05-24 23:04 . 2001-09-06 02:49 210496 c:\windows\system32\dllcache\s3mvirge.dll
+ 2010-05-24 23:04 . 2001-09-06 02:49 182272 c:\windows\system32\dllcache\s3mt3d.dll
+ 2010-05-24 23:04 . 2001-08-17 23:50 166720 c:\windows\system32\dllcache\s3m.sys
+ 2008-08-30 19:21 . 2004-08-04 01:29 166912 c:\windows\system32\dllcache\s3gnbm.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 397056 c:\windows\system32\dllcache\s3gnb.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 107520 c:\windows\system32\dllcache\rsnotify.exe
+ 2004-08-04 05:31 . 2008-04-13 17:37 208384 c:\windows\system32\dllcache\rsaenh.dll
+ 2004-08-04 07:45 . 2009-02-09 10:53 401408 c:\windows\system32\dllcache\rpcss.dll
+ 2004-08-04 07:45 . 2009-04-15 14:53 585216 c:\windows\system32\dllcache\rpcrt4.dll
+ 2001-10-28 18:07 . 2008-05-08 14:02 203136 c:\windows\system32\dllcache\rmcast.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 433664 c:\windows\system32\dllcache\riched20.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 290304 c:\windows\system32\dllcache\rhttpaa.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 178176 c:\windows\system32\dllcache\repdrvfs.dll
+ 2007-05-21 21:09 . 2008-04-14 02:21 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2007-05-21 21:09 . 2008-04-13 18:32 196224 c:\windows\system32\dllcache\rdpdr.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 147968 c:\windows\system32\dllcache\rdchost.dll
+ 2004-08-04 06:20 . 2008-04-13 19:28 175744 c:\windows\system32\dllcache\rdbss.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 102912 c:\windows\system32\dllcache\rcbdyctl.dll
+ 2004-08-04 07:45 . 2009-10-12 13:39 150016 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 210944 c:\windows\system32\dllcache\rasppp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 186368 c:\windows\system32\dllcache\rasmans.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 237056 c:\windows\system32\dllcache\rasapi32.dll
+ 2010-05-24 23:04 . 2001-09-06 02:22 715242 c:\windows\system32\dllcache\r2mdmkxx.sys
+ 2010-05-24 23:04 . 2001-09-06 02:22 899658 c:\windows\system32\dllcache\r2mdkxga.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 409088 c:\windows\system32\dllcache\qmgr.dll
+ 2004-08-04 07:44 . 2008-04-13 17:21 733696 c:\windows\system32\dllcache\qedwipes.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 563200 c:\windows\system32\dllcache\qedit.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 386560 c:\windows\system32\dllcache\qdvd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 279040 c:\windows\system32\dllcache\qdv.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 192512 c:\windows\system32\dllcache\qcap.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 292864 c:\windows\system32\dllcache\qagentrt.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 150528 c:\windows\system32\dllcache\qagent.dll
+ 2010-05-24 23:04 . 2001-08-18 00:28 130942 c:\windows\system32\dllcache\ptserlv.sys
+ 2010-05-24 23:04 . 2001-08-18 00:28 112574 c:\windows\system32\dllcache\ptserlp.sys
+ 2010-05-24 23:04 . 2001-08-18 00:28 128286 c:\windows\system32\dllcache\ptserli.sys
+ 2010-05-24 23:04 . 2008-04-13 22:20 159232 c:\windows\system32\dllcache\ptpusd.dll
+ 2007-08-18 17:21 . 2008-04-14 02:20 363520 c:\windows\system32\dllcache\psisdecd.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 237056 c:\windows\system32\dllcache\provthrd.dll
+ 2004-08-03 23:15 . 2008-04-13 15:19 146048 c:\windows\system32\dllcache\portcls.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 105984 c:\windows\system32\dllcache\polstore.dll
+ 2007-05-21 21:09 . 2008-04-14 02:21 283648 c:\windows\system32\dllcache\pinball.exe
+ 2010-05-24 23:03 . 2001-09-06 02:50 121344 c:\windows\system32\dllcache\phvfwext.dll
+ 2010-05-24 23:03 . 2001-08-18 01:04 173696 c:\windows\system32\dllcache\philcam2.sys
+ 2010-05-24 23:03 . 2008-04-13 22:19 259328 c:\windows\system32\dllcache\perm3dd.dll
+ 2010-05-24 23:03 . 2008-04-13 22:19 211584 c:\windows\system32\dllcache\perm2dll.dll
+ 2004-08-04 07:45 . 2009-03-06 14:20 286208 c:\windows\system32\dllcache\pdh.dll
+ 2010-05-24 23:03 . 2008-04-13 12:12 169984 c:\windows\system32\dllcache\pcx500.sys
+ 2004-08-04 07:35 . 2008-04-14 02:02 120320 c:\windows\system32\dllcache\pcmcia.sys
+ 2001-09-05 23:50 . 2001-10-28 18:06 157696 c:\windows\system32\dllcache\paqsp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 554496 c:\windows\system32\dllcache\p2psvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 115712 c:\windows\system32\dllcache\p2pnetsh.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 313856 c:\windows\system32\dllcache\p2pgraph.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 105472 c:\windows\system32\dllcache\p2pgasvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 153600 c:\windows\system32\dllcache\p2p.dll
+ 2010-05-24 23:03 . 2001-08-18 01:05 351616 c:\windows\system32\dllcache\ovcodek2.sys
+ 2010-05-24 23:03 . 2001-09-06 02:50 116736 c:\windows\system32\dllcache\ovcodec2.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 713728 c:\windows\system32\dllcache\opengl32.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 144896 c:\windows\system32\dllcache\onex.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 109056 c:\windows\system32\dllcache\oleprn.dll
+ 2001-10-28 18:07 . 2008-04-14 02:20 123904 c:\windows\system32\dllcache\oledlg.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 487424 c:\windows\system32\dllcache\oledb32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 192000 c:\windows\system32\dllcache\offfilt.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 104448 c:\windows\system32\dllcache\oeimport.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 147456 c:\windows\system32\dllcache\odbctrac.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 278559 c:\windows\system32\dllcache\odbcjt32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 106496 c:\windows\system32\dllcache\odbccp32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 135168 c:\windows\system32\dllcache\odbcconf.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2004-08-04 07:44 . 2008-04-13 18:40 444928 c:\windows\system32\dllcache\obrs0416.dll
+ 2004-08-04 07:45 . 2009-10-13 10:34 271360 c:\windows\system32\dllcache\oakley.dll
+ 2004-08-04 06:02 . 2008-04-13 18:34 163584 c:\windows\system32\dllcache\nwrdr.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 143360 c:\windows\system32\dllcache\nwprovau.dll
+ 2010-05-24 23:03 . 2001-08-17 23:50 198144 c:\windows\system32\dllcache\nv3.sys
+ 2010-05-24 23:03 . 2001-09-06 02:49 123776 c:\windows\system32\dllcache\nv3.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 421376 c:\windows\system32\dllcache\ntvdm.exe
+ 2008-08-30 19:21 . 2004-08-04 01:41 180360 c:\windows\system32\dllcache\ntmtlfax.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 437248 c:\windows\system32\dllcache\ntmssvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 493056 c:\windows\system32\dllcache\ntmsmgr.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 180224 c:\windows\system32\dllcache\ntmsdba.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 119296 c:\windows\system32\dllcache\ntmarta.dll
+ 2004-08-04 06:15 . 2008-04-13 19:15 574976 c:\windows\system32\dllcache\ntfs.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 212992 c:\windows\system32\dllcache\ntevt.dll
+ 2004-08-04 07:45 . 2009-02-09 10:53 730624 c:\windows\system32\dllcache\ntdll.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 192512 c:\windows\system32\dllcache\nmwb.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 172032 c:\windows\system32\dllcache\nmoldwb.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 155648 c:\windows\system32\dllcache\nmft.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 229376 c:\windows\system32\dllcache\nmas.dll
+ 2010-05-24 23:03 . 2001-08-17 23:20 126080 c:\windows\system32\dllcache\nm5a2wdm.sys
+ 2010-05-24 23:03 . 2008-04-13 21:59 132695 c:\windows\system32\dllcache\netwlan5.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 245760 c:\windows\system32\dllcache\netui1.dll
+ 2010-05-24 23:03 . 2004-08-04 07:48 332800 c:\windows\system32\dllcache\netsetup.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 198144 c:\windows\system32\dllcache\netman.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 407040 c:\windows\system32\dllcache\netlogon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 113664 c:\windows\system32\dllcache\netdde.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 629760 c:\windows\system32\dllcache\netcfgx.dll
+ 2004-08-04 06:14 . 2008-04-13 19:21 162816 c:\windows\system32\dllcache\netbt.sys
+ 2004-08-04 07:45 . 2008-10-15 16:36 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 124928 c:\windows\system32\dllcache\net1.exe
+ 2004-08-04 06:14 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\ndis.sys
+ 2008-04-14 02:21 . 2008-04-14 02:21 176640 c:\windows\system32\dllcache\napstat.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 198656 c:\windows\system32\dllcache\napmontr.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 221184 c:\windows\system32\dllcache\nac.dll
+ 2010-05-24 23:02 . 2001-09-06 02:28 129024 c:\windows\system32\dllcache\n100325.sys
+ 2004-08-04 06:15 . 2008-04-13 19:17 105344 c:\windows\system32\dllcache\mup.sys
+ 2010-05-24 23:02 . 2001-08-17 23:50 103296 c:\windows\system32\dllcache\mtxvideo.sys
+ 2008-08-30 19:21 . 2004-08-04 01:29 452736 c:\windows\system32\dllcache\mtxparhm.sys
+ 2008-04-14 02:21 . 2008-04-14 02:21 119808 c:\windows\system32\dllcache\mtstocom.exe
+ 2008-08-30 19:21 . 2004-08-04 01:41 126686 c:\windows\system32\dllcache\mtlmnt5.sys
+ 2004-08-04 07:45 . 2008-06-20 17:48 247808 c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-04 07:45 . 2009-08-05 09:00 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 343040 c:\windows\system32\dllcache\msvcrt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 413696 c:\windows\system32\dllcache\msvcp60.dll
+ 2004-08-04 07:45 . 2009-09-11 14:19 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 116224 c:\windows\system32\dllcache\mstlsapi.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 274432 c:\windows\system32\dllcache\mst120.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 155136 c:\windows\system32\dllcache\mssha.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 134656 c:\windows\system32\dllcache\mssap.dll
+ 2007-05-21 21:09 . 2009-12-17 07:41 345600 c:\windows\system32\dllcache\mspaint.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 143360 c:\windows\system32\dllcache\msorcl32.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 105984 c:\windows\system32\dllcache\msoert2.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 252928 c:\windows\system32\dllcache\msoeacct.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 566272 c:\windows\system32\dllcache\msobmain.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 122368 c:\windows\system32\dllcache\msobcomm.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 290816 c:\windows\system32\dllcache\msnsspc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 170496 c:\windows\system32\dllcache\msmqocm.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 102400 c:\windows\system32\dllcache\msjro.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 159232 c:\windows\system32\dllcache\msimtf.dll
+ 2004-08-04 07:44 . 2008-04-13 15:39 884736 c:\windows\system32\dllcache\msimsg.dll
+ 2007-05-21 21:09 . 2001-10-28 18:07 128000 c:\windows\system32\dllcache\mshearts.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 539136 c:\windows\system32\dllcache\msftedit.dll
+ 2007-05-21 21:09 . 2008-06-12 14:22 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2007-05-21 21:09 . 2008-06-12 14:22 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2007-05-21 21:09 . 2008-06-12 14:22 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 315392 c:\windows\system32\dllcache\msdasql.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 151552 c:\windows\system32\dllcache\msdart.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 118784 c:\windows\system32\dllcache\msdarem.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 204800 c:\windows\system32\dllcache\msdaps.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 200704 c:\windows\system32\dllcache\msdaprst.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 233472 c:\windows\system32\dllcache\msdaora.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 118784 c:\windows\system32\dllcache\msdadiag.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 297984 c:\windows\system32\dllcache\msctf.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 220160 c:\windows\system32\dllcache\mscandui.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 200704 c:\windows\system32\dllcache\msadox.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 536576 c:\windows\system32\dllcache\msado15.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 155648 c:\windows\system32\dllcache\msadds.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 143360 c:\windows\system32\dllcache\msadco.dll
+ 2004-08-04 06:15 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
+ 2004-08-04 06:00 . 2008-04-13 18:32 180608 c:\windows\system32\dllcache\mrxdav.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 187392 c:\windows\system32\dllcache\mqtrig.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 117248 c:\windows\system32\dllcache\mqtgsvc.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 123904 c:\windows\system32\dllcache\mqrtdep.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 177152 c:\windows\system32\dllcache\mqrt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 663040 c:\windows\system32\dllcache\mqqm.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 225280 c:\windows\system32\dllcache\mqoa.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 138240 c:\windows\system32\dllcache\mqad.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 124416 c:\windows\system32\dllcache\mofd.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 106496 c:\windows\system32\dllcache\Mmcfxc.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 397312 c:\windows\system32\dllcache\mmcex.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 184320 c:\windows\system32\dllcache\mmc30.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 586240 c:\windows\system32\dllcache\mlang.dll
+ 2008-04-14 02:21 . 2008-04-14 02:21 241152 c:\windows\system32\dllcache\migwiza.exe
+ 2004-08-04 07:45 . 2008-04-14 02:21 104448 c:\windows\system32\dllcache\migload.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 261120 c:\windows\system32\dllcache\migisma.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 274432 c:\windows\system32\dllcache\migism.dll
+ 2010-05-24 23:01 . 2001-09-06 02:18 320384 c:\windows\system32\dllcache\mgaum.sys
+ 2010-05-24 23:01 . 2001-09-06 02:49 235648 c:\windows\system32\dllcache\mgaud.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 927504 c:\windows\system32\dllcache\mfc40u.dll
+ 2001-09-05 23:50 . 2001-09-06 02:50 147968 c:\windows\system32\dllcache\mdwmdmsp.dll
+ 2010-05-24 23:01 . 2001-09-06 02:15 165290 c:\windows\system32\dllcache\mdgndis5.sys
+ 2010-05-24 23:01 . 2001-08-18 00:28 797500 c:\windows\system32\dllcache\ltsmt.sys
+ 2010-05-24 23:01 . 2001-08-18 00:28 802683 c:\windows\system32\dllcache\ltsm.sys
+ 2010-05-24 23:01 . 2008-04-13 22:00 422016 c:\windows\system32\dllcache\ltmdmntt.sys
+ 2010-05-24 23:01 . 2001-09-06 02:12 577226 c:\windows\system32\dllcache\ltmdmntl.sys
+ 2010-05-24 23:01 . 2008-04-13 22:00 607196 c:\windows\system32\dllcache\ltmdmnt.sys
+ 2010-05-24 23:01 . 2001-09-06 02:12 728298 c:\windows\system32\dllcache\ltck000c.sys
+ 2004-08-04 07:45 . 2009-06-25 08:27 732672 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-04 07:45 . 2008-04-13 22:21 220672 c:\windows\system32\dllcache\logon.scr
+ 2004-08-04 07:45 . 2009-05-07 15:33 347136 c:\windows\system32\dllcache\localspl.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 100352 c:\windows\system32\dllcache\loadperf.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 399872 c:\windows\system32\dllcache\lmrt.dll
+ 2004-08-04 07:45 . 2008-04-13 22:20 424448 c:\windows\system32\dllcache\licdll.dll
+ 2007-05-21 21:09 . 2008-04-14 02:21 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\dllcache\ks.sys
+ 2004-08-03 23:07 . 2008-04-13 18:45 172416 c:\windows\system32\dllcache\kmixer.sys
+ 2004-08-04 07:45 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2010-05-24 23:01 . 2008-04-13 22:20 254464 c:\windows\system32\dllcache\kdsusd.dll
+ 2004-08-04 07:45 . 2009-12-09 05:54 726528 c:\windows\system32\dllcache\jscript.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 155136 c:\windows\system32\dllcache\itircl.dll
+ 2010-05-24 23:00 . 2008-04-13 22:21 152576 c:\windows\system32\dllcache\irftp.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 184320 c:\windows\system32\dllcache\ipsecsvc.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 177152 c:\windows\system32\dllcache\iprtrmgr.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 348160 c:\windows\system32\dllcache\ippromon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 331264 c:\windows\system32\dllcache\ipnathlp.dll
+ 2004-08-04 06:04 . 2008-04-13 18:57 152832 c:\windows\system32\dllcache\ipnat.sys
+ 2001-10-28 18:06 . 2008-04-14 02:20 165888 c:\windows\system32\dllcache\ipmontr.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 147456 c:\windows\system32\dllcache\initpki.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 257024 c:\windows\system32\dllcache\infocomm.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 837120 c:\windows\system32\dllcache\inetmgr.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 117248 c:\windows\system32\dllcache\inetcplc.dll
+ 2007-05-21 21:10 . 2010-01-29 15:00 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 278528 c:\windows\system32\dllcache\inetcfg.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 125440 c:\windows\system32\dllcache\imsinsnt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 110080 c:\windows\system32\dllcache\imm32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 150528 c:\windows\system32\dllcache\imapi.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 144384 c:\windows\system32\dllcache\imagehlp.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 133632 c:\windows\system32\dllcache\iisrtl.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 145408 c:\windows\system32\dllcache\iische51.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 507392 c:\windows\system32\dllcache\iis.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 137728 c:\windows\system32\dllcache\ifmon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 114688 c:\windows\system32\dllcache\iexpress.exe
+ 2001-10-28 18:06 . 2001-10-28 18:06 237568 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 121344 c:\windows\system32\dllcache\idq.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 176128 c:\windows\system32\dllcache\icwhelp.dll
+ 2007-05-21 21:10 . 2008-04-14 02:21 217600 c:\windows\system32\dllcache\icwconn1.exe
+ 2010-05-24 23:00 . 2001-09-06 02:50 372824 c:\windows\system32\dllcache\iconf32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 254976 c:\windows\system32\dllcache\icm32.dll
+ 2010-05-24 23:00 . 2001-08-18 01:06 100992 c:\windows\system32\dllcache\icam5usb.sys
+ 2010-05-24 23:00 . 2001-08-18 01:06 154496 c:\windows\system32\dllcache\icam4usb.sys
+ 2010-05-24 23:00 . 2001-08-18 01:05 141056 c:\windows\system32\dllcache\icam3.sys
+ 2010-05-24 23:00 . 2001-08-17 23:12 109085 c:\windows\system32\dllcache\ibmtrp.sys
+ 2010-05-24 23:00 . 2001-08-17 23:12 100936 c:\windows\system32\dllcache\ibmtok.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 119808 c:\windows\system32\dllcache\iasrad.dll
+ 2010-05-24 23:00 . 2008-04-13 12:34 161020 c:\windows\system32\dllcache\i81xnt5.sys
+ 2010-05-24 23:00 . 2008-04-13 22:20 702845 c:\windows\system32\dllcache\i81xdnt5.dll
+ 2010-05-24 23:00 . 2001-09-06 02:49 353184 c:\windows\system32\dllcache\i740dnt5.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 268288 c:\windows\system32\dllcache\httpext.dll
+ 2004-08-04 06:00 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2008-08-30 19:21 . 2004-08-04 01:41 685056 c:\windows\system32\dllcache\hsfcxts2.sys
+ 2008-08-30 19:21 . 2004-08-04 01:41 220032 c:\windows\system32\dllcache\hsfbs2s2.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 542879 c:\windows\system32\dllcache\hsf_msft.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 391199 c:\windows\system32\dllcache\hsf_k56k.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 115807 c:\windows\system32\dllcache\hsf_fsks.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 199711 c:\windows\system32\dllcache\hsf_faxx.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 289887 c:\windows\system32\dllcache\hsf_fall.sys
+ 2010-05-24 22:59 . 2001-08-18 00:28 150239 c:\windows\system32\dllcache\hsf_amos.sys
+ 2010-05-24 22:59 . 2001-09-06 02:50 324608 c:\windows\system32\dllcache\hpojwia.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 165888 c:\windows\system32\dllcache\hpgt53.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 126976 c:\windows\system32\dllcache\hpgt34tk.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 101376 c:\windows\system32\dllcache\hpgt34.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 123392 c:\windows\system32\dllcache\hpgt21tk.dll
+ 2010-05-24 22:59 . 2001-09-06 02:50 119296 c:\windows\system32\dllcache\hpdigwia.dll
+ 2007-05-21 21:10 . 2008-04-14 02:21 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2010-05-24 22:59 . 2001-09-06 02:23 907904 c:\windows\system32\dllcache\hcf_msft.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 614912 c:\windows\system32\dllcache\h323msp.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 115200 c:\windows\system32\dllcache\guitrna.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 134144 c:\windows\system32\dllcache\guitrn.dll
+ 2004-08-04 07:45 . 2008-04-14 02:21 123392 c:\windows\system32\dllcache\gprslt.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 123904 c:\windows\system32\dllcache\glu32.dll
+ 2004-08-04 07:45 . 2008-10-23 12:37 286720 c:\windows\system32\dllcache\gdi32.dll
+ 2010-05-24 22:59 . 2001-09-06 02:21 322560 c:\windows\system32\dllcache\g400m.sys
+ 2010-05-24 22:59 . 2001-09-06 02:21 320512 c:\windows\system32\dllcache\g200m.sys
+ 2010-05-24 22:59 . 2001-09-06 02:49 470144 c:\windows\system32\dllcache\g200d.dll
+ 2010-05-24 22:59 . 2001-08-17 23:15 454912 c:\windows\system32\dllcache\fxusbase.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 400896 c:\windows\system32\dllcache\fxsxp32.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 195072 c:\windows\system32\dllcache\fxswzrd.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 155136 c:\windows\system32\dllcache\fxsui.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 397312 c:\windows\system32\dllcache\fxstiff.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 246272 c:\windows\system32\dllcache\fxst30.dll
+ 2008-04-14 02:21 . 2008-04-14 02:21 268288 c:\windows\system32\dllcache\fxssvc.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 562688 c:\windows\system32\dllcache\fxsst.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 132608 c:\windows\system32\dllcache\fxsocm.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 234496 c:\windows\system32\dllcache\fxscover.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 285184 c:\windows\system32\dllcache\fxscomex.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 142848 c:\windows\system32\dllcache\fxsclnt.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 451584 c:\windows\system32\dllcache\fxsapi.dll
+ 2010-05-24 22:59 . 2001-08-17 23:15 455296 c:\windows\system32\dllcache\fusbbase.sys
+ 2010-05-24 22:59 . 2001-08-17 23:15 455680 c:\windows\system32\dllcache\fus2base.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 127488 c:\windows\system32\dllcache\ftpsv251.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 125824 c:\windows\system32\dllcache\ftdisk.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 193024 c:\windows\system32\dllcache\fsquirt.exe
+ 2007-05-21 21:09 . 2008-04-14 02:20 185344 c:\windows\system32\dllcache\framedyn.dll
+ 2010-05-24 22:59 . 2001-08-17 23:15 442240 c:\windows\system32\dllcache\fpnpbase.sys
+ 2007-05-21 21:12 . 2008-04-14 02:20 598071 c:\windows\system32\dllcache\fpmmc.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 188494 c:\windows\system32\dllcache\fpcount.exe
+ 2010-05-24 22:59 . 2001-08-17 23:14 441728 c:\windows\system32\dllcache\fpcmbase.sys
+ 2010-05-24 22:59 . 2001-08-17 23:14 444416 c:\windows\system32\dllcache\fpcibase.sys
+ 2007-05-21 21:12 . 2008-04-14 02:20 109840 c:\windows\system32\dllcache\fp98swin.exe
+ 2007-05-21 21:12 . 2008-04-14 02:20 876653 c:\windows\system32\dllcache\fp4awel.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 618605 c:\windows\system32\dllcache\fp4autl.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 102509 c:\windows\system32\dllcache\fp4atxt.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 147513 c:\windows\system32\dllcache\fp4apws.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 184435 c:\windows\system32\dllcache\fp4amsft.dll
+ 2007-05-21 21:10 . 2008-04-13 18:32 129792 c:\windows\system32\dllcache\fltmgr.sys
+ 2007-05-21 21:09 . 2009-02-09 10:53 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2004-08-04 06:14 . 2008-04-13 19:14 143744 c:\windows\system32\dllcache\fastfat.sys
+ 2001-10-28 18:06 . 2008-04-14 02:20 125952 c:\windows\system32\dllcache\exts.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 380445 c:\windows\system32\dllcache\expsrv.dll
+ 2007-06-15 08:04 . 2008-04-14 02:20 106496 c:\windows\system32\dllcache\evntagnt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 194560 c:\windows\system32\dllcache\eudcedit.exe
+ 2010-05-24 22:58 . 2008-04-13 12:36 137088 c:\windows\system32\dllcache\essm2e.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 247808 c:\windows\system32\dllcache\esscli.dll
+ 2010-05-24 22:58 . 2001-09-06 02:17 347966 c:\windows\system32\dllcache\es56tpi.sys
+ 2010-05-24 22:58 . 2001-09-06 02:17 594654 c:\windows\system32\dllcache\es56hpi.sys
+ 2010-05-24 22:58 . 2001-09-06 02:17 596095 c:\windows\system32\dllcache\es56cvmp.sys
+ 2010-05-24 22:58 . 2001-08-17 23:19 174464 c:\windows\system32\dllcache\es198x.sys
+ 2004-08-04 07:45 . 2008-07-07 20:28 253952 c:\windows\system32\dllcache\es.dll
+ 2007-05-21 17:18 . 2001-10-28 18:06 103424 c:\windows\system32\dllcache\eqnclass.dll
+ 2010-05-24 22:58 . 2001-09-06 02:17 629952 c:\windows\system32\dllcache\eqn.sys
+ 2010-05-24 22:58 . 2001-08-18 00:50 114944 c:\windows\system32\dllcache\epstw2k.sys
+ 2010-05-24 22:58 . 2001-08-18 00:50 144896 c:\windows\system32\dllcache\epcfw2k.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 186880 c:\windows\system32\dllcache\encdec.dll
+ 2010-05-24 22:58 . 2001-08-17 23:19 283904 c:\windows\system32\dllcache\emu10k1m.sys
+ 2010-05-24 22:58 . 2001-09-06 02:11 173056 c:\windows\system32\dllcache\el99xn51.sys
+ 2010-05-24 22:58 . 2001-09-06 02:11 455711 c:\windows\system32\dllcache\el985n51.sys
+ 2010-05-24 22:58 . 2001-09-06 02:11 153631 c:\windows\system32\dllcache\el90xnd5.sys
+ 2010-05-24 22:58 . 2001-09-06 02:11 241238 c:\windows\system32\dllcache\el656se5.sys
+ 2010-05-24 22:58 . 2001-09-06 02:11 634166 c:\windows\system32\dllcache\el656ct5.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 180224 c:\windows\system32\dllcache\eapphost.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 126976 c:\windows\system32\dllcache\eappcfg.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 184832 c:\windows\system32\dllcache\eapp3hst.dll
+ 2007-05-21 22:35 . 2006-01-12 08:27 163328 c:\windows\system32\dllcache\e100b325.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 619008 c:\windows\system32\dllcache\dx7vb.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 180224 c:\windows\system32\dllcache\dwwin.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 304128 c:\windows\system32\dllcache\duser.dll
+ 2004-08-04 05:31 . 2008-04-13 17:37 138752 c:\windows\system32\dllcache\dssenh.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 367616 c:\windows\system32\dllcache\dsound.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 158208 c:\windows\system32\dllcache\dskquoui.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 181248 c:\windows\system32\dllcache\dsdmo.dll
+ 2010-05-24 22:58 . 2001-08-17 23:20 334208 c:\windows\system32\dllcache\ds1wdm.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 116736 c:\windows\system32\dllcache\dpvvox.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 375296 c:\windows\system32\dllcache\dpnet.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 229888 c:\windows\system32\dllcache\dplayx.dll
+ 2004-08-04 07:44 . 2008-04-14 02:19 102912 c:\windows\system32\dllcache\dpcdll.dll
+ 2010-05-24 22:58 . 2008-04-13 14:39 206976 c:\windows\system32\dllcache\dot4.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 651264 c:\windows\system32\dllcache\dot3ui.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 133120 c:\windows\system32\dllcache\dot3svc.dll
+ 2004-08-04 07:45 . 2008-06-20 17:48 147968 c:\windows\system32\dllcache\dnsapi.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 104448 c:\windows\system32\dllcache\dmusic.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 103424 c:\windows\system32\dllcache\dmsynth.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 105984 c:\windows\system32\dllcache\dmstyle.dll
+ 2004-08-04 07:39 . 2008-04-14 01:59 153984 c:\windows\system32\dllcache\dmio.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 181248 c:\windows\system32\dllcache\dmime.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 127488 c:\windows\system32\dllcache\dmdskres.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 200704 c:\windows\system32\dllcache\dmdskmgr.dll
+ 2004-08-04 07:39 . 2008-04-14 01:59 800000 c:\windows\system32\dllcache\dmboot.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 225280 c:\windows\system32\dllcache\dmadmin.exe
+ 2010-05-24 22:58 . 2001-08-17 23:14 952007 c:\windows\system32\dllcache\diwan.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 236060 c:\windows\system32\dllcache\ditrace.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 165376 c:\windows\system32\dllcache\diskpart.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 189952 c:\windows\system32\dllcache\dinput8.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 166912 c:\windows\system32\dllcache\dinput.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 622621 c:\windows\system32\dllcache\digiview.exe
+ 2010-05-24 22:58 . 2001-09-06 02:50 110621 c:\windows\system32\dllcache\digirlpt.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 102484 c:\windows\system32\dllcache\digiinf.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 159828 c:\windows\system32\dllcache\digihlc.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 229462 c:\windows\system32\dllcache\digifwrk.dll
+ 2010-05-24 22:58 . 2001-09-06 02:04 103428 c:\windows\system32\dllcache\digidxb.sys
+ 2010-05-24 22:58 . 2001-09-06 02:50 131156 c:\windows\system32\dllcache\digidbp.dll
+ 2010-05-24 22:57 . 2001-08-17 23:13 164923 c:\windows\system32\dllcache\diapi2.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 545280 c:\windows\system32\dllcache\dialer.exe
+ 2001-10-28 18:06 . 2008-04-14 02:20 400896 c:\windows\system32\dllcache\dhcpmon.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 126976 c:\windows\system32\dllcache\dhcpcsvc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 113152 c:\windows\system32\dllcache\dgnet.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 421405 c:\windows\system32\dllcache\dgconfig.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 105472 c:\windows\system32\dllcache\dfrgntfs.exe
+ 2010-05-24 22:58 . 2001-09-06 02:50 256512 c:\windows\system32\dllcache\devcon32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 279552 c:\windows\system32\dllcache\ddraw.dll
+ 2010-05-24 22:58 . 2001-09-06 02:50 111104 c:\windows\system32\dllcache\dc260usd.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 110592 c:\windows\system32\dllcache\dbnetlib.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 640000 c:\windows\system32\dllcache\dbghelp.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 165376 c:\windows\system32\dllcache\datime.dll
+ 2010-05-24 22:58 . 2001-08-18 00:52 179584 c:\windows\system32\dllcache\dac2w2k.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 824320 c:\windows\system32\dllcache\d3dim700.dll
+ 2010-05-24 22:58 . 2001-09-06 02:25 117760 c:\windows\system32\dllcache\d100ib5.sys
+ 2010-05-24 22:57 . 2001-08-17 23:19 111872 c:\windows\system32\dllcache\cwcspud.sys
+ 2010-05-24 22:57 . 2008-04-13 22:20 251904 c:\windows\system32\dllcache\ctmasetp.dll
+ 2010-05-24 22:57 . 2001-09-06 02:50 175104 c:\windows\system32\dllcache\csamsp.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 605184 c:\windows\system32\dllcache\crypt32.dll
+ 2010-05-24 22:57 . 2001-09-06 02:50 216576 c:\windows\system32\dllcache\cpscan.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 358400 c:\windows\system32\dllcache\confmsp.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 539648 c:\windows\system32\dllcache\comuid.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 167424 c:\windows\system32\dllcache\comsnap.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 274944 c:\windows\system32\dllcache\comsetup.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 195072 c:\windows\system32\dllcache\comadmin.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 498688 c:\windows\system32\dllcache\clbcatq.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 110592 c:\windows\system32\dllcache\clbcatex.dll
+ 2010-05-24 22:57 . 2001-08-18 00:57 248064 c:\windows\system32\dllcache\cl546xm.sys
+ 2010-05-24 22:57 . 2001-09-06 02:49 170880 c:\windows\system32\dllcache\cl546x.dll
+ 2010-05-24 22:57 . 2001-09-06 02:49 111232 c:\windows\system32\dllcache\cl5465.dll
+ 2001-09-05 23:17 . 2001-10-28 18:06 262528 c:\windows\system32\dllcache\cinemst2.sys
+ 2010-05-24 22:57 . 2001-09-06 02:17 272640 c:\windows\system32\dllcache\cinemclc.sys
+ 2010-05-24 22:57 . 2001-09-06 02:17 980034 c:\windows\system32\dllcache\cicap.sys
+ 2001-10-28 18:06 . 2008-04-14 02:20 148480 c:\windows\system32\dllcache\cic.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 164864 c:\windows\system32\dllcache\ciadmin.dll
+ 2007-05-21 21:12 . 2008-04-14 02:20 188480 c:\windows\system32\dllcache\cfgwiz.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 199680 c:\windows\system32\dllcache\certcli.dll
+ 2010-05-24 22:57 . 2001-09-06 02:15 715210 c:\windows\system32\dllcache\cbmdmkxx.sys
+ 2007-05-21 21:09 . 2008-04-14 02:20 625664 c:\windows\system32\dllcache\catsrvut.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 226304 c:\windows\system32\dllcache\catsrv.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 359936 c:\windows\system32\dllcache\cards.dll
+ 2010-05-24 22:57 . 2008-04-13 22:20 121856 c:\windows\system32\dllcache\camext30.dll
+ 2010-05-24 22:57 . 2001-09-06 02:50 236032 c:\windows\system32\dllcache\camext20.dll
+ 2010-05-24 22:57 . 2001-08-18 01:04 171264 c:\windows\system32\dllcache\camdrv30.sys
+ 2010-05-24 22:57 . 2001-08-18 01:04 223232 c:\windows\system32\dllcache\camdrv21.sys
+ 2010-05-24 22:57 . 2001-08-18 01:05 314752 c:\windows\system32\dllcache\camdro21.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 385024 c:\windows\system32\dllcache\callcont.dll
+ 2007-05-21 21:09 . 2001-10-28 18:06 115200 c:\windows\system32\dllcache\calc.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 218112 c:\windows\system32\dllcache\c_g18030.dll
+ 2008-04-13 18:51 . 2008-04-13 18:51 101120 c:\windows\system32\dllcache\bthpan.sys
+ 2001-10-28 18:06 . 2008-04-14 02:20 153600 c:\windows\system32\dllcache\bootcfg.exe
+ 2010-05-24 22:56 . 2001-09-06 02:50 102912 c:\windows\system32\dllcache\binlsvc.dll
+ 2010-05-24 22:56 . 2001-08-18 00:28 871388 c:\windows\system32\dllcache\bcmdm.sys
+ 2010-05-24 22:56 . 2001-09-06 02:49 342336 c:\windows\system32\dllcache\banshee.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 233472 c:\windows\system32\dllcache\azroles.dll
+ 2007-05-21 21:09 . 2001-10-28 18:06 231424 c:\windows\system32\dllcache\avtapi.dll
+ 2010-05-24 22:56 . 2001-09-06 02:50 144384 c:\windows\system32\dllcache\avmenum.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 608768 c:\windows\system32\dllcache\autofmt.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 630784 c:\windows\system32\dllcache\autoconv.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 616960 c:\windows\system32\dllcache\autochk.exe
+ 2004-08-04 07:44 . 2008-04-14 02:18 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 516768 c:\windows\system32\dllcache\ativvaxx.dll
+ 2010-05-24 22:56 . 2001-09-06 02:49 104832 c:\windows\system32\dllcache\atiraged.dll
+ 2008-08-30 19:20 . 2004-08-04 01:29 104960 c:\windows\system32\dllcache\atinrvxx.sys
+ 2010-05-24 22:56 . 2001-09-06 02:08 281600 c:\windows\system32\dllcache\atimtai.sys
+ 2010-05-24 22:56 . 2001-09-06 02:08 289792 c:\windows\system32\dllcache\atimpab.sys
+ 2010-05-24 22:56 . 2001-09-06 02:49 268160 c:\windows\system32\dllcache\atidvai.dll
+ 2010-05-24 22:56 . 2001-09-06 02:49 137216 c:\windows\system32\dllcache\atidrae.dll
+ 2010-05-24 22:56 . 2001-09-06 02:49 382592 c:\windows\system32\dllcache\atidrab.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 870784 c:\windows\system32\dllcache\ati3d1ag.dll
+ 2008-08-30 19:20 . 2004-08-04 03:36 701440 c:\windows\system32\dllcache\ati2mtag.sys
+ 2008-08-30 19:20 . 2004-08-04 03:36 327040 c:\windows\system32\dllcache\ati2mtaa.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 201728 c:\windows\system32\dllcache\ati2dvag.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 377984 c:\windows\system32\dllcache\ati2dvaa.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 229376 c:\windows\system32\dllcache\ati2cqag.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 374784 c:\windows\system32\dllcache\asp51.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 332800 c:\windows\system32\dllcache\aqueue.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 172032 c:\windows\system32\dllcache\appmgmts.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 125952 c:\windows\system32\dllcache\apphelp.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 109568 c:\windows\system32\dllcache\appconf.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 256512 c:\windows\system32\dllcache\agentsvr.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 214016 c:\windows\system32\dllcache\agentctl.dll
+ 2004-08-04 06:14 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2004-08-03 22:39 . 2008-04-13 16:39 142592 c:\windows\system32\dllcache\aec.sys
+ 2004-08-04 07:45 . 2009-02-09 10:53 683520 c:\windows\system32\dllcache\advapi32.dll
+ 2001-10-28 18:06 . 2008-04-14 02:20 123392 c:\windows\system32\dllcache\adsnw.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 263680 c:\windows\system32\dllcache\adsnt.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 143360 c:\windows\system32\dllcache\adsldpc.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 175616 c:\windows\system32\dllcache\adsldp.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 290816 c:\windows\system32\dllcache\adsiis51.dll
+ 2010-05-24 22:56 . 2001-08-18 01:07 101888 c:\windows\system32\dllcache\adpu160m.sys
+ 2010-05-24 22:56 . 2001-08-17 23:19 747392 c:\windows\system32\dllcache\adm8830.sys
+ 2010-05-24 22:56 . 2001-08-17 23:19 553984 c:\windows\system32\dllcache\adm8820.sys
+ 2010-05-24 22:56 . 2001-08-17 23:19 584448 c:\windows\system32\dllcache\adm8810.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 116224 c:\windows\system32\dllcache\acxtrnal.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 193536 c:\windows\system32\dllcache\activeds.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 245248 c:\windows\system32\dllcache\acspecfc.dll
+ 2004-08-04 07:35 . 2008-04-14 01:50 188416 c:\windows\system32\dllcache\acpi.sys
+ 2004-08-04 07:45 . 2008-04-14 02:20 116736 c:\windows\system32\dllcache\aclui.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 141312 c:\windows\system32\dllcache\aclua.dll
+ 2004-08-04 07:45 . 2009-11-21 15:58 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2010-05-24 22:55 . 2001-08-17 23:20 297728 c:\windows\system32\dllcache\ac97sis.sys
+ 2010-05-24 22:55 . 2008-04-13 12:36 231552 c:\windows\system32\dllcache\ac97ali.sys
+ 2008-04-14 02:20 . 2008-04-14 02:20 136192 c:\windows\system32\dllcache\aaclient.dll
+ 2010-05-24 22:55 . 2001-09-06 02:50 462848 c:\windows\system32\dllcache\a3dapi.dll
+ 2004-08-04 07:45 . 2010-02-12 04:34 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2010-05-24 22:55 . 2001-08-17 23:48 148352 c:\windows\system32\dllcache\3dfxvsm.sys
+ 2010-05-24 22:55 . 2001-09-06 02:49 689216 c:\windows\system32\dllcache\3dfxvs.dll
+ 2010-05-24 22:55 . 2001-08-18 00:28 762780 c:\windows\system32\dllcache\3cwmcru.sys
+ 2001-10-28 18:06 . 2001-10-28 18:06 164864 c:\windows\system32\ciadmin.dll
+ 2001-10-28 18:06 . 2001-10-28 18:06 359936 c:\windows\system32\cards.dll
+ 2007-05-21 21:09 . 2001-10-28 18:06 115200 c:\windows\system32\calc.exe
+ 2007-05-21 21:09 . 2001-10-28 18:06 231424 c:\windows\system32\avtapi.dll
+ 2010-05-25 22:10 . 2010-05-25 22:10 119296 c:\windows\Installer\8a352.msi
+ 2004-08-04 07:45 . 2008-04-13 18:35 2945536 c:\windows\system32\xpsp2res.dll
+ 2010-05-26 00:17 . 2006-05-26 14:59 1177032 c:\windows\system32\ReinstallBackups\0022\DriverFiles\sthda.sys
+ 2007-05-21 21:10 . 2008-04-14 02:20 4274176 c:\windows\system32\dllcache\wmm2res.dll
+ 2004-08-04 07:38 . 2009-08-14 15:15 1850752 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-04 07:45 . 2008-04-13 18:35 2945536 c:\windows\system32\dllcache\sprt0416.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 2134528 c:\windows\system32\dllcache\smtpsnap.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1571840 c:\windows\system32\dllcache\sfcfiles.dll
+ 2004-08-04 07:45 . 2009-07-17 16:17 1439744 c:\windows\system32\dllcache\query.dll
+ 2004-08-04 07:45 . 2009-11-27 17:13 1296384 c:\windows\system32\dllcache\quartz.dll
+ 2007-01-24 01:39 . 2009-07-14 18:54 5842816 c:\windows\system32\dllcache\nv4_disp.dll
+ 2004-08-04 07:40 . 2010-02-16 19:07 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 02:20 . 2008-04-14 02:20 1737856 c:\windows\system32\dllcache\mtxparhd.dll
+ 2008-08-30 19:21 . 2004-08-04 01:41 1309184 c:\windows\system32\dllcache\mtlstrm.sys
+ 2004-08-04 07:45 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1433600 c:\windows\system32\dllcache\msvidctl.dll
+ 2007-05-21 21:10 . 2010-01-29 15:00 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 3166208 c:\windows\system32\dllcache\msgr3en.dll
+ 2007-05-21 21:10 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 1028096 c:\windows\system32\dllcache\mfc42.dll
+ 2007-05-21 21:09 . 2009-06-10 12:21 2066432 c:\windows\system32\dllcache\lhmstscx.dll
+ 2004-08-04 07:45 . 2009-03-21 14:08 1028608 c:\windows\system32\dllcache\kernel32.dll
+ 2008-08-30 19:21 . 2004-08-04 01:41 1041536 c:\windows\system32\dllcache\hsfdpsp2.sys
+ 2010-05-24 22:59 . 2001-09-06 02:49 1733120 c:\windows\system32\dllcache\g400d.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1092096 c:\windows\system32\dllcache\esent.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 2113536 c:\windows\system32\dllcache\dxdiagn.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1298432 c:\windows\system32\dllcache\dxdiag.exe
+ 2004-08-04 07:45 . 2008-04-14 02:20 1227264 c:\windows\system32\dllcache\dx8vb.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1293824 c:\windows\system32\dllcache\dsound3d.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1055744 c:\windows\system32\dllcache\danim.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1689088 c:\windows\system32\dllcache\d3d9.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1179648 c:\windows\system32\dllcache\d3d8.dll
+ 2007-05-21 21:10 . 2008-04-14 02:20 1040384 c:\windows\system32\dllcache\conf.exe
+ 2007-05-21 21:09 . 2008-04-14 02:20 1267200 c:\windows\system32\dllcache\comsvcs.dll
+ 2007-05-21 21:09 . 2008-04-14 02:20 1359360 c:\windows\system32\dllcache\cimwin32.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 2091520 c:\windows\system32\dllcache\cdosys.dll
+ 2008-04-14 02:20 . 2008-04-14 02:20 1888992 c:\windows\system32\dllcache\ati3duag.dll
+ 2004-08-04 07:45 . 2008-04-14 02:20 1852928 c:\windows\system32\dllcache\acgenral.dll.
-- Snapshot resetado para data atual --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 40448]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\arquivos de programas\Intel\IDU\iptray.exe" [2006-12-28 2242328]
"nwiz"="c:\arquivos de programas\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"OutpostMonitor"="c:\arquiv~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
"avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2009-11-11 417792]
"AppleSyncNotifier"="c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]
"NSLauncher"="c:\arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576]
"SigmatelSysTrayApp"="sttray.exe" [2006-05-26 282624]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk]
backup=c:\windows\pss\Orbit.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^hamachi.lnk]
backup=c:\windows\pss\hamachi.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]
backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-03-29 17:54 2343120 ----a-w- c:\arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 17:51 177440 ----a-w- c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:20 40448 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-07-24 15:02 490952 ----a-w- c:\arquivos de programas\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 13:44 31072 ----a-w- c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2006-07-07 23:15 600896 ----a-w- c:\arquivos de programas\Microsoft IntelliPoint\ipoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-12 08:30 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 21:07 141608 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\arquivos de programas\Microsoft IntelliType Pro\itype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 18:44 3883840 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-14 16:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Openwares LiveUpdate]
2003-12-13 17:17 61440 ----a-w- c:\program files\LIVEUPDATE\LiveUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 01:08 417792 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Dados de aplicativos\\NexonUS\\NGM\\NGM.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"=
"c:\\Arquivos de programas\\MegaJogos\\jre\\jre\\bin\\javaw.exe"=
"c:\\Arquivos de programas\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56458:TCP"= 56458:TCP:Pando Media Booster
"56458:UDP"= 56458:UDP:Pando Media Booster
"56911:TCP"= 56911:TCP:Pando Media Booster
"56911:UDP"= 56911:UDP:Pando Media Booster
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [19/01/2010 11:23 130936]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/11/2008 11:26 717296]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [03/11/2009 20:52 704384]
R2 acssrv;Agnitum Client Security Service;c:\arquiv~1\Agnitum\OUTPOS~1\acs.exe [03/11/2009 20:49 1195008]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [12/01/2010 13:31 108289]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [03/11/2009 20:49 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [03/11/2009 20:52 257432]
R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [10/06/2002 00:09 31232]
S2 gupdate1ca7415f53b919c;Google Update Service (gupdate1ca7415f53b919c);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [03/12/2009 09:41 133104]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys --> c:\windows\system32\DRIVERS\3xHybrid.sys [?]
S3 exdisk;Express Disk Service;c:\windows\system32\drivers\exdisk.sys [21/05/2007 19:50 14074]
S3 GarenaPEngine;GarenaPEngine; [x]
S3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys [22/10/2009 10:45 31908]
S3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\drivers\lgmcbus.sys [27/11/2008 21:05 83584]
S3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\drivers\lgmcmdfl.sys [27/11/2008 21:05 14976]
S3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\drivers\lgmcmdm.sys [27/11/2008 21:05 110464]
S3 lgmcobex;LGE Mobile USB WMC OBEX Interface;c:\windows\system32\drivers\lgmcobex.sys [27/11/2008 21:05 100480]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 PhTVTune;ENCORE TV Tuner Pro PCI Adapter;c:\windows\system32\drivers\PhTVTune.sys [18/08/2007 15:24 28480]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11/01/2010 08:28 27064]
S3 sdAuxService;PC Tools Auxiliary Service;c:\arquivos de programas\Spyware Doctor\pctsAuxs.exe [19/01/2010 11:23 348752]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25/01/2008 06:12 25088]
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job
2010-05-26 c:\windows\Tasks\AWC AutoSweep.job
2010-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2010-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2010-05-26 c:\windows\Tasks\OGALogon.job
.
.
------- Scan Suplementar -------
.
mWindow Title =
uInternet Settings,ProxyOverride = local
IE: &Clean Traces
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://thefreevpn.com/home.php
FF - prefs.js: keyword.URL - hxxp://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p=
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-26 10:51
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys splu.sys >>UNKNOWN [0x8A62D938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80ecf28
\Driver\ACPI -> ACPI.sys @ 0xb7e67cb8
\Driver\atapi -> atapi.sys @ 0xb7dfcb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Intel® PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xb7ccfbb0
PacketIndicateHandler -> NDIS.sys @ 0xb7cdca21
SendHandler -> NDIS.sys @ 0xb7cba87b
user & kernel MBR OK
copy of MBR has been found in sector 1 !
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar0]
"BarID"=dword:0000e81b
"Bars"=dword:00000003
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e800
"Bar#2"=dword:00000000
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar1]
"BarID"=dword:0000e81c
"Bars"=dword:00000004
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e807
"Bar#2"=dword:0000e806
"Bar#3"=dword:00000000
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar2]
"BarID"=dword:0000e800
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000001f5
"MRUDockBottomPos"=dword:00000036
"MRUFloatStyle"=dword:00002000
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar3]
"BarID"=dword:0000e806
"XPos"=dword:fffffffe
"YPos"=dword:00000141
"Docking"=dword:00000001
"MRUDockID"=dword:0000e81c
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:00000141
"MRUDockRightPos"=dword:000000c6
"MRUDockBottomPos"=dword:00000287
"MRUFloatStyle"=dword:00002004
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar4]
"BarID"=dword:0000e807
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000000c6
"MRUDockBottomPos"=dword:00000143
"MRUFloatStyle"=dword:00002004
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Summary]
"Bars"=dword:00000005
"ScreenCX"=dword:00000400
"ScreenCY"=dword:00000300
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Settings]
"FirstRun"=dword:00000000
"xScreen"=dword:00000400
"yScreen"=dword:000002c4
"floats"="1.000000 0.500000 0.500000 120 120"
"skin"="ISR_10Moons.dll"
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\WNDSTATUS]
"FLAG"=dword:00000000
"SHOWCMD"=dword:00000001
"LEFT"=dword:fffffffc
"TOP"=dword:fffffffc
"RIGHT"=dword:00000404
"BOTTOM"=dword:000002e2
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\WININET.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\arquivos de programas\Scpad\scpLIB.dll
c:\arquivos de programas\Scpad\scpMIB.dll
c:\arquivos de programas\Scpad\sshib.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\arquivos de programas\Avira\AntiVir Desktop\avguard.exe
c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\arquivos de programas\Intel\IDU\awServ.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\snmp.exe
c:\arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\sttray.exe
c:\arquivos de programas\iPod\bin\iPodService.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-05-26 10:56:22 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-05-26 13:56
ComboFix2.txt 2010-05-24 14:59
Pré-execução: 51 pasta(s) 46.503.624.704 bytes disponíveis
Pós execução: 52 pasta(s) 46.453.555.200 bytes disponíveis
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:05, on 26/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Arquivos de programas\Intel\IDU\awServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Intel\IDU\iptray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\iTunes\iTunesHelper.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\sttray.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Hijack\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ipTray.exe] "C:\Arquivos de programas\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OutpostMonitor] C:\ARQUIV~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1045_Safari/532.5" -"http://www.miniclip.com/games/celebrity-table-tennis/br/content_iframe.php"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\ARQUIV~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Admin Works Agent X8 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Arquivos de programas\Intel\IDU\awServ.exe
O23 - Service: Google Update Service (gupdate1ca7415f53b919c) (gupdate1ca7415f53b919c) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe
--
End of file - 10804 bytes
Bom Dia! .matiello
<!> Seu sistema continua comprometido/fragilizado,com esses arquivos não-validados pela Microsoft. Vamos tentar uma correção e,caso não funcione,pense seriamente na formatação do PC e aquisição de mídia original ao reinstalar o Windows-XP.
<!> Ps: Siga,na ordem,estas orientações!
000000000000000000000000
oooooooooooooooooooooooo
<@> Baixe: < TS.zip >
<@> Salve-o em C:\ --> c:\ts.zip <-- Caminho!
<@> Ps: Deixe-o reservado,para posterior utilização.
000000000000000000000000
oooooooooooooooooooooooo
<@> Baixe: < Dial-a-fix >
<@> Tire-o do zip!
<@> Clique em Policies...
<@> Ps: Encontrando políticas restritivas,pode removê-las deixando o campo vazio.
<@> À seguir,clique em "Tools". ( Ícone do martelo )
<@> Clique simples,em SFC purge --> Clique em "GO" --> Aguarde!
<@> Ao concluir,saia/feche da ferramenta!
000000000000000000000000
oooooooooooooooooooooooo
<@> Baixe: < mbr.exe v.0.3.7 > ( by Gmer )
<@> Salve-o em C:\ ou C:\Documents and Settings\[userName]\,dando preferência ao diretório em que abre o prompt de comando.
<@> Vá em Iniciar --> Executar --> Digite: cmd --> OK.
<@> No prompt,digite: cd \ --> Aperte Enter.
<@> Digite: C:\>mbr.exe -f ou C:\Documents and Settings\[userName]\>mbr.exe -f
<@> Aperte Enter.
<@> Ps: Uma outra opção seria baixar mbr.exe,para o seu desktop.
<@> Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\mbr.exe" -f
<@> Clique OK.
<@> Poste: C:\mbr.txt ou C:\Documents and Settings\[userName]\mbr.txt
000000000000000000000000
oooooooooooooooooooooooo
<@> Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas.
<@> Salve-o,no Desktop,com o nome: CFScript.txt
>
File::c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
c:\windows\ServicePackFiles\i386\winlogon.exe
c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
c:\windows\ServicePackFiles\i386\comctl32.dll
c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
c:\windows\ServicePackFiles\i386\user32.dll
c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
c:\windows\ServicePackFiles\i386\explorer.exe
c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
c:\windows\ServicePackFiles\i386\ctfmon.exe
RegNull::
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar0]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar1]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar2]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar3]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar4]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Summary]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Settings]
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\WNDSTATUS]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
Folder::
c:\windows\NiwradSoft Shell Pack\Backup
Driver::
"splu"
<@> Ps: É recomendável que esteja desconectado,ao rodar o script.
<@> Ps: Desabilite,temporariamente,seu antivírus.
<@> Ps: Não utilizem este script em outra máquina!
<@> Arraste,o CFScript.txt para o ícone/interior do ComboFix.
<@> Veja a demonstração!
/applications/core/interface/imageproxy/imageproxy.php?img=http://farm4.static.flickr.com/3028/2872959479_997d4500c4_o.gif&key=5df91a69abacb5902724f70d14994f3bf5ba8d87bf300cea4c6fd8c885940cf0" alt="2872959479_997d4500c4_o.gif" />
<@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.
<@> Ps: Faça o arraste,até surgir essa solicitação! ( janela )
<@> Terminando,poste os relatórios: C:\ComboFix.txt + mbr.txt <--
<@> Ps: Ainda não terminamos! Daremos prosseguimento,em outro Post,gravando cópias que se fizerem necessárias,pelo script do ComboFix.
Abraços!
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 1 !
ComboFix 10-05-23.07 - Marcus 27/05/2010 10:56:50.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2045.1573 [GMT -3:00]
Executando de: c:\documents and settings\Marcus\Desktop\ComboFix.exe
Comandos utilizados :: c:\documents and settings\Marcus\Desktop\CFScript.txt
AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ESET Smart Security 3.0 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus On-access scanning disabled (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Firewall pessoal do ESET disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: Outpost Firewall disabled {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
* AV residente está ativo
FILE ::
"c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll"
"c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll"
"c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe"
"c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll"
"c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe"
"c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe"
"c:\windows\NiwradSoft Shell Pack\Backup\user32.dll"
"c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe"
"c:\windows\ServicePackFiles\i386\comctl32.dll"
"c:\windows\ServicePackFiles\i386\ctfmon.exe"
"c:\windows\ServicePackFiles\i386\explorer.exe"
"c:\windows\ServicePackFiles\i386\user32.dll"
"c:\windows\ServicePackFiles\i386\winlogon.exe"
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Marcus\mbr.exe
c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
c:\windows\NiwradSoft Shell Pack\Backup
c:\windows\NiwradSoft Shell Pack\Backup\access.cpl
c:\windows\NiwradSoft Shell Pack\Backup\acctres.dll
c:\windows\NiwradSoft Shell Pack\Backup\accwiz.exe
c:\windows\NiwradSoft Shell Pack\Backup\admparse.dll
c:\windows\NiwradSoft Shell Pack\Backup\ahui.exe
c:\windows\NiwradSoft Shell Pack\Backup\appmgr.dll
c:\windows\NiwradSoft Shell Pack\Backup\asctrls.ocx
c:\windows\NiwradSoft Shell Pack\Backup\Audiodev.dll
c:\windows\NiwradSoft Shell Pack\Backup\avtapi.dll
c:\windows\NiwradSoft Shell Pack\Backup\batmeter.dll
c:\windows\NiwradSoft Shell Pack\Backup\batt.dll
c:\windows\NiwradSoft Shell Pack\Backup\browseui.dll
c:\windows\NiwradSoft Shell Pack\Backup\bthci.dll
c:\windows\NiwradSoft Shell Pack\Backup\cabview.dll
c:\windows\NiwradSoft Shell Pack\Backup\capesnpn.dll
c:\windows\NiwradSoft Shell Pack\Backup\cards.dll
c:\windows\NiwradSoft Shell Pack\Backup\cdfview.dll
c:\windows\NiwradSoft Shell Pack\Backup\certmgr.dll
c:\windows\NiwradSoft Shell Pack\Backup\charmap.exe
c:\windows\NiwradSoft Shell Pack\Backup\ciadmin.dll
c:\windows\NiwradSoft Shell Pack\Backup\cleanmgr.exe
c:\windows\NiwradSoft Shell Pack\Backup\cliconfg.exe
c:\windows\NiwradSoft Shell Pack\Backup\cliconfg.rll
c:\windows\NiwradSoft Shell Pack\Backup\clipbrd.exe
c:\windows\NiwradSoft Shell Pack\Backup\clipsrv.exe
c:\windows\NiwradSoft Shell Pack\Backup\cmd.exe
c:\windows\NiwradSoft Shell Pack\Backup\cmdial32.dll
c:\windows\NiwradSoft Shell Pack\Backup\cmdl32.exe
c:\windows\NiwradSoft Shell Pack\Backup\cmmon32.exe
c:\windows\NiwradSoft Shell Pack\Backup\cmprops.dll
c:\windows\NiwradSoft Shell Pack\Backup\cmstp.exe
c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
c:\windows\NiwradSoft Shell Pack\Backup\comdlg32.dll
c:\windows\NiwradSoft Shell Pack\Backup\compatUI.dll
c:\windows\NiwradSoft Shell Pack\Backup\compstui.dll
c:\windows\NiwradSoft Shell Pack\Backup\comres.dll
c:\windows\NiwradSoft Shell Pack\Backup\conime.exe
c:\windows\NiwradSoft Shell Pack\Backup\console.dll
c:\windows\NiwradSoft Shell Pack\Backup\credui.dll
c:\windows\NiwradSoft Shell Pack\Backup\cryptui.dll
c:\windows\NiwradSoft Shell Pack\Backup\cscdll.dll
c:\windows\NiwradSoft Shell Pack\Backup\cscript.exe
c:\windows\NiwradSoft Shell Pack\Backup\cscui.dll
c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
c:\windows\NiwradSoft Shell Pack\Backup\dataclen.dll
c:\windows\NiwradSoft Shell Pack\Backup\ddeshare.exe
c:\windows\NiwradSoft Shell Pack\Backup\desk.cpl
c:\windows\NiwradSoft Shell Pack\Backup\deskadp.dll
c:\windows\NiwradSoft Shell Pack\Backup\deskmon.dll
c:\windows\NiwradSoft Shell Pack\Backup\deskperf.dll
c:\windows\NiwradSoft Shell Pack\Backup\devmgr.dll
c:\windows\NiwradSoft Shell Pack\Backup\dfrgres.dll
c:\windows\NiwradSoft Shell Pack\Backup\dfrgui.dll
c:\windows\NiwradSoft Shell Pack\Backup\dfshim.dll
c:\windows\NiwradSoft Shell Pack\Backup\digest.dll
c:\windows\NiwradSoft Shell Pack\Backup\diskcopy.dll
c:\windows\NiwradSoft Shell Pack\Backup\dmdlgs.dll
c:\windows\NiwradSoft Shell Pack\Backup\dmdskres.dll
c:\windows\NiwradSoft Shell Pack\Backup\dpmodemx.dll
c:\windows\NiwradSoft Shell Pack\Backup\dpvoice.dll
c:\windows\NiwradSoft Shell Pack\Backup\drwtsn32.exe
c:\windows\NiwradSoft Shell Pack\Backup\dsprop.dll
c:\windows\NiwradSoft Shell Pack\Backup\dsquery.dll
c:\windows\NiwradSoft Shell Pack\Backup\dsuiext.dll
c:\windows\NiwradSoft Shell Pack\Backup\dvdplay.exe
c:\windows\NiwradSoft Shell Pack\Backup\els.dll
c:\windows\NiwradSoft Shell Pack\Backup\eqnclass.dll
c:\windows\NiwradSoft Shell Pack\Backup\eventvwr.exe
c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
c:\windows\NiwradSoft Shell Pack\Backup\fde.dll
c:\windows\NiwradSoft Shell Pack\Backup\filemgmt.dll
c:\windows\NiwradSoft Shell Pack\Backup\fldrclnr.dll
c:\windows\NiwradSoft Shell Pack\Backup\fontext.dll
c:\windows\NiwradSoft Shell Pack\Backup\fsusd.dll
c:\windows\NiwradSoft Shell Pack\Backup\gcdef.dll
c:\windows\NiwradSoft Shell Pack\Backup\gpedit.dll
c:\windows\NiwradSoft Shell Pack\Backup\gptext.dll
c:\windows\NiwradSoft Shell Pack\Backup\grpconv.exe
c:\windows\NiwradSoft Shell Pack\Backup\hdwwiz.cpl
c:\windows\NiwradSoft Shell Pack\Backup\helpctr.exe
c:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
c:\windows\NiwradSoft Shell Pack\Backup\hnetwiz.dll
c:\windows\NiwradSoft Shell Pack\Backup\hotplug.dll
c:\windows\NiwradSoft Shell Pack\Backup\hticons.dll
c:\windows\NiwradSoft Shell Pack\Backup\hypertrm.exe
c:\windows\NiwradSoft Shell Pack\Backup\icmui.dll
c:\windows\NiwradSoft Shell Pack\Backup\icwdial.dll
c:\windows\NiwradSoft Shell Pack\Backup\ieaksie.dll
c:\windows\NiwradSoft Shell Pack\Backup\ieakui.dll
c:\windows\NiwradSoft Shell Pack\Backup\iepeers.dll
c:\windows\NiwradSoft Shell Pack\Backup\iernonce.dll
c:\windows\NiwradSoft Shell Pack\Backup\iesetup.dll
c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
c:\windows\NiwradSoft Shell Pack\Backup\inetcpl.cpl
c:\windows\NiwradSoft Shell Pack\Backup\inetcplc.dll
c:\windows\NiwradSoft Shell Pack\Backup\inetppui.dll
c:\windows\NiwradSoft Shell Pack\Backup\inetres.dll
c:\windows\NiwradSoft Shell Pack\Backup\input.dll
c:\windows\NiwradSoft Shell Pack\Backup\intl.cpl
c:\windows\NiwradSoft Shell Pack\Backup\ipsecsnp.dll
c:\windows\NiwradSoft Shell Pack\Backup\ipsmsnap.dll
c:\windows\NiwradSoft Shell Pack\Backup\irclass.dll
c:\windows\NiwradSoft Shell Pack\Backup\irprops.cpl
c:\windows\NiwradSoft Shell Pack\Backup\isign32.dll
c:\windows\NiwradSoft Shell Pack\Backup\itss.dll
c:\windows\NiwradSoft Shell Pack\Backup\ivfsrc.ax
c:\windows\NiwradSoft Shell Pack\Backup\jobexec.dll
c:\windows\NiwradSoft Shell Pack\Backup\joy.cpl
c:\windows\NiwradSoft Shell Pack\Backup\keymgr.dll
c:\windows\NiwradSoft Shell Pack\Backup\localsec.dll
c:\windows\NiwradSoft Shell Pack\Backup\logonui.exe
c:\windows\NiwradSoft Shell Pack\Backup\magnify.exe
c:\windows\NiwradSoft Shell Pack\Backup\main.cpl
c:\windows\NiwradSoft Shell Pack\Backup\mapi32.dll
c:\windows\NiwradSoft Shell Pack\Backup\mapistub.dll
c:\windows\NiwradSoft Shell Pack\Backup\mdminst.dll
c:\windows\NiwradSoft Shell Pack\Backup\mdwmdmsp.dll
c:\windows\NiwradSoft Shell Pack\Backup\midimap.dll
c:\windows\NiwradSoft Shell Pack\Backup\migpwd.exe
c:\windows\NiwradSoft Shell Pack\Backup\migwiz.exe
c:\windows\NiwradSoft Shell Pack\Backup\mmc.exe
c:\windows\NiwradSoft Shell Pack\Backup\mmcbase.dll
c:\windows\NiwradSoft Shell Pack\Backup\mmcndmgr.dll
c:\windows\NiwradSoft Shell Pack\Backup\mmcshext.dll
c:\windows\NiwradSoft Shell Pack\Backup\mmsys.cpl
c:\windows\NiwradSoft Shell Pack\Backup\mnmsrvc.exe
c:\windows\NiwradSoft Shell Pack\Backup\mobsync.dll
c:\windows\NiwradSoft Shell Pack\Backup\mobsync.exe
c:\windows\NiwradSoft Shell Pack\Backup\modemui.dll
c:\windows\NiwradSoft Shell Pack\Backup\moricons.dll
c:\windows\NiwradSoft Shell Pack\Backup\moviemk.exe
c:\windows\NiwradSoft Shell Pack\Backup\mplay32.exe
c:\windows\NiwradSoft Shell Pack\Backup\mprui.dll
c:\windows\NiwradSoft Shell Pack\Backup\mqsnap.dll
c:\windows\NiwradSoft Shell Pack\Backup\mqutil.dll
c:\windows\NiwradSoft Shell Pack\Backup\msconf.dll
c:\windows\NiwradSoft Shell Pack\Backup\msconfig.exe
c:\windows\NiwradSoft Shell Pack\Backup\mscorier.dll
c:\windows\NiwradSoft Shell Pack\Backup\msdxm.ocx
c:\windows\NiwradSoft Shell Pack\Backup\msgina.dll
c:\windows\NiwradSoft Shell Pack\Backup\mshearts.exe
c:\windows\NiwradSoft Shell Pack\Backup\mshta.exe
c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
c:\windows\NiwradSoft Shell Pack\Backup\msi.dll
c:\windows\NiwradSoft Shell Pack\Backup\msident.dll
c:\windows\NiwradSoft Shell Pack\Backup\msidntld.dll
c:\windows\NiwradSoft Shell Pack\Backup\msieftp.dll
c:\windows\NiwradSoft Shell Pack\Backup\msiexec.exe
c:\windows\NiwradSoft Shell Pack\Backup\msihnd.dll
c:\windows\NiwradSoft Shell Pack\Backup\msimn.exe
c:\windows\NiwradSoft Shell Pack\Backup\msinfo32.exe
c:\windows\NiwradSoft Shell Pack\Backup\msoeres.dll
c:\windows\NiwradSoft Shell Pack\Backup\mspaint.exe
c:\windows\NiwradSoft Shell Pack\Backup\msratelc.dll
c:\windows\NiwradSoft Shell Pack\Backup\msrating.dll
c:\windows\NiwradSoft Shell Pack\Backup\msshavmsg.dll
c:\windows\NiwradSoft Shell Pack\Backup\mstask.dll
c:\windows\NiwradSoft Shell Pack\Backup\mstsc.exe
c:\windows\NiwradSoft Shell Pack\Backup\mstscax.dll
c:\windows\NiwradSoft Shell Pack\Backup\msutb.dll
c:\windows\NiwradSoft Shell Pack\Backup\msvfw32.dll
c:\windows\NiwradSoft Shell Pack\Backup\msxml.dll
c:\windows\NiwradSoft Shell Pack\Backup\msxml2.dll
c:\windows\NiwradSoft Shell Pack\Backup\msxml3.dll
c:\windows\NiwradSoft Shell Pack\Backup\mycomput.dll
c:\windows\NiwradSoft Shell Pack\Backup\mydocs.dll
c:\windows\NiwradSoft Shell Pack\Backup\ncpa.cpl
c:\windows\NiwradSoft Shell Pack\Backup\netid.dll
c:\windows\NiwradSoft Shell Pack\Backup\netplwiz.dll
c:\windows\NiwradSoft Shell Pack\Backup\netsetup.exe
c:\windows\NiwradSoft Shell Pack\Backup\netshell.dll
c:\windows\NiwradSoft Shell Pack\Backup\newdev.dll
c:\windows\NiwradSoft Shell Pack\Backup\notepad.exe
c:\windows\NiwradSoft Shell Pack\Backup\nslookup.exe
c:\windows\NiwradSoft Shell Pack\Backup\ntbackup.exe
c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
c:\windows\NiwradSoft Shell Pack\Backup\ntlanui2.dll
c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
c:\windows\NiwradSoft Shell Pack\Backup\ntsd.exe
c:\windows\NiwradSoft Shell Pack\Backup\ntshrui.dll
c:\windows\NiwradSoft Shell Pack\Backup\nusrmgr.cpl
c:\windows\NiwradSoft Shell Pack\Backup\objsel.dll
c:\windows\NiwradSoft Shell Pack\Backup\occache.dll
c:\windows\NiwradSoft Shell Pack\Backup\odbcad32.exe
c:\windows\NiwradSoft Shell Pack\Backup\odbccp32.cpl
c:\windows\NiwradSoft Shell Pack\Backup\odbcint.dll
c:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
c:\windows\NiwradSoft Shell Pack\Backup\osk.exe
c:\windows\NiwradSoft Shell Pack\Backup\osuninst.dll
c:\windows\NiwradSoft Shell Pack\Backup\osuninst.exe
c:\windows\NiwradSoft Shell Pack\Backup\packager.exe
c:\windows\NiwradSoft Shell Pack\Backup\pautoenr.dll
c:\windows\NiwradSoft Shell Pack\Backup\perfmon.exe
c:\windows\NiwradSoft Shell Pack\Backup\photowiz.dll
c:\windows\NiwradSoft Shell Pack\Backup\pifmgr.dll
c:\windows\NiwradSoft Shell Pack\Backup\powercfg.cpl
c:\windows\NiwradSoft Shell Pack\Backup\printui.dll
c:\windows\NiwradSoft Shell Pack\Backup\progman.exe
c:\windows\NiwradSoft Shell Pack\Backup\proquota.exe
c:\windows\NiwradSoft Shell Pack\Backup\psbase.dll
c:\windows\NiwradSoft Shell Pack\Backup\quartz.dll
c:\windows\NiwradSoft Shell Pack\Backup\rasdlg.dll
c:\windows\NiwradSoft Shell Pack\Backup\rasphone.exe
c:\windows\NiwradSoft Shell Pack\Backup\rcimlby.exe
c:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
c:\windows\NiwradSoft Shell Pack\Backup\regwizc.dll
c:\windows\NiwradSoft Shell Pack\Backup\remotepg.dll
c:\windows\NiwradSoft Shell Pack\Backup\rstrui.exe
c:\windows\NiwradSoft Shell Pack\Backup\rtcshare.exe
c:\windows\NiwradSoft Shell Pack\Backup\rundll32.exe
c:\windows\NiwradSoft Shell Pack\Backup\sapi.cpl
c:\windows\NiwradSoft Shell Pack\Backup\scrobj.dll
c:\windows\NiwradSoft Shell Pack\Backup\sendmail.dll
c:\windows\NiwradSoft Shell Pack\Backup\servdeps.dll
c:\windows\NiwradSoft Shell Pack\Backup\setup.exe
c:\windows\NiwradSoft Shell Pack\Backup\setup_wm.exe
c:\windows\NiwradSoft Shell Pack\Backup\setupapi.dll
c:\windows\NiwradSoft Shell Pack\Backup\sfc_os.dll
c:\windows\NiwradSoft Shell Pack\Backup\shdoclc.dll
c:\windows\NiwradSoft Shell Pack\Backup\shdocvw.dll
c:\windows\NiwradSoft Shell Pack\Backup\shell32.dll
c:\windows\NiwradSoft Shell Pack\Backup\shimgvw.dll
c:\windows\NiwradSoft Shell Pack\Backup\shrpubw.exe
c:\windows\NiwradSoft Shell Pack\Backup\shscrap.dll
c:\windows\NiwradSoft Shell Pack\Backup\sigverif.exe
c:\windows\NiwradSoft Shell Pack\Backup\sndrec32.exe
c:\windows\NiwradSoft Shell Pack\Backup\sndvol32.exe
c:\windows\NiwradSoft Shell Pack\Backup\sol.exe
c:\windows\NiwradSoft Shell Pack\Backup\spider.exe
c:\windows\NiwradSoft Shell Pack\Backup\srchui.dll
c:\windows\NiwradSoft Shell Pack\Backup\srclient.dll
c:\windows\NiwradSoft Shell Pack\Backup\srrstr.dll
c:\windows\NiwradSoft Shell Pack\Backup\sti.dll
c:\windows\NiwradSoft Shell Pack\Backup\sti_ci.dll
c:\windows\NiwradSoft Shell Pack\Backup\stimon.exe
c:\windows\NiwradSoft Shell Pack\Backup\stobject.dll
c:\windows\NiwradSoft Shell Pack\Backup\storprop.dll
c:\windows\NiwradSoft Shell Pack\Backup\sxs.dll
c:\windows\NiwradSoft Shell Pack\Backup\syncapp.exe
c:\windows\NiwradSoft Shell Pack\Backup\syncui.dll
c:\windows\NiwradSoft Shell Pack\Backup\sysdm.cpl
c:\windows\NiwradSoft Shell Pack\Backup\syskey.exe
c:\windows\NiwradSoft Shell Pack\Backup\sysmon.ocx
c:\windows\NiwradSoft Shell Pack\Backup\sysocmgr.exe
c:\windows\NiwradSoft Shell Pack\Backup\syssetup.dll
c:\windows\NiwradSoft Shell Pack\Backup\tapiui.dll
c:\windows\NiwradSoft Shell Pack\Backup\taskmgr.exe
c:\windows\NiwradSoft Shell Pack\Backup\tcpmonui.dll
c:\windows\NiwradSoft Shell Pack\Backup\telephon.cpl
c:\windows\NiwradSoft Shell Pack\Backup\telnet.exe
c:\windows\NiwradSoft Shell Pack\Backup\themeui.dll
c:\windows\NiwradSoft Shell Pack\Backup\timedate.cpl
c:\windows\NiwradSoft Shell Pack\Backup\tourstart.exe
c:\windows\NiwradSoft Shell Pack\Backup\unimdm.tsp
c:\windows\NiwradSoft Shell Pack\Backup\upnpui.dll
c:\windows\NiwradSoft Shell Pack\Backup\url.dll
c:\windows\NiwradSoft Shell Pack\Backup\urlmon.dll
c:\windows\NiwradSoft Shell Pack\Backup\usbui.dll
c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
c:\windows\NiwradSoft Shell Pack\Backup\userenv.dll
c:\windows\NiwradSoft Shell Pack\Backup\utilman.exe
c:\windows\NiwradSoft Shell Pack\Backup\verifier.exe
c:\windows\NiwradSoft Shell Pack\Backup\wab.exe
c:\windows\NiwradSoft Shell Pack\Backup\wab32.dll
c:\windows\NiwradSoft Shell Pack\Backup\wab32res.dll
c:\windows\NiwradSoft Shell Pack\Backup\wabfind.dll
c:\windows\NiwradSoft Shell Pack\Backup\wabimp.dll
c:\windows\NiwradSoft Shell Pack\Backup\webcheck.dll
c:\windows\NiwradSoft Shell Pack\Backup\wextract.exe
c:\windows\NiwradSoft Shell Pack\Backup\wiaacmgr.exe
c:\windows\NiwradSoft Shell Pack\Backup\wiadefui.dll
c:\windows\NiwradSoft Shell Pack\Backup\wiashext.dll
c:\windows\NiwradSoft Shell Pack\Backup\winbrand.dll
c:\windows\NiwradSoft Shell Pack\Backup\winchat.exe
c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
c:\windows\NiwradSoft Shell Pack\Backup\winmine.exe
c:\windows\NiwradSoft Shell Pack\Backup\winntbbu.dll
c:\windows\NiwradSoft Shell Pack\Backup\winsrv.dll
c:\windows\NiwradSoft Shell Pack\Backup\wintrust.dll
c:\windows\NiwradSoft Shell Pack\Backup\wmplayer.exe
c:\windows\NiwradSoft Shell Pack\Backup\wpabaln.exe
c:\windows\NiwradSoft Shell Pack\Backup\WpdShext.dll
c:\windows\NiwradSoft Shell Pack\Backup\write.exe
c:\windows\NiwradSoft Shell Pack\Backup\wscui.cpl
c:\windows\NiwradSoft Shell Pack\Backup\wsecedit.dll
c:\windows\NiwradSoft Shell Pack\Backup\wuapi.dll
c:\windows\NiwradSoft Shell Pack\Backup\wuauclt.exe
c:\windows\NiwradSoft Shell Pack\Backup\wuaucpl.cpl
c:\windows\NiwradSoft Shell Pack\Backup\wuaueng1.dll
c:\windows\NiwradSoft Shell Pack\Backup\wucltui.dll
c:\windows\NiwradSoft Shell Pack\Backup\wupdmgr.exe
c:\windows\NiwradSoft Shell Pack\Backup\wuweb.dll
c:\windows\NiwradSoft Shell Pack\Backup\xpsp1res.dll
c:\windows\NiwradSoft Shell Pack\Backup\xpsp2res.dll
c:\windows\NiwradSoft Shell Pack\Backup\xpsp3res.dll
c:\windows\NiwradSoft Shell Pack\Backup\zipfldr.dll
c:\windows\ServicePackFiles\i386\comctl32.dll
c:\windows\ServicePackFiles\i386\ctfmon.exe
c:\windows\ServicePackFiles\i386\explorer.exe
c:\windows\ServicePackFiles\i386\user32.dll
c:\windows\ServicePackFiles\i386\winlogon.exe
.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-04-27 to 2010-05-27 ))))))))))))))))))))))))))))
.
2010-05-27 13:39 . 2010-05-27 13:39 2266718 ----a-w- C:\TS.zip
2010-05-26 00:38 . 2010-05-26 00:45 -------- d-----w- c:\arquivos de programas\cFosSpeed
2010-05-26 00:38 . 2009-10-30 15:25 288472 ------w- c:\windows\system32\cfosspeed.dll
2010-05-24 14:34 . 2010-05-24 14:36 -------- d-----w- C:\ToolBar SD
2010-05-24 14:26 . 2010-05-24 14:26 -------- d-----w- C:\toolb
2010-05-23 23:05 . 2010-05-23 23:05 -------- d-----w- C:\_OTL
2010-05-23 17:48 . 2008-04-13 14:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\arquivos de programas\TD74 Corporation
2010-05-23 17:39 . 2006-09-19 17:26 212992 ----a-w- c:\windows\VMSnap23.exe
2010-05-23 17:39 . 2006-06-28 05:54 49152 ----a-w- c:\windows\Domino.exe
2010-05-23 17:39 . 2006-03-30 23:24 81920 ----a-w- c:\windows\VMCap323.exe
2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\windows\CatRoot
2010-05-23 17:39 . 2007-04-24 14:56 257408 ----a-w- c:\windows\system32\drivers\usbvm323.sys
2010-05-23 16:58 . 2010-05-23 16:58 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-sse.dll
2010-05-23 16:58 . 2010-05-23 16:58 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-d3d.dll
2010-05-23 16:58 . 2010-05-23 16:58 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcp71.dll
2010-05-23 16:58 . 2010-05-23 16:58 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\jmc.dll
2010-05-23 16:58 . 2010-05-23 16:58 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcr71.dll
2010-05-22 12:46 . 2010-05-22 12:46 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-22 01:49 . 2010-05-22 12:45 -------- d-----w- c:\arquivos de programas\Pryme
2010-05-22 01:47 . 2010-05-22 12:45 -------- d-----w- C:\cmos
2010-05-22 01:25 . 2010-05-22 01:25 -------- d-----w- c:\arquivos de programas\STV
2010-05-09 14:32 . 2010-05-09 22:25 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NCH Swift Sound
2010-05-09 14:32 . 2010-05-09 14:32 -------- d-----w- c:\arquivos de programas\NCH Software
2010-05-09 14:31 . 2010-05-09 22:26 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\NCH Swift Sound
2010-05-09 14:28 . 2010-05-09 14:28 -------- d-----w- c:\arquivos de programas\MIKSOFT
2010-05-07 16:58 . 2010-05-07 16:58 152064 ----a-w- c:\windows\snap.dat
2010-05-07 16:55 . 2010-04-12 20:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-01 04:10 . 2010-05-01 05:43 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\TS3Client
2010-05-01 04:09 . 2010-05-01 04:09 -------- d-----w- c:\arquivos de programas\TeamSpeak 3 Client
2010-04-28 01:05 . 2010-04-28 01:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia
2010-04-28 01:01 . 2010-04-28 01:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite
2010-04-28 01:00 . 2010-04-28 01:00 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution
2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys
2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys
2010-04-28 01:00 . 2007-02-22 13:15 8320 ----a-w- c:\windows\system32\drivers\nmwcdc.sys
2010-04-28 01:00 . 2007-02-22 13:15 137216 ----a-w- c:\windows\system32\drivers\nmwcd.sys
2010-04-28 01:00 . 2007-02-22 13:15 65536 ----a-w- c:\windows\system32\nmwcdcocls.dll
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-27 03:02 . 2008-11-15 14:03 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\uTorrent
2010-05-25 23:37 . 2007-05-21 21:11 -------- d-----w- c:\arquivos de programas\Serviços on-line
2010-05-25 12:11 . 2008-11-15 14:03 -------- d-----w- c:\arquivos de programas\uTorrent
2010-05-25 01:55 . 2007-05-21 22:36 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield
2010-05-24 14:30 . 2007-06-07 11:06 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-22 12:46 . 2008-11-05 21:01 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS
2010-05-22 10:51 . 2009-09-02 12:01 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2010-05-22 01:25 . 2007-05-21 22:37 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2010-05-19 18:57 . 2010-03-07 03:52 -------- d-----w- c:\arquivos de programas\Full Tilt Poker
2010-05-12 20:51 . 2007-05-23 22:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help
2010-05-12 01:42 . 2008-11-27 23:07 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\LimeWire
2010-05-11 03:09 . 2009-09-22 01:36 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live
2010-05-07 16:55 . 2008-03-08 17:38 -------- d-----w- c:\arquivos de programas\Java
2010-05-01 02:20 . 2007-05-23 22:37 -------- d-----w- c:\arquivos de programas\CCleaner
2010-04-28 14:33 . 2008-10-11 12:19 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\Nokia Multimedia Player
2010-04-28 01:28 . 2008-11-28 00:03 -------- d-----w- c:\arquivos de programas\LG PC Suite II
2010-04-28 01:05 . 2008-10-11 11:01 -------- d-----w- c:\arquivos de programas\Nokia
2010-04-23 00:57 . 2010-02-25 16:01 26112 ----a-w- c:\windows\system32\drivers\tap0901.sys
2010-04-19 19:50 . 2009-11-04 15:12 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack
2010-04-16 18:00 . 2010-04-19 19:50 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-03 19:22 . 2010-04-03 19:22 2336 ----a-w- C:\boot.bat
2010-03-15 09:31 . 2002-10-15 22:54 165376 ----a-w- c:\windows\system32\unrar.dll
2010-03-12 15:05 . 2010-03-12 15:05 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcp71.dll
2010-03-12 15:05 . 2010-03-12 15:05 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\jmc.dll
2010-03-12 15:05 . 2010-03-12 15:05 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcr71.dll
2010-03-12 15:05 . 2010-03-12 15:05 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-sse.dll
2010-03-12 15:05 . 2010-03-12 15:05 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-d3d.dll
2010-03-12 15:04 . 2004-08-04 12:00 79832 ----a-w- c:\windows\system32\perfc016.dat
2010-03-12 15:04 . 2004-08-04 12:00 470730 ----a-w- c:\windows\system32\perfh016.dat
2010-03-10 06:16 . 2004-08-04 07:45 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-26 15:05 . 2010-02-26 15:05 72488 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2009-09-04 21:00 . 2009-09-04 21:00 916430 ----a-w- c:\arquivos de programas\Apr2006_MDX1_x86.cab
2008-08-12 00:07 . 2008-07-17 22:49 29806 ----a-w- c:\arquivos de programas\megacubo_log.log
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\ssldivx.dll
.
------- Sigcheck -------
[-] 2008-04-14 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . 54701D40A8E060872E666D48FDA27A19 . 1542656 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-05-26_13.51.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-27 13:53 . 2010-05-27 13:53 16384 c:\windows\Temp\Perflib_Perfdata_7cc.dat
+ 2010-05-27 13:53 . 2010-05-27 13:53 16384 c:\windows\Temp\Perflib_Perfdata_1a4.dat
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\arquivos de programas\Intel\IDU\iptray.exe" [2006-12-28 2242328]
"nwiz"="c:\arquivos de programas\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"OutpostMonitor"="c:\arquiv~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
"avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2009-11-11 417792]
"AppleSyncNotifier"="c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]
"NSLauncher"="c:\arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576]
"SigmatelSysTrayApp"="sttray.exe" [2006-05-26 282624]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk]
backup=c:\windows\pss\Orbit.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^hamachi.lnk]
backup=c:\windows\pss\hamachi.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]
backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-03-29 17:54 2343120 ----a-w- c:\arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 17:51 177440 ----a-w- c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:20 40448 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-07-24 15:02 490952 ----a-w- c:\arquivos de programas\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 13:44 31072 ----a-w- c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2006-07-07 23:15 600896 ----a-w- c:\arquivos de programas\Microsoft IntelliPoint\ipoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-12 08:30 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 21:07 141608 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\arquivos de programas\Microsoft IntelliType Pro\itype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 18:44 3883840 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-14 16:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Openwares LiveUpdate]
2003-12-13 17:17 61440 ----a-w- c:\program files\LIVEUPDATE\LiveUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 01:08 417792 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Dados de aplicativos\\NexonUS\\NGM\\NGM.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"=
"c:\\Arquivos de programas\\MegaJogos\\jre\\jre\\bin\\javaw.exe"=
"c:\\Arquivos de programas\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56458:TCP"= 56458:TCP:Pando Media Booster
"56458:UDP"= 56458:UDP:Pando Media Booster
"56911:TCP"= 56911:TCP:Pando Media Booster
"56911:UDP"= 56911:UDP:Pando Media Booster
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [19/01/2010 11:23 130936]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [03/11/2009 20:52 704384]
R2 acssrv;Agnitum Client Security Service;c:\arquiv~1\Agnitum\OUTPOS~1\acs.exe [03/11/2009 20:49 1195008]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [12/01/2010 13:31 108289]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [03/11/2009 20:49 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [03/11/2009 20:52 257432]
R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [10/06/2002 00:09 31232]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/11/2008 11:26 717296]
S2 gupdate1ca7415f53b919c;Google Update Service (gupdate1ca7415f53b919c);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [03/12/2009 09:41 133104]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys --> c:\windows\system32\DRIVERS\3xHybrid.sys [?]
S3 exdisk;Express Disk Service;c:\windows\system32\drivers\exdisk.sys [21/05/2007 19:50 14074]
S3 GarenaPEngine;GarenaPEngine; [x]
S3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys [22/10/2009 10:45 31908]
S3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\drivers\lgmcbus.sys [27/11/2008 21:05 83584]
S3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\drivers\lgmcmdfl.sys [27/11/2008 21:05 14976]
S3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\drivers\lgmcmdm.sys [27/11/2008 21:05 110464]
S3 lgmcobex;LGE Mobile USB WMC OBEX Interface;c:\windows\system32\drivers\lgmcobex.sys [27/11/2008 21:05 100480]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 PhTVTune;ENCORE TV Tuner Pro PCI Adapter;c:\windows\system32\drivers\PhTVTune.sys [18/08/2007 15:24 28480]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11/01/2010 08:28 27064]
S3 sdAuxService;PC Tools Auxiliary Service;c:\arquivos de programas\Spyware Doctor\pctsAuxs.exe [19/01/2010 11:23 348752]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25/01/2008 06:12 25088]
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job
2010-05-27 c:\windows\Tasks\AWC AutoSweep.job
2010-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2010-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2010-05-27 c:\windows\Tasks\OGALogon.job
.
.
------- Scan Suplementar -------
.
mWindow Title =
uInternet Settings,ProxyOverride = local
IE: &Clean Traces
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://thefreevpn.com/home.php
FF - prefs.js: keyword.URL - hxxp://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p=
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-27 11:06
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar0]
"BarID"=dword:0000e81b
"Bars"=dword:00000003
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e800
"Bar#2"=dword:00000000
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar1]
"BarID"=dword:0000e81c
"Bars"=dword:00000004
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e807
"Bar#2"=dword:0000e806
"Bar#3"=dword:00000000
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar2]
"BarID"=dword:0000e800
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000001f5
"MRUDockBottomPos"=dword:00000036
"MRUFloatStyle"=dword:00002000
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar3]
"BarID"=dword:0000e806
"XPos"=dword:fffffffe
"YPos"=dword:00000141
"Docking"=dword:00000001
"MRUDockID"=dword:0000e81c
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:00000141
"MRUDockRightPos"=dword:000000c6
"MRUDockBottomPos"=dword:00000287
"MRUFloatStyle"=dword:00002004
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar4]
"BarID"=dword:0000e807
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000000c6
"MRUDockBottomPos"=dword:00000143
"MRUFloatStyle"=dword:00002004
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Summary]
"Bars"=dword:00000005
"ScreenCX"=dword:00000400
"ScreenCY"=dword:00000300
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Settings]
"FirstRun"=dword:00000000
"xScreen"=dword:00000400
"yScreen"=dword:000002c4
"floats"="1.000000 0.500000 0.500000 120 120"
"skin"="ISR_10Moons.dll"
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\WNDSTATUS]
"FLAG"=dword:00000000
"SHOWCMD"=dword:00000001
"LEFT"=dword:fffffffc
"TOP"=dword:fffffffc
"RIGHT"=dword:00000404
"BOTTOM"=dword:000002e2
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\setupapi.dll
.
Tempo para conclusão: 2010-05-27 11:08:28
ComboFix-quarantined-files.txt 2010-05-27 14:08
ComboFix2.txt 2010-05-26 13:56
ComboFix3.txt 2010-05-24 14:59
Pré-execução: 51 pasta(s) 46.605.873.152 bytes disponíveis
Pós execução: 52 pasta(s) 46.427.955.200 bytes disponíveis
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
Boa Tarde! .martiello
<!> Siga,na ordem estas instruções!
0000000000000000000000
oooooooooooooooooooooo
<@> Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.geekstogo.com/misc/guide_icons/ATF.gif&key=51f9da928153be89d6c4027548f1e6e749a4235dfd1ec769e6ff1a37c1182d6a" alt="ATF.gif" /> > ( ...by Atribune )
<@> Salve-o no Desktop!
<@> Reinicie o computador,em Modo de Segurança!
<@> Clique em ATF-Cleaner.exe
<@> Em "Select Files To Delete",marque Select All.
<@> Clique em Empty Selected.
<@> Na janela Done Cleaning,dê o OK --> Exit
<@> Atenção: Se utiliza o Firefox:
*** No topo,clique em Firefox e escolha: Select All --> Clique em Empty Selected**.
<@> Atenção: Se utiliza o Opera:
*** No topo,clique em Opera e escolha: Select All --> Clique em Empty Selected**.
<@> Reinicie,normalmente,o computador.
0000000000000000000000
oooooooooooooooooooooo
<@> Descompacte TS.zip,para a pasta: c:\windows\ServicePackFiles\i386 <--
<@> Portanto.passaremos a ter o seguinte caminho: c:\windows\ServicePackFiles\i386\TS
0000000000000000000000
oooooooooooooooooooooo
<@> Selecione e copie,todo o conteúdo que está na área do QUOTE,para o Bloco de Notas.
<@> Salve-o,no Desktop,com o nome: CFScript.txt
>
RESTORE::c:\windows\system32\comctl32.dll
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\setupapi.dll
C:\WINDOWS\system32\syssetup.dll
c:\windows\system32\user32.dll
c:\windows\system32\ctfmon.exe
c:\windows\explorer.exe
<@> Ps: É recomendável que esteja desconectado,ao rodar o script.
<@> Ps: Desabilite,temporariamente,seu antivírus.
<@> Ps: Não utilizem este script em outra máquina!
<@> Arraste,o CFScript.txt para o ícone/interior do ComboFix.
<@> Veja a demonstração!
/applications/core/interface/imageproxy/imageproxy.php?img=http://farm4.static.flickr.com/3028/2872959479_997d4500c4_o.gif&key=5df91a69abacb5902724f70d14994f3bf5ba8d87bf300cea4c6fd8c885940cf0" alt="2872959479_997d4500c4_o.gif" />
<@> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.
<@> Ps: Faça o arraste,até surgir essa solicitação! ( janela )
<@> Terminando,poste: C:\ComboFix.txt
0000000000000000000000
oooooooooooooooooooooo
<!> Ps: Caso esteja tudo Ok,e sem incidentes de percurso,baixe esta ferramenta: The Comedian
0000000000000000000000
oooooooooooooooooooooo
<@> Baixe: < The_Comedian > ( ...by Rorschach112 )
<@> Salve-o no desktop,renomeado como: komedian.exe
<@> Execute komedian.exe,com um duplo-clique.
<@> Siga as várias etapas ( Steps 1,2,3,4.. ),sempre apertando Enter.
Step 1 --> Turning off wordwrap..
Step 2 --> Fixing file associations
Step 3 --> Creating an ERUNT registry backup..
<@> Permita a instalação de ERUNT,que estabelecerá backup ao registro.
<@> Conclua a etapa 4 ( Step 4 ),que irá criar um novo Ponto de restauração do sistema.
<@> Confirme a finalização dessa etapa,que terminará automaticamente.
<@> Por default,o backup estará em: C:\WINDOWS\ERUNT\d-m-2010
Abraços!
ComboFix 10-05-23.07 - Marcus 27/05/2010 20:50:29.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2045.1563 [GMT -3:00]
Executando de: c:\documents and settings\Marcus\Desktop\ComboFix.exe
Comandos utilizados :: c:\documents and settings\Marcus\Desktop\CFScript.txt
AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ESET Smart Security 3.0 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus On-access scanning disabled (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Firewall pessoal do ESET disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: Outpost Firewall disabled {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
* AV residente está ativo
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
A cópia de c:\windows\explorer.exe foi encontrada e desinfectada
Cópia restaurada de - c:\windows\ServicePackFiles\i386\TS\explorer.exe
A cópia de c:\windows\system32\comctl32.dll foi encontrada e desinfectada
Cópia restaurada de - c:\windows\ServicePackFiles\i386\TS\comctl32.dll
A cópia de c:\windows\system32\ctfmon.exe foi encontrada e desinfectada
Cópia restaurada de - c:\system volume information\_restore{9722A98C-9BBF-474D-B81F-F14975B21EDA}\RP212\A0067368.exe
A cópia de c:\windows\system32\setupapi.dll foi encontrada e desinfectada
Cópia restaurada de - c:\windows\ServicePackFiles\i386\TS\setupapi.dll
A cópia de c:\windows\system32\syssetup.dll foi encontrada e desinfectada
Cópia restaurada de - c:\windows\ServicePackFiles\i386\TS\syssetup.dll
A cópia de c:\windows\system32\user32.dll foi encontrada e desinfectada
Cópia restaurada de - c:\windows\ServicePackFiles\i386\TS\user32.dll
A cópia de c:\windows\system32\winlogon.exe foi encontrada e desinfectada
Cópia restaurada de - c:\windows\ServicePackFiles\i386\TS\winlogon.exe
.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-04-27 to 2010-05-27 ))))))))))))))))))))))))))))
.
2010-05-27 13:39 . 2010-05-27 13:39 2266718 ----a-w- C:\TS.zip
2010-05-26 00:38 . 2010-05-26 00:45 -------- d-----w- c:\arquivos de programas\cFosSpeed
2010-05-26 00:38 . 2009-10-30 15:25 288472 ------w- c:\windows\system32\cfosspeed.dll
2010-05-24 14:34 . 2010-05-24 14:36 -------- d-----w- C:\ToolBar SD
2010-05-24 14:26 . 2010-05-24 14:26 -------- d-----w- C:\toolb
2010-05-23 23:05 . 2010-05-23 23:05 -------- d-----w- C:\_OTL
2010-05-23 17:48 . 2008-04-13 14:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\arquivos de programas\TD74 Corporation
2010-05-23 17:39 . 2006-09-19 17:26 212992 ----a-w- c:\windows\VMSnap23.exe
2010-05-23 17:39 . 2006-06-28 05:54 49152 ----a-w- c:\windows\Domino.exe
2010-05-23 17:39 . 2006-03-30 23:24 81920 ----a-w- c:\windows\VMCap323.exe
2010-05-23 17:39 . 2010-05-23 17:39 -------- d-----w- c:\windows\CatRoot
2010-05-23 17:39 . 2007-04-24 14:56 257408 ----a-w- c:\windows\system32\drivers\usbvm323.sys
2010-05-22 12:46 . 2010-05-22 12:46 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-22 01:49 . 2010-05-22 12:45 -------- d-----w- c:\arquivos de programas\Pryme
2010-05-22 01:47 . 2010-05-22 12:45 -------- d-----w- C:\cmos
2010-05-22 01:25 . 2010-05-22 01:25 -------- d-----w- c:\arquivos de programas\STV
2010-05-09 14:32 . 2010-05-09 22:25 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NCH Swift Sound
2010-05-09 14:32 . 2010-05-09 14:32 -------- d-----w- c:\arquivos de programas\NCH Software
2010-05-09 14:31 . 2010-05-09 22:26 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\NCH Swift Sound
2010-05-09 14:28 . 2010-05-09 14:28 -------- d-----w- c:\arquivos de programas\MIKSOFT
2010-05-07 16:58 . 2010-05-07 16:58 152064 ----a-w- c:\windows\snap.dat
2010-05-07 16:55 . 2010-04-12 20:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-01 04:10 . 2010-05-01 05:43 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\TS3Client
2010-05-01 04:09 . 2010-05-01 04:09 -------- d-----w- c:\arquivos de programas\TeamSpeak 3 Client
2010-04-28 01:05 . 2010-04-28 01:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Nokia
2010-04-28 01:01 . 2010-04-28 01:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PCSuite
2010-04-28 01:00 . 2010-04-28 01:00 -------- d-----w- c:\arquivos de programas\PC Connectivity Solution
2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys
2010-04-28 01:00 . 2007-02-22 13:15 12288 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys
2010-04-28 01:00 . 2007-02-22 13:15 8320 ----a-w- c:\windows\system32\drivers\nmwcdc.sys
2010-04-28 01:00 . 2007-02-22 13:15 137216 ----a-w- c:\windows\system32\drivers\nmwcd.sys
2010-04-28 01:00 . 2007-02-22 13:15 65536 ----a-w- c:\windows\system32\nmwcdcocls.dll
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-27 23:35 . 2007-06-07 11:06 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-27 17:32 . 2008-11-15 14:03 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\uTorrent
2010-05-25 23:37 . 2007-05-21 21:11 -------- d-----w- c:\arquivos de programas\Serviços on-line
2010-05-25 12:11 . 2008-11-15 14:03 -------- d-----w- c:\arquivos de programas\uTorrent
2010-05-25 01:55 . 2007-05-21 22:36 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield
2010-05-23 16:58 . 2010-05-23 16:58 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-sse.dll
2010-05-23 16:58 . 2010-05-23 16:58 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6b8c2a79-n\decora-d3d.dll
2010-05-23 16:58 . 2010-05-23 16:58 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcp71.dll
2010-05-23 16:58 . 2010-05-23 16:58 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\jmc.dll
2010-05-23 16:58 . 2010-05-23 16:58 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2b79a7b3-n\msvcr71.dll
2010-05-22 12:46 . 2008-11-05 21:01 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NexonUS
2010-05-22 10:51 . 2009-09-02 12:01 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2010-05-22 01:25 . 2007-05-21 22:37 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2010-05-19 18:57 . 2010-03-07 03:52 -------- d-----w- c:\arquivos de programas\Full Tilt Poker
2010-05-12 20:51 . 2007-05-23 22:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help
2010-05-12 01:42 . 2008-11-27 23:07 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\LimeWire
2010-05-11 03:09 . 2009-09-22 01:36 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live
2010-05-07 16:55 . 2008-03-08 17:38 -------- d-----w- c:\arquivos de programas\Java
2010-05-01 02:20 . 2007-05-23 22:37 -------- d-----w- c:\arquivos de programas\CCleaner
2010-04-28 14:33 . 2008-10-11 12:19 -------- d-----w- c:\documents and settings\Marcus\Dados de aplicativos\Nokia Multimedia Player
2010-04-28 01:28 . 2008-11-28 00:03 -------- d-----w- c:\arquivos de programas\LG PC Suite II
2010-04-28 01:05 . 2008-10-11 11:01 -------- d-----w- c:\arquivos de programas\Nokia
2010-04-23 00:57 . 2010-02-25 16:01 26112 ----a-w- c:\windows\system32\drivers\tap0901.sys
2010-04-19 19:50 . 2009-11-04 15:12 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack
2010-04-16 18:00 . 2010-04-19 19:50 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-03 19:22 . 2010-04-03 19:22 2336 ----a-w- C:\boot.bat
2010-03-15 09:31 . 2002-10-15 22:54 165376 ----a-w- c:\windows\system32\unrar.dll
2010-03-12 15:05 . 2010-03-12 15:05 503808 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcp71.dll
2010-03-12 15:05 . 2010-03-12 15:05 499712 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\jmc.dll
2010-03-12 15:05 . 2010-03-12 15:05 348160 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43823346-n\msvcr71.dll
2010-03-12 15:05 . 2010-03-12 15:05 61440 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-sse.dll
2010-03-12 15:05 . 2010-03-12 15:05 12800 ----a-w- c:\documents and settings\Marcus\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3ec352b1-n\decora-d3d.dll
2010-03-12 15:04 . 2004-08-04 12:00 79832 ----a-w- c:\windows\system32\perfc016.dat
2010-03-12 15:04 . 2004-08-04 12:00 470730 ----a-w- c:\windows\system32\perfh016.dat
2010-03-10 06:16 . 2004-08-04 07:45 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-09-04 21:00 . 2009-09-04 21:00 916430 ----a-w- c:\arquivos de programas\Apr2006_MDX1_x86.cab
2008-08-12 00:07 . 2008-07-17 22:49 29806 ----a-w- c:\arquivos de programas\megacubo_log.log
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\arquivos de programas\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\arquivos de programas\Intel\IDU\iptray.exe" [2006-12-28 2242328]
"nwiz"="c:\arquivos de programas\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"OutpostMonitor"="c:\arquiv~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\arquivos de programas\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
"avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2009-11-11 417792]
"AppleSyncNotifier"="c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]
"NSLauncher"="c:\arquivos de programas\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576]
"SigmatelSysTrayApp"="sttray.exe" [2006-05-26 282624]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk]
backup=c:\windows\pss\Orbit.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^hamachi.lnk]
backup=c:\windows\pss\hamachi.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Marcus^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]
backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-03-29 17:54 2343120 ----a-w- c:\arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 17:51 177440 ----a-w- c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:20 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-07-24 15:02 490952 ----a-w- c:\arquivos de programas\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 13:44 31072 ----a-w- c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2006-07-07 23:15 600896 ----a-w- c:\arquivos de programas\Microsoft IntelliPoint\ipoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-12 08:30 81920 ----a-w- c:\arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 21:07 141608 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\arquivos de programas\Microsoft IntelliType Pro\itype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 18:44 3883840 ----a-w- c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-14 16:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Openwares LiveUpdate]
2003-12-13 17:17 61440 ----a-w- c:\program files\LIVEUPDATE\LiveUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 01:08 417792 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Dados de aplicativos\\NexonUS\\NGM\\NGM.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"=
"c:\\Arquivos de programas\\MegaJogos\\jre\\jre\\bin\\javaw.exe"=
"c:\\Arquivos de programas\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=
"c:\\Arquivos de programas\\Megacubo\\megacubo.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56458:TCP"= 56458:TCP:Pando Media Booster
"56458:UDP"= 56458:UDP:Pando Media Booster
"56911:TCP"= 56911:TCP:Pando Media Booster
"56911:UDP"= 56911:UDP:Pando Media Booster
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [19/01/2010 11:23 130936]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/11/2008 11:26 717296]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [03/11/2009 20:52 704384]
R2 acssrv;Agnitum Client Security Service;c:\arquiv~1\Agnitum\OUTPOS~1\acs.exe [03/11/2009 20:49 1195008]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [12/01/2010 13:31 108289]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [03/11/2009 20:49 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [03/11/2009 20:52 257432]
R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [10/06/2002 00:09 31232]
S2 gupdate1ca7415f53b919c;Google Update Service (gupdate1ca7415f53b919c);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [03/12/2009 09:41 133104]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys --> c:\windows\system32\DRIVERS\3xHybrid.sys [?]
S3 exdisk;Express Disk Service;c:\windows\system32\drivers\exdisk.sys [21/05/2007 19:50 14074]
S3 GarenaPEngine;GarenaPEngine; [x]
S3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys [22/10/2009 10:45 31908]
S3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\drivers\lgmcbus.sys [27/11/2008 21:05 83584]
S3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\drivers\lgmcmdfl.sys [27/11/2008 21:05 14976]
S3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\drivers\lgmcmdm.sys [27/11/2008 21:05 110464]
S3 lgmcobex;LGE Mobile USB WMC OBEX Interface;c:\windows\system32\drivers\lgmcobex.sys [27/11/2008 21:05 100480]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 PhTVTune;ENCORE TV Tuner Pro PCI Adapter;c:\windows\system32\drivers\PhTVTune.sys [18/08/2007 15:24 28480]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11/01/2010 08:28 27064]
S3 sdAuxService;PC Tools Auxiliary Service;c:\arquivos de programas\Spyware Doctor\pctsAuxs.exe [19/01/2010 11:23 348752]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25/01/2008 06:12 25088]
.
Conteúdo da pasta 'Tarefas Agendadas'
2009-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job
2010-05-27 c:\windows\Tasks\AWC AutoSweep.job
2010-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2010-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2010-05-27 c:\windows\Tasks\OGALogon.job
.
.
------- Scan Suplementar -------
.
mWindow Title =
uInternet Settings,ProxyOverride = local
IE: &Clean Traces
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://thefreevpn.com/home.php
FF - prefs.js: keyword.URL - hxxp://br.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_br&p=
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\Marcus\Dados de aplicativos\Mozilla\Firefox\Profiles\mnctdmk7.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-27 20:59
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spus.sys >>UNKNOWN [0x8A643938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80ecf28
\Driver\ACPI -> ACPI.sys @ 0xb7e67cb8
\Driver\atapi -> atapi.sys @ 0xb7dfcb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Intel® PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xb7ccfbb0
PacketIndicateHandler -> NDIS.sys @ 0xb7cdca21
SendHandler -> NDIS.sys @ 0xb7cba87b
user & kernel MBR OK
copy of MBR has been found in sector 1 !
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar0]
"BarID"=dword:0000e81b
"Bars"=dword:00000003
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e800
"Bar#2"=dword:00000000
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar1]
"BarID"=dword:0000e81c
"Bars"=dword:00000004
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e807
"Bar#2"=dword:0000e806
"Bar#3"=dword:00000000
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar2]
"BarID"=dword:0000e800
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000001f5
"MRUDockBottomPos"=dword:00000036
"MRUFloatStyle"=dword:00002000
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar3]
"BarID"=dword:0000e806
"XPos"=dword:fffffffe
"YPos"=dword:00000141
"Docking"=dword:00000001
"MRUDockID"=dword:0000e81c
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:00000141
"MRUDockRightPos"=dword:000000c6
"MRUDockBottomPos"=dword:00000287
"MRUFloatStyle"=dword:00002004
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Bar4]
"BarID"=dword:0000e807
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000000c6
"MRUDockBottomPos"=dword:00000143
"MRUFloatStyle"=dword:00002004
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Bars\Settings-Summary]
"Bars"=dword:00000005
"ScreenCX"=dword:00000400
"ScreenCY"=dword:00000300
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\Settings]
"FirstRun"=dword:00000000
"xScreen"=dword:00000400
"yScreen"=dword:000002c4
"floats"="1.000000 0.500000 0.500000 120 120"
"skin"="ISR_10Moons.dll"
[HKEY_USERS\S-1-5-21-1078081533-1409082233-725345543-1006\Software\10Moons\þV Gr Om ȉ hV *\WNDSTATUS]
"FLAG"=dword:00000000
"SHOWCMD"=dword:00000001
"LEFT"=dword:fffffffc
"TOP"=dword:fffffffc
"RIGHT"=dword:00000404
"BOTTOM"=dword:000002e2
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\WININET.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\arquivos de programas\Scpad\scpLIB.dll
c:\arquivos de programas\Scpad\scpMIB.dll
c:\arquivos de programas\Scpad\sshib.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\arquivos de programas\Avira\AntiVir Desktop\avguard.exe
c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\arquivos de programas\Intel\IDU\awServ.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe
c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\snmp.exe
c:\arquivos de programas\SigmaTel\C-Major Audio\WDM\STacSV.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\sttray.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-05-27 21:05:32 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-05-28 00:05
ComboFix2.txt 2010-05-27 14:08
ComboFix3.txt 2010-05-26 13:56
ComboFix4.txt 2010-05-24 14:59
Pré-execução: 51 pasta(s) 46.147.018.752 bytes disponíveis
Pós execução: 52 pasta(s) 46.084.259.840 bytes disponíveis
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
Após finalizar a etapa 4 do komedian.exe o que deve fazer?
>
Após finalizar a etapa 4 do komedian.exe o que deve fazer?
///////////////\\\\\\\\\\\\\\
Boa Noite! .matiello
<!> Nada! Pois essa etapa estabeleceu novo ponto de "Restauração do sistema".
<!> Ps: Seus problemas de validação de assinaturas,foram resolvidos!
<!> Repita,novamente,o procedimento com a ferramenta Gmer_MBR :seta: Poste o relatório!
0000000000000000000
ooooooooooooooooooo
<!> Link-2 < RootRepeal.zip >
<!> Link-3 < RootRepeal.zip >
<@> Descompacte-o para o desktop.
<@> Abra a o programa,e clique em "Report" --> "Scan" < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/forums/rootRepeal/btnScan.png&key=c4a2a6b4e8eaa7b5ab0927306fe0a1cdd46ee6164550a81fdc9e94b429a8c388" alt="btnScan.png" /> >
/applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/forums/rootRepeal/checkBoxes2.png&key=be49a162d78a7dea044a47836faa06e3c6f8ee4a92e87485a209e3de82803a51" alt="checkBoxes2.png" />
<@> Marque,àcima,as 7 caixinhas. --> Clique OK.
<@> Escolha,à seguir,seu drive. ( C:\ ou D:\ ) --> OK.
<@> Dê início ao scan e,ao terminar,clique em "Save Report" < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/forums/rootRepeal/saveReport.png&key=399c3b103158911df77b6130a22f658f6a81c096fc1d0d8edc40246b2e278055" alt="saveReport.png" /> >
<@> Salve-o com o nome: "RootRepeal.txt" <-- Relatório!
Abraços!
Desculpe, ferramenta Gmer_MBR ??? Já baixei ela no processo?
>
Desculpe, ferramenta Gmer_MBR ??? Já baixei ela no processo?
/////////////\\\\\\\\\\\\\\\
Bom Dia! .matiello
<!> Sim! Mas...em todo caso,vai aqui sua repetição.
0000000000000000
oooooooooooooooo
<@> Baixe: < mbr.exe v.0.3.7 > ( by Gmer )
<@> Salve-o em C:\ ou C:\Documents and Settings\[userName]\,dando preferência ao diretório em que abre o prompt de comando.
<@> Vá em Iniciar --> Executar --> Digite: cmd --> OK.
<@> No prompt,digite: cd \ --> Aperte Enter.
<@> Digite: C:\>mbr.exe -f ou C:\Documents and Settings\[userName]\>mbr.exe -f
<@> Aperte Enter.
<@> Ps: Uma outra opção seria baixar mbr.exe,para o seu desktop.
<@> Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\mbr.exe" -f
<@> Clique OK.
<@> Poste: C:\mbr.txt ou C:\Documents and Settings\[userName]\mbr.txt
Abraços!
Boa Tarde! .matiello
<@> Baixe: < RHosts > (...by SiRi )
<@> Salve-o no desktop!
<@> Ps: Execute-o e,à seguir,clique em "Restore original Hosts".
<@> Reinicie o computador!
0000000000000000000000
oooooooooooooooooooooo
<@> Baixe: < Malwarebytes' Anti-Malware >
<@> Link - 2: < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.malwarebytes.org/images/marcinsig.gif&key=2c45e7fd674c4b18d376ffbe83bf82547806ac60e230409c7eb4c31999009760" alt="marcinsig.gif" /> >
<@> Ps: Salve ou imprima estas instruções:
>
<@> Ps: Caso o MBAM encontre arquivos que não consiga remover,poderá ter de reiniciar o PC. Talvez mais de uma vez!
<@> Ps: Faça isso imediatamente,ao ser perguntado se quer reiniciar.
0000000000000000000
<!> Selecione, copie e cole o conteúdo do log do MBAM,na sua próxima resposta.
<!> Poste,também,HijackThis atualizado.
Abraços!